VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by pepa at 2012-09-28 17:12:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 817 GB (86%) free of 954 GB
Total RAM: 6124 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:43, on 28.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\prokramy\vypnuti.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Users\pepa\AppData\Local\Temp\626A.tmp\rundll32.exe
C:\hry\sp\Wolf2.exe
C:\Program Files\trend micro\pepa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: TVce Toolbar - {246adb73-110d-4be4-868a-abf6d2d90fd3} - C:\Program Files (x86)\TVce\prxtbTVce.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0011825 - {11111111-1111-1111-1111-110111181125} - C:\Program Files (x86)\BcoolApp\BcoolApp.dll
O2 - BHO: TVce - {246adb73-110d-4be4-868a-abf6d2d90fd3} - C:\Program Files (x86)\TVce\prxtbTVce.dll
O2 - BHO: Ironsource LTD Helper Object - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\PROGRA~2\SearchYa!\1.5.25.0\bh\searchya.dll
O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: SearchYa Toolbar - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\PROGRA~2\SearchYa!\1.5.25.0\searchyaTlbr.dll
O3 - Toolbar: TVce Toolbar - {246adb73-110d-4be4-868a-abf6d2d90fd3} - C:\Program Files (x86)\TVce\prxtbTVce.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AMD Catalyst] C:\ProgramData\Catalyst\color.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [VypnutiPC] "C:\prokramy\vypnuti.exe" 00:30 -v
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O15 - Trusted Zone: www.vizzed.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\sprote~1\sprote~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11638 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\prokramy\vypnuti.exe" 00:30 -v
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Web Assistant\ExtensionUpdaterService.exe"
"C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe" /silent
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe"
"c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2940
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
\??\C:\Windows\system32\conhost.exe "1372251472-223502823214794542388907597-575974984-1056772624-12374648231867747
rundll32.exe -k phatk -o http://pool.ignorelist.com:80 -u chuh -p 123 -I 1
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe"
"C:\hry\sp\Wolf2.exe"
taskeng.exe {356AB2F4-7FD5-4A9B-B9FF-7DCCDA1FCFEA}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\prokramy\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@vizzed.com/VizzedRGR]
"Description"=Vizzed Retro Game Room
"Path"=C:\hry\NpVizzedRgr.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.278 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
np32dsw.dll
NPSWF32.dll
ShockwavePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
babylon.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\
battlefieldheroespatcher@ea.com
crossriderapp11825@crossrider.com
ffxtlbr@incredibar.com
ffxtlbr@searchya.com
plugin@yontoo.com
{246adb73-110d-4be4-868a-abf6d2d90fd3}
{5911488E-9D1E-40ec-8CBB-06B231CC153F}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\
conduit.xml
GadgetBox.xml
MyStart Search.xml
Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension64.dll [2012-09-03 208728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 68976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-08-13 5749952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111181125}]
BcoolApp - C:\Program Files (x86)\BcoolApp\BcoolApp.dll [2012-07-03 484864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{246adb73-110d-4be4-868a-abf6d2d90fd3}]
TVce Toolbar - C:\Program Files (x86)\TVce\prxtbTVce.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F}]
Ironsource LTD Helper Object - C:\PROGRA~2\SearchYa!\1.5.25.0\bh\searchya.dll [2012-09-03 268904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Web Assistant - C:\Program Files\Web Assistant\Extension32.dll [2012-09-03 167256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}]
StartNow Toolbar Helper - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll [2012-06-22 627424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}]
Incredibar.com Helper Object - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll [2012-01-22 261632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll [2012-08-11 194928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-08-21 1501776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{5911488E-9D1E-40ec-8CBB-06B231CC153F} - StartNow Toolbar - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll [2012-06-22 627424]
{F9639E4A-801B-4843-AEE3-03D9DA199E77} - Incredibar Toolbar - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll [2012-01-22 270336]
{D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{33AA308B-B565-4376-AC66-59EE9B6AD13E} - SearchYa Toolbar - C:\PROGRA~2\SearchYa!\1.5.25.0\searchyaTlbr.dll [2012-09-03 286824]
{246adb73-110d-4be4-868a-abf6d2d90fd3} - TVce Toolbar - C:\Program Files (x86)\TVce\prxtbTVce.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll [2012-06-11 1307728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-01-30 7560296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
"Optimizer Pro"=C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2012-06-10 79664]
