VIRY.CZ

Bohužel bez nelegálního officu se ted nepohnu, openoffice mi hází errory a s officema pracujeme ve škole. Legální se pokouším sehnat, bohužel zatím bez výsledků

To sice chapu, ale.....

Claire* píše:Našel ještě jeden soubor: Trojan.AutoKMS

To je crack na office. Pokud je infikovany a nechate si ho tam, nema cisteni smysl.

Změnila jsem na jiný Office (sice nelegální, ale jinak vyřešený crack). Tamten jsem smazala.

Dejte novy log z RSIT

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-12-25 14:33:37
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 128 GB (54%) free of 238 GB
Total RAM: 894 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:33:54, on 25.12.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Translate Client\translateclient.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\PDF Architect\HelperService.exe
C:\Program Files\PDF Architect\ConversionService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Admin\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX230"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 1858886000
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

--
End of file - 9567 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ADMIN-130349736-Admin.job
C:\WINDOWS\tasks\AutoKMS.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\3kidxstb.default-1384084430125

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-12-20 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-30 266240]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2013-12-20 12240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-06-28 344064]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-11-15 77824]
"EEventManager"=C:\Program Files\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-08-16 152392]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-18 684600]
"ApnTBMon"=C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2013-12-20 1778640]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"EPLTarget\P0000000000000000"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE [2012-02-29 249440]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Translate Client.lnk - C:\Program Files\Translate Client\translateclient.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-06-28 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe"="C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2013-12-23 20:45:11 ----D---- C:\Program Files\iWisoft Free Video Downloader
2013-12-21 17:26:37 ----D---- C:\WINDOWS\RegisteredPackages
2013-12-21 17:26:01 ----A---- C:\WINDOWS\system32\psisdecd.dll
2013-12-21 17:26:01 ----A---- C:\WINDOWS\system32\drivers\wstcodec.sys
2013-12-21 17:26:01 ----A---- C:\WINDOWS\system32\drivers\streamip.sys
2013-12-21 17:26:01 ----A---- C:\WINDOWS\system32\drivers\slip.sys
2013-12-21 17:26:01 ----A---- C:\WINDOWS\system32\drivers\ndisip.sys
2013-12-21 17:26:00 ----A---- C:\WINDOWS\system32\drivers\nabtsfec.sys
2013-12-21 17:26:00 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2013-12-21 17:26:00 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2013-12-21 17:26:00 ----A---- C:\WINDOWS\system32\drivers\ccdecode.sys
2013-12-21 17:26:00 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2013-12-21 17:21:13 ----D---- C:\Program Files\DirectX
2013-12-21 15:32:24 ----D---- C:\Program Files\EA GAMES
2013-12-21 14:21:26 ----D---- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz
2013-12-21 14:20:09 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2013-12-21 14:20:04 ----D---- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
2013-12-21 14:20:00 ----D---- C:\Program Files\DAEMON Tools Lite
2013-12-21 14:13:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2013-12-21 14:12:26 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2013-12-20 19:13:36 ----D---- C:\Program Files\Mozilla Firefox
2013-12-17 20:13:31 ----D---- C:\Program Files\Abrosoft
2013-12-15 15:36:29 ----D---- C:\WINDOWS\AutoKMS
2013-12-15 15:05:07 ----D---- C:\Program Files\Common Files\DESIGNER
2013-12-15 15:04:23 ----D---- C:\Program Files\Microsoft.NET
2013-12-15 15:00:54 ----D---- C:\WINDOWS\SHELLNEW
2013-12-15 15:00:52 ----D---- C:\Program Files\Microsoft Analysis Services
2013-12-15 15:00:08 ----D---- C:\Program Files\Microsoft Office
2013-12-15 14:59:39 ----RHD---- C:\MSOCache
2013-12-14 12:30:49 ----A---- C:\WINDOWS\RtlRack.ini
2013-12-12 21:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2013-12-12 21:33:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2893984$
2013-12-12 18:10:42 ----D---- C:\AdwCleaner
2013-12-12 17:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-12 17:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-12 17:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-06 21:43:58 ----D---- C:\Program Files\OpenXML-ODF Translator
2013-12-04 21:21:41 ----D---- C:\Program Files\Common Files\Wondershare
2013-12-04 21:21:27 ----HD---- C:\Program Files\Dr.Fone_Temp
2013-12-04 21:21:26 ----D---- C:\Program Files\Wondershare
2013-11-30 17:58:45 ----D---- C:\Program Files\Topaz Labs
2013-11-30 17:58:44 ----D---- C:\Program Files\Common Files\Topaz Labs
2013-11-30 15:14:42 ----D---- C:\KMPlayer
2013-11-30 13:02:50 ----D---- C:\Program Files\Yamicsoft
2013-11-29 15:06:22 ----D---- C:\Program Files\Azbuka