"VypnutiPC"=C:\prokramy\vypnuti.exe [2006-04-21 478208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"AMD Catalyst"=C:\ProgramData\Catalyst\color.exe [2012-09-21 21504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-08-06 642216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-09-28 11:20:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-09-28 09:46:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-26 12:54:26 ----D---- C:\Program Files (x86)\CD to MP3 Freeware
2012-09-26 12:54:26 ----A---- C:\Windows\WM8EUTIL.exe
2012-09-26 12:44:41 ----D---- C:\my music
2012-09-26 09:08:43 ----D---- C:\rsit
2012-09-26 09:08:43 ----D---- C:\Program Files\trend micro
2012-09-26 08:48:00 ----A---- C:\Windows\system32\OxpsConverter.exe
2012-09-24 10:38:05 ----D---- C:\Users\pepa\AppData\Roaming\PotPlayerMini
2012-09-24 10:37:38 ----D---- C:\Program Files (x86)\Daum
2012-09-24 08:04:56 ----D---- C:\ProgramData\ATI
2012-09-24 08:04:52 ----D---- C:\Program Files (x86)\AMD APP
2012-09-23 19:44:24 ----D---- C:\Windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP
2012-09-22 15:20:07 ----A---- C:\Windows\system32\mshtmled.dll
2012-09-22 15:20:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2012-09-22 15:20:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-09-22 15:20:05 ----A---- C:\Windows\SYSWOW64\url.dll
2012-09-22 15:20:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-09-22 15:20:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-09-22 15:20:05 ----A---- C:\Windows\system32\ieUnatt.exe
2012-09-22 15:20:05 ----A---- C:\Windows\system32\ieui.dll
2012-09-22 15:20:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-09-22 15:20:04 ----A---- C:\Windows\system32\url.dll
2012-09-22 15:20:03 ----A---- C:\Windows\system32\urlmon.dll
2012-09-22 15:20:03 ----A---- C:\Windows\system32\msfeeds.dll
2012-09-22 15:20:03 ----A---- C:\Windows\system32\jscript9.dll
2012-09-22 15:20:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2012-09-22 15:19:58 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-09-22 15:19:58 ----A---- C:\Windows\system32\wininet.dll
2012-09-22 15:19:57 ----A---- C:\Windows\system32\jsproxy.dll
2012-09-22 15:19:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-09-22 15:19:56 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-09-22 15:19:56 ----A---- C:\Windows\system32\vbscript.dll
2012-09-22 15:19:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-09-22 15:19:55 ----A---- C:\Windows\system32\jscript.dll
2012-09-22 15:19:55 ----A---- C:\Windows\system32\iertutil.dll
2012-09-22 15:19:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-09-22 15:19:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-09-22 15:19:51 ----A---- C:\Windows\system32\mshtml.dll
2012-09-22 15:19:49 ----A---- C:\Windows\system32\ieframe.dll
2012-09-22 15:19:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-09-21 13:34:44 ----D---- C:\Users\pepa\AppData\Roaming\DarknessII
2012-09-21 10:04:18 ----D---- C:\ProgramData\Catalyst
2012-09-20 22:37:17 ----D---- C:\Users\pepa\AppData\Roaming\Ubisoft
2012-09-20 22:37:17 ----D---- C:\ProgramData\Ubisoft
2012-09-20 22:37:15 ----D---- C:\Program Files (x86)\Ubisoft
2012-09-19 23:03:32 ----RA---- C:\Windows\SYSWOW64\tmp7FFD.tmp
2012-09-19 23:03:32 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2012-09-15 10:15:39 ----D---- C:\Users\pepa\AppData\Roaming\Optimizer Pro
2012-09-15 10:13:25 ----D---- C:\Program Files (x86)\SProtector
2012-09-15 10:13:11 ----D---- C:\Program Files (x86)\Optimizer Pro
2012-09-14 19:40:22 ----D---- C:\ProgramData\Vizzed
2012-09-12 07:07:16 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2012-09-12 07:07:16 ----A---- C:\Windows\system32\drivers\ndis.sys
2012-09-12 07:07:15 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2012-09-12 07:07:15 ----A---- C:\Windows\system32\d3d10level9.dll
2012-09-12 07:07:14 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-09-12 07:07:14 ----A---- C:\Windows\system32\drivers\netio.sys
2012-09-12 07:07:14 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2012-09-11 19:25:05 ----SHD---- C:\Windows\ftpcache
2012-09-11 19:22:17 ----A---- C:\Windows\game.ini
2012-09-09 21:20:25 ----D---- C:\ProgramData\Caphyon
2012-09-09 21:17:46 ----D---- C:\Users\pepa\AppData\Roaming\Waterfox Limited
2012-09-09 17:01:35 ----D---- C:\ProgramData\RELOADED
2012-09-09 16:40:41 ----D---- C:\Program Files (x86)\Dead Island
2012-09-09 16:40:15 ----SHD---- C:\Windows\ei_temp
2012-09-08 20:01:18 ----D---- C:\Program Files (x86)\2K Sports
2012-09-06 15:55:15 ----D---- C:\Program Files (x86)\ProtectDisc Driver Installer
2012-09-06 15:55:07 ----D---- C:\Users\pepa\AppData\Roaming\ProtectDISC
2012-09-06 10:32:07 ----D---- C:\Program Files (x86)\Keronsoft
2012-09-06 10:25:45 ----D---- C:\Windows\WICCodecs
2012-09-06 10:25:45 ----D---- C:\ProgramData\FastPictureViewer
2012-09-06 10:25:44 ----D---- C:\Program Files (x86)\FastPictureViewer
2012-09-04 20:23:07 ----D---- C:\Program Files (x86)\Yontoo
2012-09-04 20:23:05 ----D---- C:\ProgramData\Tarma Installer
2012-09-03 18:33:53 ----D---- C:\Users\pepa\AppData\Roaming\uTorrent
2012-09-03 14:34:16 ----D---- C:\Program Files (x86)\TVce
2012-09-03 13:28:06 ----D---- C:\Users\pepa\AppData\Roaming\Babylon
2012-09-03 13:28:06 ----D---- C:\ProgramData\Babylon
2012-09-03 12:50:23 ----D---- C:\Users\pepa\AppData\Roaming\Media Finder
2012-09-03 12:50:18 ----D---- C:\Program Files (x86)\SearchYa!
2012-09-01 16:57:22 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2012-08-31 22:24:08 ----D---- C:\Users\pepa\AppData\Roaming\RenPy
2012-08-31 10:24:30 ----D---- C:\ProgramData\Ask
2012-08-30 09:58:37 ----D---- C:\Users\pepa\AppData\Roaming\2K Sports
2012-08-29 16:08:04 ----D---- C:\Program Files (x86)\Elaborate Bytes

======List of files/folders modified in the last 1 month======

2012-09-28 17:12:42 ----D---- C:\Windows\Temp
2012-09-28 16:58:56 ----D---- C:\Users\pepa\AppData\Roaming\Skype
2012-09-28 16:38:38 ----RD---- C:\Program Files (x86)
2012-09-28 10:56:25 ----D---- C:\Windows\system32\config
2012-09-28 09:46:33 ----D---- C:\Windows\System32
2012-09-28 09:46:33 ----D---- C:\Windows\inf
2012-09-28 09:46:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-09-27 13:47:07 ----SHD---- C:\System Volume Information
2012-09-27 13:41:04 ----D---- C:\Windows\system32\NDF
2012-09-27 13:32:18 ----D---- C:\Windows\system32\Tasks
2012-09-27 12:34:04 ----SHD---- C:\Windows\Installer
2012-09-27 12:34:03 ----D---- C:\hry
2012-09-27 12:22:01 ----D---- C:\Windows\system32\catroot2
2012-09-27 07:27:06 ----D---- C:\Windows
2012-09-26 14:43:04 ----D---- C:\prokramy
2012-09-26 14:36:22 ----D---- C:\Windows\SysWOW64
2012-09-26 14:36:22 ----D---- C:\Windows\Prefetch
2012-09-26 14:18:35 ----D---- C:\Windows\winsxs
2012-09-26 09:08:43 ----RD---- C:\Program Files
2012-09-26 08:47:38 ----D---- C:\Windows\system32\catroot
2012-09-25 15:26:01 ----D---- C:\Users\pepa\AppData\Roaming\Media Player Classic
2012-09-25 15:25:59 ----D---- C:\Windows\Logs
2012-09-24 08:04:56 ----HD---- C:\ProgramData
2012-09-24 08:04:24 ----D---- C:\Program Files\ATI Technologies
2012-09-24 08:03:56 ----D---- C:\ProgramData\AMD
2012-09-24 08:03:17 ----SHD---- C:\$Recycle.Bin
2012-09-24 08:02:54 ----D---- C:\Windows\system32\drivers
2012-09-24 08:02:52 ----D---- C:\Windows\system32\DriverStore
2012-09-23 23:10:05 ----A---- C:\Users\pepa\AppData\Roaming\burnaware.ini
2012-09-23 19:48:46 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-09-23 19:42:29 ----RSD---- C:\Windows\assembly
2012-09-23 19:41:39 ----A---- C:\Windows\system32\wrap_oal.dll
2012-09-23 19:41:39 ----A---- C:\Windows\system32\OpenAL32.dll
2012-09-23 19:41:38 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2012-09-22 15:21:05 ----D---- C:\Windows\SYSWOW64\migration
2012-09-22 15:21:05 ----D---- C:\Windows\system32\migration
2012-09-22 15:21:05 ----D---- C:\Program Files\Internet Explorer
2012-09-22 15:21:05 ----D---- C:\Program Files (x86)\Internet Explorer
2012-09-21 16:27:00 ----D---- C:\Windows\SYSWOW64\directx
2012-09-21 16:24:48 ----HD---- C:\Windows\msdownld.tmp
2012-09-20 22:58:25 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-09-19 23:03:32 ----D---- C:\Program Files (x86)\OpenAL
2012-09-18 12:27:40 ----D---- C:\Windows\SoftwareDistribution
2012-09-18 08:50:45 ----D---- C:\ProgramData\EA Logs
2012-09-17 17:35:25 ----SD---- C:\ProgramData\Microsoft
2012-09-17 17:33:27 ----D---- C:\Program Files (x86)\Microsoft
2012-09-16 10:10:59 ----D---- C:\Program Files\Google
2012-09-16 10:10:59 ----D---- C:\Program Files (x86)\Google
2012-09-15 17:39:47 ----D---- C:\ProgramData\PMB Files
2012-09-15 17:38:43 ----D---- C:\Program Files (x86)\Common Files
2012-09-15 17:36:14 ----D---- C:\ProgramData\Google
2012-09-15 17:27:25 ----D---- C:\Windows\debug
2012-09-15 10:28:14 ----D---- C:\Windows\Tasks
2012-09-15 10:13:28 ----D---- C:\ProgramData\InstallMate
2012-09-15 10:13:16 ----D---- C:\ProgramData\OptimizerPro1
2012-09-14 23:44:38 ----SD---- C:\Users\pepa\AppData\Roaming\Microsoft
2012-09-14 13:34:18 ----D---- C:\Windows\Downloaded Program Files
2012-09-13 20:58:41 ----D---- C:\Program Files\Web Assistant
2012-09-13 08:06:59 ----A---- C:\Windows\system32\MRT.exe
2012-09-10 11:29:53 ----D---- C:\Program Files (x86)\JetAudio
2012-09-06 10:05:57 ----AD---- C:\ProgramData\TEMP
2012-09-03 18:04:59 ----D---- C:\Windows\SYSWOW64\Macromed
2012-08-30 14:17:39 ----D---- C:\Users\pepa\AppData\Roaming\Ulozto File Manager
2012-08-29 07:40:17 ----D---- C:\ProgramData\Comodo

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-08-21 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-08-21 969200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-08-21 359464]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-08-21 59728]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-08-21 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-30 4718952]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x64.sys [2011-12-23 98928]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-30 54400]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 61808]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-07-28 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-08-25 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2012-06-22 265952]
R2 Web Assistant Updater;Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-09-03 188760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-13 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-28 114144]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-02 1255736]
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]

-----------------EOF-----------------

Zdravim, pekny vecer preji a vitam vas u nas na foru

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

taky zdravím, tady jsou ty dvě loga.

OTL logfile created on: 28.9.2012 23:08:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pepa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,98 Gb Total Physical Memory | 4,65 Gb Available Physical Memory | 77,84% Memory free
11,96 Gb Paging File | 10,37 Gb Available in Paging File | 86,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 797,68 Gb Free Space | 85,63% Space Free | Partition Type: NTFS
Drive D: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 1,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PEPA-PC | User Name: pepa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.09.28 23:02:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pepa\Desktop\OTL.exe
PRC - [2012.09.28 09:42:20 | 000,310,359 | ---- | M] () -- C:\Users\pepa\AppData\Local\Temp\626A.tmp\rundll32.exe
PRC - [2012.09.19 13:01:46 | 002,841,240 | ---- | M] (GamersFirst) -- C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
PRC - [2012.09.03 09:13:08 | 000,188,760 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012.08.25 18:52:51 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.06.17 19:59:46 | 000,215,856 | ---- | M] (PC Utilities Pro) -- C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
PRC - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2006.04.21 16:04:18 | 000,478,208 | ---- | M] () -- C:\prokramy\vypnuti.exe

========== Modules (No Company Name) ==========

MOD - [2012.09.28 09:42:20 | 000,318,019 | ---- | M] () -- C:\Users\pepa\AppData\Local\Temp\626A.tmp\libcurl-4.dll
MOD - [2012.09.28 09:42:20 | 000,310,359 | ---- | M] () -- C:\Users\pepa\AppData\Local\Temp\626A.tmp\rundll32.exe
MOD - [2012.09.28 09:42:20 | 000,148,760 | ---- | M] () -- C:\Users\pepa\AppData\Local\Temp\626A.tmp\libpdcurses.dll
MOD - [2012.04.27 00:38:30 | 020,758,016 | ---- | M] () -- C:\Program Files (x86)\GamersFirst\LIVE!\libcef.dll
MOD - [2006.04.21 16:04:18 | 000,478,208 | ---- | M] () -- C:\prokramy\vypnuti.exe

========== Services (SafeList) ==========

SRV:64bit: - [2012.09.03 09:13:08 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.08.06 12:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.07.28 04:09:44 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.09.28 11:21:05 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.20 22:58:26 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.25 18:52:51 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.08.21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.08.21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.08.21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.08.21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.08.21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.08.21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012.07.28 06:07:44 | 010,278,912 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.07.28 03:14:46 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.05.14 08:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.03.05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.30 13:00:00 | 000,054,400 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011.12.23 18:54:10 | 000,098,928 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C60x64.sys -- (L1C)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.02.24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.06 19:42:12 | 000,061,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =120885386
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms ... =120885386
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms ... =120885386
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://mystart.incredibar.com/mb128?a=6OyLPr4kA9&i=26
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\URLSearchHook: {246adb73-110d-4be4-868a-abf6d2d90fd3} - No CLSID value found
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTe ... rer:source}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms ... =120885386
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTer ... 6000792557
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... A92066D481
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... SA_csCZ497
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?se ... r4kA9&i=26
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultthis.engineName: "TVce Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "TVce Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.145.0
FF - prefs.js..extensions.enabledAddons: crossriderapp11825@crossrider.com:0.83.2
FF - prefs.js..extensions.enabledAddons: ffxtlbr@incredibar.com:1.5.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@searchya.com:1.5.1
FF - prefs.js..extensions.enabledAddons: gencrawler@some.com:2.6
FF - prefs.js..extensions.enabledAddons: {246adb73-110d-4be4-868a-abf6d2d90fd3}:3.15.1.0
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.485
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.as ... ource=2&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\hry\NpVizzedRgr.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\pepa\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Users\pepa\Desktop\hry\Ubisoft Game Launcher\npuplaypc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.09.13 20:58:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.09.13 20:58:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.09.10 18:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.28 11:21:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.28 11:21:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.28 11:21:05 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.28 11:21:01 | 000,000,000 | ---D | M]