======List of files/folders modified in the last 1 month======

2013-12-25 14:33:46 ----D---- C:\WINDOWS\Prefetch
2013-12-25 14:33:45 ----D---- C:\WINDOWS\temp
2013-12-25 14:33:42 ----D---- C:\Program Files\trend micro
2013-12-25 14:01:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\iRinger
2013-12-25 13:27:20 ----D---- C:\Program Files\The KMPlayer
2013-12-25 12:03:23 ----D---- C:\Documents and Settings\Admin\Data aplikací\translateclient
2013-12-25 12:02:41 ----D---- C:\WINDOWS\system32
2013-12-25 11:48:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-12-24 20:14:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-24 11:06:38 ----D---- C:\WINDOWS
2013-12-23 23:43:05 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-23 20:45:11 ----RD---- C:\Program Files
2013-12-23 16:42:49 ----HD---- C:\WINDOWS\inf
2013-12-23 16:42:36 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-12-21 17:57:17 ----SHD---- C:\WINDOWS\Installer
2013-12-21 17:57:16 ----SHD---- C:\Config.Msi
2013-12-21 17:32:21 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-21 17:26:51 ----D---- C:\WINDOWS\system32\DirectX
2013-12-21 17:26:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-12-21 17:26:35 ----D---- C:\WINDOWS\system32\drivers
2013-12-21 17:26:08 ----D---- C:\WINDOWS\system32\CatRoot
2013-12-21 15:54:30 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-12-21 15:04:26 ----A---- C:\WINDOWS\NeroDigital.ini
2013-12-19 18:04:24 ----RSD---- C:\WINDOWS\assembly
2013-12-19 18:04:24 ----D---- C:\WINDOWS\Microsoft.NET
2013-12-18 19:38:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-12-17 20:57:34 ----A---- C:\WINDOWS\win.ini
2013-12-17 20:57:33 ----D---- C:\Program Files\Common Files\System
2013-12-17 17:11:46 ----D---- C:\WINDOWS\WinSxS
2013-12-15 19:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2013-12-15 17:17:06 ----SHD---- C:\System Volume Information
2013-12-15 17:16:45 ----D---- C:\WINDOWS\Registration
2013-12-15 15:55:06 ----SD---- C:\WINDOWS\Tasks
2013-12-15 15:37:38 ----SD---- C:\Documents and Settings\Admin\Data aplikací\Microsoft
2013-12-15 15:27:59 ----D---- C:\WINDOWS\system32\cs-cz
2013-12-15 15:20:12 ----D---- C:\WINDOWS\system32\en-US
2013-12-15 15:08:23 ----D---- C:\WINDOWS\system32\config
2013-12-15 15:06:41 ----RSD---- C:\WINDOWS\Fonts
2013-12-15 15:06:20 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-12-15 15:05:07 ----D---- C:\Program Files\Common Files
2013-12-14 22:12:17 ----D---- C:\WINDOWS\system32\Restore
2013-12-14 21:50:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-12-14 21:47:50 ----D---- C:\Program Files\SqueakyChocolate
2013-12-13 18:53:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-12-12 21:34:11 ----D---- C:\Program Files\Internet Explorer
2013-12-12 21:34:02 ----D---- C:\WINDOWS\ie8updates
2013-12-12 21:33:36 ----A---- C:\WINDOWS\imsins.BAK
2013-12-12 17:54:24 ----D---- C:\WINDOWS\system32\MRT
2013-12-12 17:44:37 ----A---- C:\WINDOWS\system32\MRT.exe
2013-12-11 18:56:24 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-07 21:47:42 ----D---- C:\Documents and Settings\Admin\Data aplikací\vlc
2013-12-01 12:03:52 ----D---- C:\Documents and Settings\Admin\Data aplikací\Youtube Downloader HD
2013-11-30 13:19:16 ----RD---- C:\WINDOWS\Web
2013-11-30 13:16:18 ----A---- C:\WINDOWS\ODBCINST.INI
2013-11-30 13:09:25 ----D---- C:\WINDOWS\system32\ias
2013-11-30 13:09:09 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2013-12-18 135648]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2013-11-19 37352]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2012-08-27 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2013-12-18 90400]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-11-17 2297664]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-06-28 1241088]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-12-21 243128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt []
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-11-19 440376]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-18 440376]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-12-18 1011768]
R2 APNMCP;Ask Update Service; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-12-20 166352]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-06-28 376832]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 553288]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-06-28 516096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Tak snad uz konecne posledni sken....

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe , ulozte na plochu a spustte.
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

OTL Extras logfile created on: 25.12.2013 16:08:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,48 Mb Total Physical Memory | 396,84 Mb Available Physical Memory | 44,37% Memory free
2,21 Gb Paging File | 1,19 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 124,77 Gb Free Space | 53,58% Space Free | Partition Type: NTFS
Drive E: | 150,37 Gb Total Space | 119,29 Gb Free Space | 79,33% Space Free | Partition Type: FAT32