[2012.09.03 12:50:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Extensions
[2012.09.09 21:19:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
[2012.09.04 20:23:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions
[2012.09.04 20:23:09 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com
[2012.09.03 12:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged
[2012.09.28 22:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions
[2012.09.04 08:28:56 | 000,000,000 | ---D | M] (TVce Community Toolbar) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}
[2012.09.28 21:10:46 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.08.25 10:25:53 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com
[2012.08.22 21:02:23 | 000,000,000 | ---D | M] ("BcoolApp") -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com
[2012.08.22 20:58:42 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com
[2012.09.03 12:50:26 | 000,000,000 | ---D | M] (searchya.com) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com
[2012.09.04 20:23:09 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com
[2012.09.02 21:13:14 | 000,000,911 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\conduit.xml
[2012.09.15 10:13:24 | 000,000,487 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\GadgetBox.xml
[2012.08.22 20:58:10 | 000,002,203 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\MyStart Search.xml
[2012.09.03 12:50:28 | 000,002,323 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\Search.xml
[2012.09.28 11:21:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.09.28 11:21:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2012.09.28 11:21:00 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.09.13 20:58:40 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012.09.03 13:28:43 | 000,000,000 | ---D | M] (General Crawler) -- C:\USERS\PEPA\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
[2012.09.28 11:21:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2003.02.24 16:58:34 | 000,729,088 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\NPSWF32.dll
[2012.09.09 21:19:45 | 000,003,751 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.03 13:28:11 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.08.25 07:07:30 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.25 07:07:30 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.25 07:07:30 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.25 07:07:30 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.25 07:07:31 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.seznam.cz/
CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: TVce = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpikajomiijdlldjkbnonmmbennjffkd\2.3.17.1_0\
CHR - Extension: General Crawler = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
CHR - Extension: Web Assistant = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.485_0\
CHR - Extension: avast! WebRep = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Skype Click to Call = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: BcoolApp = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\crossrider
CHR - Extension: BcoolApp = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\
CHR - Extension: Yontoo = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (BcoolApp) - {11111111-1111-1111-1111-110111181125} - C:\Program Files (x86)\BcoolApp\BcoolApp.dll (BcoolTeam)
O2 - BHO: (Ironsource LTD Helper Object) - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\Program Files (x86)\SearchYa!\1.5.25.0\bh\searchya.dll (Montera Technologeis LTD)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (SearchYa Toolbar) - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\Program Files (x86)\SearchYa!\1.5.25.0\searchyaTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {246ADB73-110D-4BE4-868A-ABF6D2D90FD3} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AMD Catalyst] C:\ProgramData\Catalyst\color.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro)
O4 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found
O4 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001..\Run: [VypnutiPC] C:\prokramy\vypnuti.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O8 - Extra context menu item: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: vizzed.com ([www] * in Důvěryhodné servery)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 94.229.92.40 94.229.92.47
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86DFB5FC-D08C-402A-856B-19C8672780F5}: DhcpNameServer = 94.229.92.40 94.229.92.47
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~2\sprote~1\sprote~1.dll) - c:\Program Files (x86)\SProtector\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.02.17 18:42:58 | 000,000,027 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2009.03.14 02:32:52 | 000,000,049 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{a02819db-e534-11e1-af3b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a02819db-e534-11e1-af3b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\score.exe -- [2011.11.11 00:30:19 | 001,197,568 | R--- | M] ()
O33 - MountPoints2\{e1e7944a-f196-11e1-a191-c86000792557}\Shell - "" = AutoRun
O33 - MountPoints2\{e1e7944a-f196-11e1-a191-c86000792557}\Shell\AutoRun\command - "" = E:\setup-watchmen.exe -- [2009.03.14 02:20:49 | 000,340,686 | R--- | M] (Warner Bros. Interactive Entertainment )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.09.28 23:02:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\pepa\Desktop\OTL.exe
[2012.09.28 11:20:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.09.28 09:46:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.09.27 12:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2012.09.26 12:54:27 | 000,000,000 | ---D | C] -- C:\Users\pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2012.09.26 12:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
[2012.09.26 12:54:26 | 000,880,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\WM8EUTIL.exe
[2012.09.26 12:54:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD to MP3 Freeware
[2012.09.26 12:44:41 | 000,000,000 | ---D | C] -- C:\my music
[2012.09.26 12:44:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildFire CD Ripper
[2012.09.26 09:08:43 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.09.26 09:08:43 | 000,000,000 | ---D | C] -- C:\rsit
[2012.09.26 08:48:00 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2012.09.24 21:24:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Silent Hill Homecoming
[2012.09.24 21:01:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Hill Homecoming
[2012.09.24 13:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchmen The End is Nigh
[2012.09.24 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\pepa\AppData\Roaming\PotPlayerMini
[2012.09.24 10:38:05 | 000,000,000 | ---D | C] -- C:\Users\pepa\AppData\Local\Daum
[2012.09.24 10:37:44 | 000,000,000 | ---D | C] -- C:\Users\pepa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
[2012.09.24 10:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
[2012.09.24 10:37:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Daum
[2012.09.24 10:13:25 | 000,000,000 | ---D | C] -- C:\Users\pepa\AppData\Local\THQ
[2012.09.24 10:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2012.09.24 08:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.09.24 08:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.09.24 08:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2012.09.22 15:20:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.09.22 15:20:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.09.22 15:20:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.09.22 15:20:05 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.09.22 15:20:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.09.22 15:20:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.09.22 15:20:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.09.22 15:20:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.09.22 15:20:03 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.09.22 15:20:03 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.09.22 15:20:03 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.09.22 15:20:03 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.09.22 15:19:56 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.09.22 15:19:56 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.09.22 15:19:55 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.09.28 23:10:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.09.28 23:10:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.28 23:02:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\pepa\Desktop\OTL.exe
[2012.09.28 22:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.28 16:02:56 | 1636,024,750 | ---- | M] () -- C:\Users\pepa\Desktop\Creepshow-1-cz-dub.avi
[2012.09.28 14:51:13 | 003,493,534 | ---- | M] () -- C:\Users\pepa\Desktop\nezvratný-osud-2.3gp
[2012.09.28 13:33:20 | 782,673,920 | ---- | M] () -- C:\Users\pepa\Desktop\Nezvratný-osud-1.avi
[2012.09.28 11:35:47 | 1101,332,954 | ---- | M] () -- C:\Users\pepa\Desktop\Nezvratný-Osud-5-CZ..avi
[2012.09.28 09:47:40 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.28 09:47:40 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.28 09:46:46 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.28 09:46:33 | 001,479,812 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.09.28 09:46:33 | 000,634,324 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.09.28 09:46:33 | 000,618,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.09.28 09:46:33 | 000,123,588 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.09.28 09:46:33 | 000,107,674 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.09.28 09:40:19 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.09.28 09:39:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.28 09:39:53 | 520,785,919 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.27 13:32:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.09.27 12:34:03 | 000,001,639 | ---- | M] () -- C:\Users\Public\Desktop\Wolfenstein™.lnk
[2012.09.26 19:13:24 | 000,002,374 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.09.26 14:29:51 | 000,001,160 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2012.09.23 23:10:05 | 000,000,481 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\burnaware.ini
[2012.09.23 19:44:56 | 000,338,165 | ---- | M] () -- C:\AnalysisLog.sr0
[2012.09.23 19:41:39 | 000,424,624 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.09.23 19:41:39 | 000,138,472 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.09.23 19:41:38 | 000,418,480 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.09.23 19:41:37 | 000,115,432 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.09.28 23:10:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.09.28 14:51:04 | 003,493,534 | ---- | C] () -- C:\Users\pepa\Desktop\nezvratný-osud-2.3gp
[2012.09.28 12:36:18 | 782,673,920 | ---- | C] () -- C:\Users\pepa\Desktop\Nezvratný-osud-1.avi
[2012.09.28 12:35:12 | 1636,024,750 | ---- | C] () -- C:\Users\pepa\Desktop\Creepshow-1-cz-dub.avi
[2012.09.28 10:00:43 | 1101,332,954 | ---- | C] () -- C:\Users\pepa\Desktop\Nezvratný-Osud-5-CZ..avi
[2012.09.28 09:46:46 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.09.28 09:46:46 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.09.27 12:34:03 | 000,001,639 | ---- | C] () -- C:\Users\Public\Desktop\Wolfenstein™.lnk
[2012.09.23 19:44:47 | 000,338,165 | ---- | C] () -- C:\AnalysisLog.sr0
[2012.09.11 19:22:17 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2012.08.24 22:00:40 | 000,281,288 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.08.24 22:00:31 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.08.17 14:03:17 | 000,004,936 | ---- | C] () -- C:\Users\pepa\AppData\Local\SRDownloader.err
[2012.08.17 10:29:10 | 000,001,160 | ---- | C] () -- C:\Users\pepa\AppData\Local\SRDownloader.nast
[2012.08.13 15:58:08 | 000,000,481 | ---- | C] () -- C:\Users\pepa\AppData\Roaming\burnaware.ini
[2012.08.13 15:55:36 | 000,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.08.13 15:55:36 | 000,155,648 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.08.13 15:55:35 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.13 15:55:32 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.07.28 03:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.28 03:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.01.02 11:48:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.09.08 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\2K Sports
[2012.09.03 13:28:06 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Babylon
[2012.08.23 18:48:24 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\COWON
[2012.09.21 13:34:44 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\DarknessII
[2012.08.13 23:21:03 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Leadertech
[2012.08.23 18:15:33 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\LolClient
[2012.09.03 14:35:26 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Media Finder
[2012.08.24 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\OpenCandy
[2012.09.15 10:15:39 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Optimizer Pro
[2012.09.24 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\PotPlayerMini
[2012.09.06 15:55:07 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\ProtectDISC
[2012.08.31 22:24:08 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\RenPy
[2012.09.20 22:37:17 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Ubisoft
[2012.08.30 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Ulozto File Manager
[2012.09.26 08:48:31 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\uTorrent
[2012.08.23 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\wargaming.net
[2012.09.09 21:18:54 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Waterfox Limited