Computer Name: ADMIN-130349736 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe" = C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\vbc.exe:*:Enabled:Visual Basic Command Line Compiler -- (Microsoft Corporation)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{02879F39-159A-4414-9943-CDE355138D62}" = WinXP Manager
"{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{1A2A15C2-6780-49c1-B296-503230E9DE00}" = The Sims™ 2 Sídla a zahrady Kolekce
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-in for Microsoft Office
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41564952-412D-5637-00A7-A758B70C0A00}" = Avira SearchFree Toolbar
"{4817189D-1785-4627-A33C-39FD90919300}" = The Sims™ 2 Mazlíčci
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{6522C636-B04C-4333-9BEB-9E0C0B6350D6}" = The Sims™ 2 Koupelny a kuchyně Interiérový design Kolekce
"{6BDD9CE6-D0A6-478A-BAD3-BA6945E89EB0}" = The Sims 2 Pro rodinnou zábavu - Kolekce
"{6D45EF03-E8EE-4355-81C3-F918CBCF1029}" = Nero 8
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = The Sims 2 Ve světě podnikání
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}" = The Sims™ 2 H&M® Móda Kolekce
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}" = The Sims 2 University
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9B486871-27EB-49A5-8832-77176E63333C}" = iTunes
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}" = The Sims™ 2 Pro luxusní život - Kolekce
"{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}" = Epson Easy Photo Print 2
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = The Sims™ 2 Šťastnou cestu
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"3herosoft iPhone to Computer Transfer" = 3herosoft iPhone to Computer Transfer
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = KMP Service
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira Free Antivirus
"Azbuka_is1" = Azbuka 1.0.3.4
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"EPSON Scanner" = EPSON Scan
"EPSON SX230 Series" = Odinstalace tiskárny EPSON SX230 Series
"EPSON SX230 Series Bog" = Základní uživatelská příručka EPSON SX230 Series
"EPSON SX230 Series Useg" = Uživatelská příručka EPSON SX230 Series
"ie8" = Windows Internet Explorer 8
"iWisoft Free Video Downloader_is1" = iWisoft Free Video Downloader 2.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office 2010 pro studenty a domácnosti
"Stellarium_is1" = Stellarium 0.12.4
"The KMPlayer" = The KMPlayer (remove only)
"Topaz Clean 3" = Topaz Clean 3
"Totalcmd" = Total Commander (Remove or Repair)
"Translate Client" = Client for Google Translate
"VLC media player" = VLC media player 2.1.0
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Youtube Downloader HD_is1" = Youtube Downloader HD v. 2.9.9.10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre Studio X" = PhotoFiltre Studio X
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 21.12.2013 11:43:39 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace sims2launcher.exe, verze 1.0.0.1, chybující modul
sims2launcher.exe, verze 1.0.0.1, adresa chyby 0x00002167.

Error - 21.12.2013 11:46:55 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace sims2launcher.exe, verze 1.0.0.1, chybující modul
sims2launcher.exe, verze 1.0.0.1, adresa chyby 0x00002167.

Error - 21.12.2013 11:46:57 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1001
Description = Chybný blok 932010900

Error - 21.12.2013 12:17:34 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
shell32.dll, verze 6.0.2900.6242, adresa chyby 0x0002b663.

Error - 21.12.2013 12:17:42 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 21.12.2013 13:28:34 | Computer Name = ADMIN-130349736 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace iTunes.exe, verze 11.0.5.5, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 22.12.2013 14:21:51 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.5512, chybující modul
ole32.dll, verze 5.1.2600.6435, adresa chyby 0x0008bec6.

Error - 22.12.2013 14:22:04 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1001
Description = Chybný blok -443063886

Error - 22.12.2013 14:22:10 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 24.12.2013 8:55:04 | Computer Name = ADMIN-130349736 | Source = Application Error | ID = 1000
Description = Chybující aplikace nmindexstoresvr.exe, verze 3.3.8.0, chybující modul
unknown, verze 0.0.0.0, adresa chyby 0x02a6d809.

[ OSession Events ]
Error - 15.12.2013 9:05:31 | Computer Name = ADMIN-130349736 | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

Error - 15.12.2013 9:09:56 | Computer Name = ADMIN-130349736 | Source = Microsoft Office 12 Sessions | ID = 7001
Description =

[ System Events ]
Error - 21.12.2013 10:29:10 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:12 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:14 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:16 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:22 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:25 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:27 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 21.12.2013 10:29:29 | Computer Name = ADMIN-130349736 | Source = Cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 24.12.2013 6:06:27 | Computer Name = ADMIN-130349736 | Source = Service Control Manager | ID = 7009
Description = Vypršel časový limit (30000 milisekund) čekání na připojení služby
Avira Web Protection.

Error - 24.12.2013 6:06:29 | Computer Name = ADMIN-130349736 | Source = Service Control Manager | ID = 7000
Description = Služba Avira Web Protection neuspěla při spuštění v důsledku následující
chyby: %%1053

< End of report >

OTL logfile created on: 25.12.2013 16:08:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

894,48 Mb Total Physical Memory | 396,84 Mb Available Physical Memory | 44,37% Memory free
2,21 Gb Paging File | 1,19 Gb Available in Paging File | 53,71% Paging File free
Paging file location(s): C:\pagefile.sys 1440 2880 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 124,77 Gb Free Space | 53,58% Space Free | Partition Type: NTFS
Drive E: | 150,37 Gb Total Space | 119,29 Gb Free Space | 79,33% Space Free | Partition Type: FAT32

Computer Name: ADMIN-130349736 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.12.25 16:06:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Dokumenty\Stažené soubory\OTL.exe
PRC - [2013.12.20 20:29:08 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.12.20 20:28:57 | 001,778,640 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.12.20 19:13:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.12.18 18:39:03 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.18 18:38:12 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.12.18 18:38:09 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.12.18 18:37:55 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.11.19 15:34:00 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.04.08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\HelperService.exe
PRC - [2013.04.08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) -- C:\Program Files\PDF Architect\ConversionService.exe
PRC - [2011.11.27 23:44:16 | 001,703,936 | ---- | M] (Alexey ILJIN) -- C:\Program Files\Translate Client\translateclient.exe
PRC - [2010.10.12 12:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2009.05.14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.11.15 17:20:20 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe

========== Modules (No Company Name) ==========

MOD - [2013.12.20 19:13:51 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.12.11 18:56:19 | 016,242,056 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013.07.31 21:54:53 | 000,394,824 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.04.21 20:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013.04.21 20:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.07.01 19:34:04 | 000,344,064 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2012.05.11 06:21:48 | 000,172,544 | ---- | M] () -- C:\WINDOWS\system32\iMobileDisk.dll
MOD - [2006.01.08 14:53:24 | 000,005,120 | ---- | M] () -- C:\WINDOWS\system32\hash2.dll

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.20 20:29:08 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.12.20 19:13:51 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.12.18 18:39:03 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.12.18 18:38:12 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.12.11 18:56:27 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.19 15:34:00 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.04.08 17:44:12 | 001,320,496 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2013.04.08 17:43:36 | 000,799,280 | ---- | M] (pdfforge GmbH) [Auto | Running] -- C:\Program Files\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2009.05.14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver)
DRV - [2013.12.21 14:20:09 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2013.12.18 18:39:13 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.12.18 18:39:13 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.19 15:34:40 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.13 23:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139)
DRV - [2005.06.28 19:01:56 | 001,241,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.11.17 18:05:38 | 002,297,664 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2003.12.31 10:58:46 | 000,069,504 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2013.11.03 20:58:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2013.11.16 17:09:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\3kidxstb.default-1384084430125\extensions
[2013.10.27 20:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profilesahs68hmw.default\extensions
[2013.10.27 20:08:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profilesahs68hmw.default\extensions\staged
[2013.11.10 12:56:33 | 000,348,260 | ---- | M] () (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\3kidxstb.default-1384084430125\extensions\personas@christopher.beard.xpi
[2013.12.20 19:13:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.20 19:13:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\3KIDXSTB.DEFAULT-1384084430125\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_1\
CHR - Extension: Disk Google = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Vyhled\u00e1v\u00e1n\u00ed Google = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Pen\u011b\u017eenka Google = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013.11.02 16:00:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Translate Client.lnk = C:\Program Files\Translate Client\translateclient.exe (Alexey ILJIN)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 1858886000 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77E54460-8B39-4D04-B021-F5B405BABEF3}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.11.23 21:40:00 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013.12.23 20:45:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dokumenty\iWisoft Free Video Downloader
[2013.12.23 20:45:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\iWisoft Free Video Downloader
[2013.12.23 20:45:11 | 000,000,000 | ---D | C] -- C:\Program Files\iWisoft Free Video Downloader
[2013.12.21 17:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2013.12.21 17:26:01 | 000,018,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2013.12.21 17:26:01 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2013.12.21 17:26:01 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2013.12.21 17:26:01 | 000,010,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2013.12.21 17:26:00 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2013.12.21 17:26:00 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2013.12.21 17:26:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2013.12.21 17:26:00 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2013.12.21 17:26:00 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2013.12.21 17:26:00 | 000,052,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdv.sys
[2013.12.21 17:26:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2013.12.21 17:26:00 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2013.12.21 17:26:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2013.12.21 17:26:00 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bdaplgin.ax
[2013.12.21 17:26:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2013.12.21 17:26:00 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mpe.sys
[2013.12.21 17:26:00 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2013.12.21 17:26:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2013.12.21 17:26:00 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2013.12.21 17:26:00 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bdasup.sys
[2013.12.21 17:26:00 | 000,011,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2013.12.21 17:25:57 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2013.12.21 17:21:13 | 000,000,000 | ---D | C] -- C:\Program Files\DirectX
[2013.12.21 16:46:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\EA Games
[2013.12.21 15:53:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Dokumenty\EA Games
[2013.12.21 15:53:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\EA GAMES
[2013.12.21 15:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES
[2013.12.21 14:21:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz
[2013.12.21 14:20:09 | 000,243,128 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.12.21 14:20:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2013.12.21 14:20:00 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2013.12.21 14:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.12.21 14:12:26 | 000,445,504 | R--- | C] (On2.com) -- C:\WINDOWS\System32\vp6vfw.dll
[2013.12.20 19:13:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.12.17 20:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Abrosoft
[2013.12.15 15:36:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\AutoKMS
[2013.12.15 15:06:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Microsoft Office
[2013.12.15 15:05:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.12.15 15:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.12.15 15:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft
[2013.12.15 15:00:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\SHELLNEW
[2013.12.15 15:00:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.12.15 15:00:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.12.15 14:59:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.12.12 18:10:42 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.06 21:43:58 | 000,000,000 | ---D | C] -- C:\Program Files\OpenXML-ODF Translator
[2013.12.06 21:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Nabídka Start\Programy\ODF Add-in for Microsoft Office
[2013.12.04 21:22:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\Wondershare
[2013.12.04 21:21:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Wondershare
[2013.12.04 21:21:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wondershare
[2013.12.04 21:21:27 | 000,000,000 | -H-D | C] -- C:\Program Files\Dr.Fone_Temp
[2013.12.04 21:21:26 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2013.11.30 17:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\Topaz Labs
[2013.11.30 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2013.11.30 15:14:42 | 000,000,000 | ---D | C] -- C:\KMPlayer
[2013.11.30 13:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\Yamicsoft
[2013.11.30 13:02:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Nabídka Start\Programy\WinXP Manager
[2013.11.29 15:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Azbuka
[2013.11.29 15:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Azbuka
[2013.11.27 17:23:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\AskPartnerNetwork
[2013.11.26 20:56:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Plocha\Hurts 8.11.2013
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.12.25 16:14:11 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.25 15:55:00 | 000,000,266 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2013.12.25 15:53:10 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.25 12:02:41 | 000,003,298 | ---- | M] () -- C:\WINDOWS\System32\StyleVista.png
[2013.12.25 12:02:41 | 000,003,137 | ---- | M] () -- C:\WINDOWS\System32\StyleVistaDown.png
[2013.12.25 12:02:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.24 20:14:19 | 000,496,908 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.24 20:14:19 | 000,491,658 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.12.24 20:14:19 | 000,099,170 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.12.24 20:14:19 | 000,085,392 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.12.24 14:35:04 | 000,046,422 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\del.jpg
[2013.12.24 12:55:51 | 000,016,512 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts_(Logo).png
[2013.12.24 12:46:24 | 000,006,355 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Bez názvu-3a.png
[2013.12.24 12:41:05 | 000,015,917 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Bez názvu-3.png
[2013.12.24 12:41:04 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS6 – předvolby
[2013.12.23 22:35:47 | 000,001,480 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Adobe Uložit pro web 13.0 Prefs
[2013.12.23 22:35:46 | 000,996,949 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-1a.gif
[2013.12.23 22:35:17 | 000,893,782 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-2a.gif
[2013.12.23 22:32:02 | 000,784,598 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-2.gif
[2013.12.23 22:31:28 | 000,996,442 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-1.gif
[2013.12.22 10:54:22 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.12.21 15:04:26 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.21 15:04:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.12.21 14:20:32 | 000,001,613 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2013.12.21 14:20:09 | 000,243,128 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2013.12.20 20:47:21 | 000,074,492 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2013.12.18 18:39:13 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.12.18 18:39:13 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.15 15:42:44 | 003,910,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.15 14:31:36 | 000,008,280 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\free-vector-wrong-cross-clip-art_110075_Wrong_Cross_clip_art_hight.png
[2013.12.14 17:43:32 | 071,307,236 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Hurts - Wonderful Life.mp4
[2013.12.14 12:37:23 | 000,000,227 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2013.12.12 21:33:36 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.12.11 18:56:24 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.11 18:56:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.08 21:17:56 | 000,149,970 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\IMG_0862a.jpg
[2013.12.08 20:02:11 | 000,148,385 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\b643f42a603811e396dd12943c767152_8.jpg
[2013.11.30 13:16:18 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2013.11.30 13:02:52 | 000,001,894 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\WinXP Manager.lnk
[2013.11.29 15:06:32 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Azbuka.lnk
[2013.11.28 19:10:23 | 000,000,541 | ---- | M] () -- C:\Documents and Settings\Admin\Plocha\Zástupce - Seminárka.lnk
[2013.11.27 17:21:36 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Adobe Formát GIF CS6 – předvolby
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.12.25 16:14:11 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.24 14:35:03 | 000,046,422 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\del.jpg
[2013.12.24 12:55:50 | 000,016,512 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts_(Logo).png
[2013.12.24 12:46:23 | 000,006,355 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Bez názvu-3a.png
[2013.12.24 12:41:04 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Adobe Formát PNG CS6 – předvolby
[2013.12.24 12:41:03 | 000,015,917 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Bez názvu-3.png
[2013.12.23 22:35:43 | 000,996,949 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-1a.gif
[2013.12.23 22:35:14 | 000,893,782 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-2a.gif
[2013.12.23 22:32:00 | 000,784,598 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-2.gif
[2013.12.23 22:31:26 | 000,996,442 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts-Fin-1.gif
[2013.12.21 17:26:01 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2013.12.21 17:26:01 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2013.12.21 17:26:01 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\psisrndr.ax
[2013.12.21 17:26:01 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2013.12.21 17:26:00 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\msdvbnp.ax
[2013.12.21 17:26:00 | 000,052,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2013.12.21 14:20:32 | 000,001,613 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\DAEMON Tools Lite.lnk
[2013.12.15 15:36:29 | 000,000,266 | ---- | C] () -- C:\WINDOWS\tasks\AutoKMS.job
[2013.12.15 14:31:30 | 000,008,280 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\free-vector-wrong-cross-clip-art_110075_Wrong_Cross_clip_art_hight.png
[2013.12.14 17:36:37 | 071,307,236 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Hurts - Wonderful Life.mp4
[2013.12.14 12:30:49 | 000,000,227 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2013.12.08 21:17:53 | 000,149,970 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\IMG_0862a.jpg
[2013.12.08 20:02:09 | 000,148,385 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\b643f42a603811e396dd12943c767152_8.jpg
[2013.11.30 13:02:52 | 000,001,894 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\WinXP Manager.lnk
[2013.11.29 15:06:32 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Azbuka.lnk
[2013.11.28 19:10:23 | 000,000,541 | ---- | C] () -- C:\Documents and Settings\Admin\Plocha\Zástupce - Seminárka.lnk
[2013.11.27 17:21:36 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\Adobe Formát GIF CS6 – předvolby
[2013.11.24 13:16:14 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2013.11.19 17:45:34 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Admin\.rnd
[2013.11.13 19:37:09 | 000,001,480 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Adobe Uložit pro web 13.0 Prefs
[2013.10.17 15:29:05 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013.10.13 19:49:46 | 000,074,492 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2013.10.13 15:19:57 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.10.13 12:54:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2013.10.12 20:29:07 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2013.10.12 20:28:35 | 000,095,617 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2013.10.12 20:23:44 | 000,001,486 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2013.10.12 19:48:04 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013.10.12 19:48:02 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2013.10.12 19:48:02 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.10.12 19:34:23 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.10.12 19:33:16 | 003,910,616 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.10.12 19:04:31 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.10.12 18:07:13 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.10.12 18:02:33 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.05.11 06:21:48 | 000,172,544 | ---- | C] () -- C:\WINDOWS\System32\iMobileDisk.dll