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,536 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.08.13 14:50:16 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.13 14:50:17 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.20 20:08:14 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.09.08 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\2K Sports
[2012.08.13 14:21:31 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Adobe
[2012.08.13 13:19:59 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\ATI
[2012.09.03 13:28:06 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Babylon
[2012.08.23 18:48:24 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\COWON
[2012.09.21 13:34:44 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\DarknessII
[2012.08.13 23:12:26 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Google
[2012.08.13 13:19:38 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Identities
[2012.08.13 23:21:03 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Leadertech
[2012.08.23 18:15:33 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\LolClient
[2012.08.13 14:21:55 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Macromedia
[2010.11.21 11:38:04 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Media Center Programs
[2012.09.03 14:35:26 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Media Finder
[2012.09.25 15:26:01 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Media Player Classic
[2012.09.14 23:44:38 | 000,000,000 | --SD | M] -- C:\Users\pepa\AppData\Roaming\Microsoft
[2012.08.20 20:28:21 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Mozilla
[2012.08.23 18:44:22 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Nero
[2012.08.24 21:22:17 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\OpenCandy
[2012.09.15 10:15:39 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Optimizer Pro
[2012.09.24 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\PotPlayerMini
[2012.09.06 15:55:07 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\ProtectDISC
[2012.08.31 22:24:08 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\RenPy
[2012.08.13 23:22:47 | 000,000,000 | RH-D | M] -- C:\Users\pepa\AppData\Roaming\SecuROM
[2012.09.28 20:58:28 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Skype
[2012.09.20 22:37:17 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Ubisoft
[2012.08.30 14:17:39 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Ulozto File Manager
[2012.09.26 08:48:31 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\uTorrent
[2012.08.23 23:36:03 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\wargaming.net
[2012.09.09 21:18:54 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Waterfox Limited
[2012.08.13 15:39:48 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2012.06.19 11:41:22 | 001,361,896 | ---- | M] (EA Digital Illusions CE AB) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com\plugins\BFHUpdater.exe
[2012.07.18 00:53:12 | 002,682,336 | ---- | M] (Speedchecker Limited ) -- C:\Users\pepa\AppData\Roaming\OpenCandy\0BCAB036F305409B982D7B51BD2089C4\PCSU_SL_3.1.2.exe
[2012.07.18 08:51:57 | 011,006,560 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Waterfox Limited\Waterfox\prerequisites\IntToolbarInstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.09.28 22:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 09:40:19 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.28 23:10:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.09.27 13:32:15 | 000,000,000 | ---- | M] () -- C:\Windows\system32\config.nt
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.07.13 13:33:24 | 017,418,928 | R--- | M] (Skype Technologies S.A.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.21 05:24:51 | 001,475,584 | ---- | M] (Microsoft Corporation)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"Optimizer Pro" = C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe -- [2012.06.10 19:33:04 | 000,079,664 | ---- | M] (PC Utilities Pro)
"VypnutiPC" = "C:\prokramy\vypnuti.exe" 00:30 -v -- [2006.04.21 16:04:18 | 000,478,208 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.09.28 11:21:05 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=9C376F42BDE37F18D0A39AF7415D9BE6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.08.24 09:34:41 | 000,748,680 | ---- | M] (Microsoft Corporation) MD5=22CC6CDBA678790046693654C3B212E4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) MD5=6194CC4A71F51CF3E815252BB43AAC28 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.09.28 23:10:21 | 000,000,512 | ---- | M] () MD5=A0CE87913DA342D4BA7F97541A415E2D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.02.28 17:14:48 | 000,599,242 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\APBGame\Content\Release\Packages\SymbolEditor\Primitives_SplatsCracks.upk
[2012.09.21 14:35:58 | 000,017,162 | ---- | M] () -- \Users\pepa\AppData\Roaming\uTorrent\Batman.Arkham.City.Game.Of.The.Year.CRACK.ONLY.READNFO-FiGHTCLUB.1.torrent
[2012.09.20 13:03:42 | 000,017,162 | ---- | M] () -- \Users\pepa\AppData\Roaming\uTorrent\Batman.Arkham.City.Game.Of.The.Year.CRACK.ONLY.READNFO-FiGHTCLUB.torrent
[2012.09.15 20:13:52 | 000,007,668 | ---- | M] () -- \Users\pepa\AppData\Roaming\uTorrent\DS2CRACK-FLT.rar.torrent
[2012.09.15 19:56:34 | 000,007,683 | ---- | M] () -- \Users\pepa\AppData\Roaming\uTorrent\DS2CRACKFIX-FLT_EPIDEMZ.NET.rar.torrent

< *keygen* /s >

< *loader* /s >
[2012.02.28 17:15:38 | 000,002,713 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\APBGame\Gecko\Data\components\uriloader.xpt
[2012.02.28 17:16:06 | 000,065,536 | ---- | M] () -- \Program Files (x86)\GamersFirst\APB Reloaded\Binaries\PhysXLocal\PhysXLoader.dll
[2011.08.24 05:53:16 | 000,006,820 | ---- | M] () -- \Program Files (x86)\GamersFirst\LIVE!\Content\ajax-loader.gif
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebook\7.1.391\js\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\facebooklike\7.1.391\js\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\fbsharedservices\7.1.391\js\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\featured\7.1.391\js\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\games\7.1.391\js\shared\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\apps\chat\7.1.391\js\downloader.js
[2011.10.12 15:04:18 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.391.0\scripts\io\downloader.js
[2010.01.29 06:43:52 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.01.29 06:54:10 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012.02.17 20:55:10 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.08.27 10:04:57 | 000,904,192 | ---- | M] () -- \prokramy\SRDownloader.exe
[2012.08.26 19:55:45 | 001,279,454 | ---- | M] () -- \prokramy\Uloz.to_Uploader-setup.exe
[2012.06.18 12:39:40 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.06.18 12:39:40 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.08.29 23:22:05 | 000,004,936 | ---- | M] () -- \Users\pepa\AppData\Local\SRDownloader.err
[2012.09.04 20:02:57 | 000,001,160 | ---- | M] () -- \Users\pepa\AppData\Local\SRDownloader.nast
[2012.09.26 09:11:24 | 000,000,673 | ---- | M] () -- \Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpikajomiijdlldjkbnonmmbennjffkd\2.3.17.1_0\Media\ajax-loader.gif
[2012.09.04 20:19:05 | 000,003,608 | ---- | M] () -- \Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.1click-downloader.net_0.localstorage-journal
[2012.09.04 20:18:57 | 000,003,608 | ---- | M] () -- \Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.1clickdownloader.com_0.localstorage-journal
[2012.09.26 08:46:03 | 000,000,753 | ---- | M] () -- \Users\pepa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1K00VIVZ\AdLoader[1].htm
[2012.09.26 08:46:03 | 000,105,903 | ---- | M] () -- \Users\pepa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I08VY54L\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012.09.26 09:44:40 | 000,002,168 | ---- | M] () -- \Users\pepa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G0CX8FUV\loaderv2[1].js
[2012.09.26 11:08:13 | 000,003,815 | ---- | M] () -- \Users\pepa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\G0CX8FUV\loader[1].js
[2012.09.02 21:13:14 | 000,010,145 | ---- | M] () -- \Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\conduitCommon\modules\3.15.1.0\ExternalLibraryLoader.jsm
[2012.09.02 21:13:14 | 000,010,145 | ---- | M] () -- \Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\modules\ExternalLibraryLoader.jsm
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\System32\INLOADER.DLL
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2012.07.05 09:21:22 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1996.10.15 09:53:16 | 000,078,848 | ---- | M] () -- \Windows\SysWOW64\INLOADER.DLL
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2012.07.05 09:21:22 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.01.02 12:23:11 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.01.02 12:23:11 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.01.02 12:23:11 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.01.02 12:23:11 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.01.02 12:23:11 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0A8E2C33

< End of report >

OTL Extras logfile created on: 28.9.2012 23:08:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\pepa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