========== ZeroAccess Check ==========

[2013.10.20 10:14:26 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.12.21 16:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2013.10.29 19:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Epson
[2013.11.09 21:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2013.10.12 21:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GHISLER
[2013.10.16 19:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PDF Architect
[2013.10.13 11:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PhotoFiltre Studio X
[2013.11.17 12:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Publish Providers
[2013.12.21 17:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz
[2013.11.17 12:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sony
[2013.11.13 19:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.15 19:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Stellarium
[2013.12.25 12:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\translateclient
[2013.12.01 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Youtube Downloader HD
[2013.10.13 10:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013.11.01 20:47:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\APN
[2013.11.16 11:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AskPartnerNetwork
[2013.12.21 16:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2013.10.13 11:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EPSON
[2013.12.25 14:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\iRinger
[2013.10.13 20:01:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
[2013.11.16 11:26:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sony
[2013.10.13 09:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\UDL

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013.10.12 18:03:28 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.10.12 18:11:38 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.11.02 21:49:05 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.11.09 18:22:49 | 000,000,342 | ---- | C] () -- C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-ADMIN-130349736-Admin.job
[2013.12.15 15:36:29 | 000,000,266 | ---- | C] () -- C:\WINDOWS\Tasks\AutoKMS.job

< >

< MD5 for: AGP440.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\cmdcons\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 13:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 13:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 13:00:00 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys

< MD5 for: ISAPNP.SYS >
[2008.04.14 13:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 13:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\78164ced3d5a2fc0ae34c8af2ce15419\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\78164ced3d5a2fc0ae34c8af2ce15419\download\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.11.13 19:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2013.10.15 18:58:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Apple Computer
[2013.11.16 11:37:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Avira
[2013.12.21 16:02:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
[2013.10.29 19:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Epson
[2013.11.09 21:01:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GetRightToGo
[2013.10.12 21:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\GHISLER
[2013.10.13 11:05:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2013.10.13 09:27:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2013.10.12 19:18:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2013.10.13 07:55:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2013.12.15 15:37:38 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2013.11.03 20:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2013.11.19 17:46:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nero
[2013.10.16 19:53:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PDF Architect
[2013.10.13 11:19:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\PhotoFiltre Studio X
[2013.11.17 12:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Publish Providers
[2013.12.21 17:38:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz
[2013.11.17 12:09:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sony
[2013.11.13 19:17:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013.10.15 19:59:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Stellarium
[2013.10.12 23:25:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2013.12.25 12:03:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\translateclient
[2013.12.07 21:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\vlc
[2013.10.13 14:23:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\WinRAR
[2013.12.01 12:03:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Youtube Downloader HD

< %APPDATA%\*.exe /s >
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\ClearMem.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\ClickCleaner.exe
[2013.11.30 13:02:53 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\ContextMenuManager.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\DesktopCleaner.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\DiskAnalyzer.exe
[2013.11.30 13:02:53 | 000,013,262 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\DuplicateFilesFinder.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\FileSecurity.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\FileSplitter.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\IconManager.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\IEManager.exe
[2013.11.30 13:02:53 | 000,017,542 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\IPSwitcher.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\JunkFileCleaner.exe
[2013.11.30 13:02:53 | 000,005,430 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\LiveUpdate.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\OptimizationWizard.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\PrivacyProtector.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\ProcessManager.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\RegistryCleaner.exe
[2013.11.30 13:02:53 | 000,009,662 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\RegistryDefrag.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\RepairCenter.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\RunShortcutCreator.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\ServiceManager.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\Shutdown.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\StartupManager.exe
[2013.11.30 13:02:53 | 000,014,534 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\SystemFolder_msiexec.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\SystemInfo.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\Uninstaller.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\WallpaperChanger.exe
[2013.11.30 13:02:53 | 000,015,086 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{02879F39-159A-4414-9943-CDE355138D62}\WinXP_Manager.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Seznam.cz\sznsetup.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2013.10.12 19:32:06 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.10.12 19:32:06 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.10.12 19:32:06 | 000,487,424 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.12.24 20:14:19 | 000,099,170 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.12.24 20:14:19 | 000,085,392 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.12.24 20:14:19 | 000,491,658 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.12.24 20:14:19 | 000,496,908 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.12.24 20:14:19 | 001,191,594 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.12.25 12:02:41 | 000,003,298 | ---- | M] () -- C:\WINDOWS\system32\StyleVista.png
[2013.12.25 12:02:41 | 000,003,137 | ---- | M] () -- C:\WINDOWS\system32\StyleVistaDown.png
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.06.24 16:06:06 | 001,840,424 | ---- | M] (Nero AG)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.10.28 09:29:38 | 003,675,352 | ---- | M] (Disc Soft Ltd)
"EPLTarget\P0000000000000000" = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus SX230" -- [2012.02.29 07:03:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=3
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.25 16:14:11 | 000,000,512 | ---- | M] () MD5=7FB2926D047C4900E5FD74949E74C507 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2008.03.30 14:48:34 | 000,056,971 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\EA Games\The Sims 2\Downloads\#9 MTS\York Kitchen by ~Dee~\York Kitchen By~Dee~\YorkCrackers~Dee~mesh.package

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.12.01 13:13:07 | 000,000,106 | ---- | M] () -- \Documents and Settings\Admin\Data aplikací\Youtube Downloader HD\YouTubeDownloaderHD.ini
[2013.12.23 20:28:04 | 003,127,375 | ---- | M] () -- \Documents and Settings\Admin\Dokumenty\Stažené soubory\flashvideodownloader.exe
[2013.11.02 21:46:55 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\7X859P36\downloaderror[1].js
[2013.11.17 11:55:12 | 000,000,723 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\7X859P36\downloaderror[2].js
[2013.11.10 12:19:04 | 000,001,174 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\7X859P36\downloader[1].js
[2013.11.09 21:00:10 | 000,009,681 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\7X859P36\rn_downloader_full[1].htm
[2013.12.21 14:22:00 | 000,031,516 | ---- | M] () -- \Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\ZDJNYMC8\cz.seznam.software.libfoxloader-3.1.2-win32[1].zip
[2013.11.13 17:48:04 | 000,000,828 | ---- | M] () -- \Documents and Settings\Admin\Plocha\Youtube Downloader HD.lnk
[2008.02.04 12:32:50 | 000,000,232 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.12.23 20:45:14 | 000,000,782 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\iWisoft Free Video Downloader\iWisoft Free Video Downloader.lnk
[2013.11.13 17:48:04 | 000,000,840 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\Youtube Downloader HD\Youtube Downloader HD.lnk
[2013.01.08 16:05:34 | 003,298,024 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe
[2012.03.13 09:41:34 | 000,000,860 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\Photodownloader.exe.manifest
[2012.03.13 09:41:58 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012.03.13 09:42:00 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012.03.13 09:42:02 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012.03.13 09:42:04 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012.03.13 09:42:06 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012.03.13 09:42:06 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.12.18 18:38:12 | 000,053,304 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2013.12.18 18:38:13 | 000,566,328 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2013.12.18 18:38:16 | 001,742,392 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2012.02.22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012.02.22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012.02.22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2013.04.21 20:44:16 | 000,008,827 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2013.03.09 08:17:04 | 000,268,440 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.03.09 08:17:04 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2008.06.24 13:45:14 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2007.10.24 01:52:00 | 000,114,688 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\APFLoaderV13.dll
[2007.10.24 01:52:00 | 000,069,632 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader.dll
[2007.10.24 01:52:00 | 000,102,400 | ---- | M] () -- \Program Files\Epson Software\Easy Photo Print\EpAPFLoader2006.dll
[2010.01.11 17:04:32 | 002,006,528 | ---- | M] () -- \Program Files\iWisoft Free Video Downloader\VideoDownloader.exe
[2008.02.25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2012.05.04 00:03:14 | 000,370,070 | ---- | M] () -- \Program Files\Youtube Downloader HD\downloader-hd.ico
[2013.10.29 04:58:38 | 027,918,592 | ---- | M] () -- \Program Files\Youtube Downloader HD\YouTubeDownloaderHD.exe
[2013.11.13 17:48:04 | 000,000,061 | ---- | M] () -- \Program Files\Youtube Downloader HD\YoutubeDownloaderHD.url
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004109D30000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.12.23 20:45:04 | 000,014,948 | ---- | M] () -- \WINDOWS\Prefetch\FLASHVIDEODOWNLOADER.EXE-2EB2E304.pf
[2013.12.23 20:45:24 | 000,059,872 | ---- | M] () -- \WINDOWS\Prefetch\VIDEODOWNLOADER.EXE-17A31B7D.pf
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 13:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2013.12.15 15:36:29 | 000,000,715 | ---- | M] () -- \WINDOWS\AutoKMS\AutoKMS.ini
[2013.12.15 15:54:56 | 000,000,445 | ---- | M] () -- \WINDOWS\AutoKMS\AutoKMS.log
[2013.12.25 15:55:00 | 000,000,266 | ---- | M] () -- \WINDOWS\Tasks\AutoKMS.job