5,98 Gb Total Physical Memory | 4,65 Gb Available Physical Memory | 77,84% Memory free
11,96 Gb Paging File | 10,37 Gb Available in Paging File | 86,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 797,68 Gb Free Space | 85,63% Space Free | Partition Type: NTFS
Drive D: | 4,22 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 1,54 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PEPA-PC | User Name: pepa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{607D02CD-3EAA-4120-A4C6-4A22316D539F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{79A0EA09-6067-44F1-B668-285D74E93434}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D71026C1-1B00-4E78-9545-31217F5DA1B0}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=%systemroot%\microsoft.net\framework64\v3.0\windows communication foundation\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0312B20F-EAEB-4501-B81F-D7A070F97788}" = protocol=17 | dir=in | app=c:\program files (x86)\dead island\deadislandgame.exe |
"{0B209878-D964-432D-9419-197D2FF9E37D}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{143031B5-CE9D-4CFA-B2E3-FF8658DB681C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{26E23DC0-E36C-4BCF-9029-54D9735EC522}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{28AE7932-5BCF-4F14-87CE-51B752EC6107}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{2A9B233E-A124-4B68-8848-BCC3C4AB1C68}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{4243E4B5-1440-41B4-9DB3-978FB46989CA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4C290540-D1A2-468A-AE5A-21F54EE690C2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{796ABBB7-D690-47B0-9082-B2DEE3DE2975}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{7E4B7339-714F-473E-A12B-F99D48FF6C3E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{837AA776-E280-4DC5-AE20-F114C475E8D0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{98E9AA13-158A-4019-AF9E-EBECD46B3B80}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A1D6E016-B5ED-4F24-9485-D26C5A377F62}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\vivoxvoiceservice.exe |
"{A90330D5-87AB-4F74-881E-DE9970729950}" = protocol=6 | dir=in | app=c:\hry\dead island\deadislandgame.exe |
"{B14D6F5C-E561-41A3-A22D-0FFFC7B74430}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C27F1B36-84DC-45C8-A403-D7EB98C27560}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{C55796D9-1728-4FFC-A073-424C0DDE635D}" = protocol=17 | dir=in | app=c:\hry\dead island\deadislandgame.exe |
"{CBCEEB8A-AD4E-4A94-9312-27AC61D79521}" = protocol=6 | dir=in | app=c:\program files (x86)\dead island\deadislandgame.exe |
"{DB72D41B-F108-4D07-92A7-ACC6E044BFD8}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E77C836E-A961-462A-9A2C-002A85A59FA4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E8146796-4C91-477D-879A-7727CECC69EB}" = protocol=17 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"{FE57067C-9F8D-4AB4-AE17-500956DCFD3E}" = protocol=6 | dir=in | app=c:\program files (x86)\gamersfirst\apb reloaded\binaries\apb.exe |
"TCP Query User{106B6ABF-8EAE-4BC4-B9F4-2A8C2CD63E07}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k11\nba2k11.exe |
"UDP Query User{F61E511E-97C7-48CC-B8AE-3AFD62A2A692}C:\program files (x86)\2k sports\nba 2k11\nba2k11.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k11\nba2k11.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E931A51-A183-4E66-8562-D82896E74C67}" = BCool Gadget
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.485
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F92DAD2-FD95-DD12-50DF-A6F66C7E67C8}" = AMD Drag and Drop Transcoding
"{6C2E334F-37F5-C312-53BA-1482F9A6FD4D}" = ccc-utility64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{81D00339-968D-15D1-3499-8431658E896F}" = AMD Catalyst Install Manager
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9387E5ED-7D5D-A744-6BDC-8F6CB26DE09A}" = AMD Fuel
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{D6B98CCC-7375-4B15-BED6-1410E553032B}" = Windows Live Zabezpečení rodiny
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E6F5D8BE-0B00-6DD9-18F9-D4045798FCBE}" = AMD Media Foundation Decoders
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01496C89-6117-AD97-3CB3-98AF2026070C}" = CCC Help German
"{0486991B-63F4-5106-06CE-404D7BA55041}" = CCC Help Italian
"{0E5C5F6E-6BA6-4C12-831B-89CF97BE5E93}" = Wolfenstein
"{177A3BC5-ECD3-BFF1-4D87-C4B417924DF2}" = CCC Help Russian
"{19D368B2-5601-007B-A296-535706E00D97}" = CCC Help English
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F082EA8-0F22-40CA-9FA8-8F85458026AF}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{249B8B8F-C49D-4E92-8795-35FDFDE748D9}}_is1" = Alice.Madness.Returns version SKIDROW
"{278FA289-F502-D888-A3BA-5FA10308AAAD}" = CCC Help Danish
"{2B095550-3C13-4547-ABD1-04CF1560BBBD}" = Vizzed Retro Game Room
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44F77218-4BBD-1B74-88B7-FC302868F2B3}" = CCC Help Japanese
"{489BC3B4-AEF9-E14A-11BC-B70FDE9D543D}" = CCC Help Chinese Traditional
"{4A85AE1B-9727-261D-9EAF-07C1AECCF977}" = CCC Help Turkish
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}" = Junk Mail filter update
"{502699FF-F586-54B1-91E8-E85D9FAE0D6D}" = CCC Help Greek
"{53EF1C4D-0705-98F2-1889-A69BBF9F03F3}" = CCC Help Thai
"{548A4EF3-BD97-0813-B469-E1E2FC9DE487}" = CCC Help Korean
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{55533224-CAD0-39B5-6297-E1B2D1D8F176}" = AMD VISION Engine Control Center
"{55E8A9F6-9C59-4427-AE52-3A1A7C44414D}" = CoolYou Gadget
"{590828E0-9BA6-3E4D-8491-A1D9CC3EB8CE}" = CCC Help French
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6563FAF5-84F9-0A35-C032-182EBC4C3BDB}" = CCC Help Finnish
"{661540E4-D8EF-41D0-A658-84681ABBCBCB}" = Slide Show Studio
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D46F639-5F2F-90F3-4B60-EB2EF264B82E}" = CCC Help Spanish
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{70210CF8-CAB1-8FEB-D964-C33AFE18730B}" = CCC Help Czech
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.5
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8740F475-EF62-402B-8B3A-CBD1017B7E6C}_is1" = "Dead Island"
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B1AEC85-4507-28BD-F3BA-4A5D732752E7}" = CCC Help Hungarian
"{8C5ACED4-34D3-23BB-F90E-2F90420321BC}" = Catalyst Control Center Localization All
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A34D7ABE-8915-4231-8AF9-E8393F494789}" = FastPictureViewer Professional 1.9.264.0 (32-bit)
"{A3DAD349-E48E-AE45-3F26-7B80A4FFCD26}" = Catalyst Control Center InstallProxy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ACE9FB2A-31A5-4285-9510-43F1636EAB21}" = GadgetBox
"{AE7D5AF6-E561-4711-BC5A-E2CE7AFD8CA7}_is1" = Silent Hill Homecoming
"{B0B1A8A5-4711-BB6C-DD59-9794AD928368}" = CCC Help Dutch
"{B33D2348-2938-1A03-0CD3-E6F7101244E0}" = CCC Help Polish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7C8D838-9C3A-1177-B80A-E3C512FD8AF5}" = CCC Help Swedish
"{DDCB737A-EEC8-3815-42DA-69011A55E3E5}" = Catalyst Control Center Graphics Previews Common
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = jetAudio Basic
"{E170E984-6B20-79C2-1E9F-0256EC5ADFB4}" = CCC Help Chinese Standard
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{E866E52C-1F56-4CCF-0071-CA915F8CFEDA}" = CCC Help Norwegian
"{EB644850-2B95-4D66-9C29-2B34CAC25947}_is1" = Watchmen: The End is Nigh
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F5D245CC-C332-1E8E-CCB1-75E0C3C4D6F1}" = CCC Help Portuguese
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"APB Reloaded" = APB Reloaded
"avast" = avast! Free Antivirus
"BcoolApp" = BcoolApp
"BurnAware Free_is1" = BurnAware Free 5.1
"EXESHOW_is1" = EXESHOW 2.0
"Free CD to MP3 Converter" = Free CD to MP3 Converter
"GamersFirst LIVE!" = GamersFirst LIVE!
"Google Chrome" = Google Chrome
"jetAudio 7.0.x Czech Language Pack" = jetAudio 7.0.x Czech Language Pack
"Just Cause 2 1.20" = Just Cause 2 1.20
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.9.5
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 15.0 (x86 cs)" = Mozilla Firefox 15.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NBA 2K11_is1" = NBA 2K11
"Nero8Lite_is1" = Nero 8 Lite 8.3.2.1
"OpenAL" = OpenAL
"PotPlayer" = Daum PotPlayer 1.5.34115
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"searchya" = SearchYa! Web Search
"SProtector" = sprotector 1.62
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite_Wave3" = Windows Live Essentials
"XviD_is1" = XviD MPEG-4 Video Codec

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Firefox 15.0.1 (x86 cs)" = Mozilla Firefox 15.0.1 (x86 cs)
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.9.2012 8:32:40 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:40 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:40 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:41 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:41 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:42 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:42 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:42 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:42 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

Error - 26.9.2012 8:32:42 | Computer Name = pepa-PC | Source = SideBySide | ID = 16842811
Description = Generování kontextu aktivace pro c:\progra~2\sprote~1\sprote~1.dll
se nezdařilo. Chyba v souboru manifestu nebo zásady c:\progra~2\sprote~1\sprote~1.dll
na řádku 0. Neplatná syntaxe XML.

[ Media Center Events ]
Error - 22.9.2012 14:48:53 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 20:48:53 - Načtení položky Directory se nezdařilo. (Chyba: Platnost
operace vypršela.)

Error - 22.9.2012 15:50:36 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 21:50:36 - Chyba při připojování k Internetu 21:50:36 - Nelze kontaktovat
server..

Error - 25.9.2012 14:25:28 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 20:25:28 - Chyba při připojování k Internetu 20:25:28 - Nelze kontaktovat
server..

Error - 25.9.2012 14:25:40 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 20:25:33 - Chyba při připojování k Internetu 20:25:33 - Nelze kontaktovat
server..

Error - 25.9.2012 15:25:45 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 21:25:45 - Chyba při připojování k Internetu 21:25:45 - Nelze kontaktovat
server..

Error - 25.9.2012 15:25:51 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 21:25:50 - Chyba při připojování k Internetu 21:25:50 - Nelze kontaktovat
server..

Error - 25.9.2012 16:25:59 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 22:25:59 - Chyba při připojování k Internetu 22:25:59 - Nelze kontaktovat
server..

Error - 25.9.2012 16:26:06 | Computer Name = pepa-PC | Source = MCUpdate | ID = 0
Description = 22:26:04 - Chyba při připojování k Internetu 22:26:04 - Nelze kontaktovat
server..

[ System Events ]
Error - 23.9.2012 9:08:46 | Computer Name = pepa-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 23.9.2012 9:08:46 | Computer Name = pepa-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Search bylo dosaženo časového
limitu (30000 ms).

Error - 23.9.2012 9:08:46 | Computer Name = pepa-PC | Source = Service Control Manager | ID = 7000
Description = Služba Windows Search neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 23.9.2012 17:09:02 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:15 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:24 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:31 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:40 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:49 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

Error - 23.9.2012 17:09:56 | Computer Name = pepa-PC | Source = cdrom | ID = 262151
Description = Zařízení \Device\CdRom0 má chybný blok.

< End of report >

Omlouvam se za zdrzeni, mel jsem cely den pracovni a pak nejake rodinne zalezitosti

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&c ... =120885386
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyBzytByDyDyByEtCzyzztN0D0Tzu0CtByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=120885386
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyBzytByDyDyByEtCzyzztN0D0Tzu0CtByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=120885386
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = http://mystart.incredibar.com/mb128?a=6OyLPr4kA9&i=26
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.seznam.cz/
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\URLSearchHook: {246adb73-110d-4be4-868a-abf6d2d90fd3} - No CLSID value found
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=CZ&install_date=20120813&user_guid=1F0D4CEEBD17479CA14FB7BC0AE91BF0&machine_id=31fdd4094e1f1dcb686ffe76e0e1cf46&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.searchya.com/?q={searchTerms}&s=1&a=foxtab&chnl=&cd=2XzuyEtN2Y1L1Qzu0CzzyCtDtDtDyBzytByDyDyByEtCzyzztN0D0Tzu0CtByEyBtN1L2XzutBtFtCtFtCtFtAtCtB&cr=120885386
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110808&tt=3612_2&babsrc=SP_ss&mntrId=e2264198000000000000c86000792557
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=8R&apn_dtid=YYYYYYYYCZ&apn_uid=DC5C910D-992D-460A-93CB-D579FCAB4A58&apn_sauid=B6931B00-C262-4BBA-A589-8EA92066D481
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_csCZ497
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6OyLPr4kA9&i=26
FF - prefs.js..browser.search.defaultthis.engineName: "TVce Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2668301&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "TVce Customized Web Search"
FF - prefs.js..extensions.enabledAddons: crossriderapp11825@crossrider.com:0.83.2
FF - prefs.js..extensions.enabledAddons: ffxtlbr@incredibar.com:1.5.0
FF - prefs.js..extensions.enabledAddons: ffxtlbr@searchya.com:1.5.1
FF - prefs.js..extensions.enabledAddons: gencrawler@some.com:2.6
FF - prefs.js..extensions.enabledAddons: plugin@yontoo.com:1.20.00
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.485
FF - prefs.js..extensions.enabledAddons: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2668301&SearchSource=2&q="
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Users\pepa\Desktop\hry\Ubisoft Game Launcher\npuplaypc.dll File not found
[2012.09.04 20:23:09 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com
[2012.09.03 12:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged
[2012.09.28 22:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions
[2012.09.04 08:28:56 | 000,000,000 | ---D | M] (TVce Community Toolbar) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}
[2012.09.28 21:10:46 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.08.25 10:25:53 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com
[2012.08.22 21:02:23 | 000,000,000 | ---D | M] ("BcoolApp") -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com
[2012.08.22 20:58:42 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com
[2012.09.03 12:