< *activator* /s >

< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2012.09.26 23:12:26 | 000,970,752 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.05.12 11:22:54 | 000,311,296 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\CoreUI.XmlSerializers.dll
[2010.05.12 11:22:50 | 000,450,560 | ---- | M] () -- \Program Files\Sony\Vegas Pro 9.0\Sony.MediaSoftware.TextGen.CoreGraphics.XmlSerializers.dll
[2013.10.20 15:07:39 | 000,131,072 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.10.20 15:03:22 | 000,970,752 | ---- | M] () -- \WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.11.16 11:27:22 | 000,864,256 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\CoreUI.XmlSerialize#\940e22d1274935bc6f4e4c6cf96f29c7\CoreUI.XmlSerializers.ni.dll
[2013.10.20 15:18:17 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a95e0af6fa5d2e8ffd5e0091f6513271\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.10.20 15:16:21 | 002,345,472 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\ba6670610621b25b1608e457ba0ef305\System.Runtime.Serialization.ni.dll
[2013.12.19 17:05:01 | 000,311,296 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.19 17:06:20 | 002,658,304 | ---- | M] () -- \WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b5faab90a38802d89ccf6f9ac4bff440\System.Runtime.Serialization.ni.dll
[2010.03.18 13:16:28 | 001,026,936 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\5C1093C35543A0E32A41B090A305076A\4.0.30319\System.Runtime.Serialization.dll.x86
[2013.12.15 15:28:08 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.12.17 17:12:10 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.12.15 15:28:07 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.12.17 17:12:08 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2008.07.25 10:17:00 | 000,131,072 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.09.26 23:12:26 | 000,970,752 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 06:06:54 | 001,039,040 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010.03.18 13:16:28 | 000,122,264 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2010.06.15 02:33:16 | 000,017,840 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.06.15 02:33:16 | 000,099,208 | ---- | M] () -- \WINDOWS\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[3 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2008.04.14 13:00:00 | 000,064,256 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys

< *w7lxe* /s >

========== Files - Unicode (All) ==========
[2013.11.14 16:23:36 | 104,225,154 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\瀷啔;
[2013.11.14 16:23:36 | 104,225,154 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\瀷啔;
[2013.11.13 16:35:47 | 104,010,312 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츨䂒啔;
[2013.11.13 16:35:47 | 104,010,312 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\츨䂒啔;
[2013.11.12 14:53:43 | 103,891,779 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�鑅啔;
[2013.11.12 14:53:43 | 103,891,779 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\�鑅啔;
[2013.10.22 17:04:52 | 102,329,055 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ჳ꫁啔;
[2013.10.22 17:04:52 | 102,329,055 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ჳ꫁啔;
[2013.10.20 08:41:16 | 101,983,560 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㟊Ⱅ啔;
[2013.10.20 08:41:16 | 101,983,560 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\㟊Ⱅ啔;
[2013.10.19 15:22:38 | 101,916,422 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꍪ馤啔;
[2013.10.19 15:22:38 | 101,916,422 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ꍪ馤啔;
[2013.10.16 15:54:27 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\萺⪵啔;
[2013.10.16 15:54:27 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\萺⪵啔;
[2013.10.14 14:00:12 | 100,857,291 | ---- | M] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ʢ啔;
[2013.10.14 14:00:12 | 100,857,291 | ---- | C] ()(C:\WINDOWS\System32\???;) -- C:\WINDOWS\System32\ʢ啔;

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
APNMCP
Nero BackItUp Scheduler 3
NMIndexingService
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ADMIN-130349736-Admin.job

:otl
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1417001333-2146877963-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
[1 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\SoftwareDistribution\Download\78164ced3d5a2fc0ae34c8af2ce15419\download\*.tmp files -> C:\WINDOWS\SoftwareDistribution\Download\78164ced3d5a2fc0ae34c8af2ce15419\download\*.tmp -> ]
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"ApnTBMon"=-
"NeroFilterCheck"=-
"NBKeyScan"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"DAEMON Tools Lite"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Omlouvám se za větší odmlku.
All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin
->Temp folder emptied: 1486698392 bytes
->Temporary Internet Files folder emptied: 122650384 bytes
->FireFox cache emptied: 444955089 bytes
->Google Chrome cache emptied: 14222858 bytes
->Flash cache emptied: 52968 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2830336 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 589296 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1087795 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 7864071 bytes

Total Files Cleaned = 1 985,00 mb

[EMPTYFLASH]

User: Admin
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service APNMCP stopped successfully!
Service APNMCP deleted successfully!
Service Nero BackItUp Scheduler 3 stopped successfully!
Service Nero BackItUp Scheduler 3 deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-ADMIN-130349736-Admin.job moved successfully.
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1417001333-2146877963-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
C:\WINDOWS\Installer\MSI4E.tmp deleted successfully.
C:\WINDOWS\SoftwareDistribution\Download\78164ced3d5a2fc0ae34c8af2ce15419\download\BIT58.tmp deleted successfully.
ADS C:\WINDOWS\Cursors\arrow_n.cur:NEDTA.DAT deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"ctfmon.exe"|C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] /E :invalid edit format. Invalid data type.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 01172014_151759

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

PC se po tu dobu pouzival?

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete CCleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Ano, používal. Vše provedeno.

A jak to s pc vypada?

Funguje v pořádku

Zatím jsem na žádné problémy nenarazila. Tímto děkuju za trpělivost a pomoc

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu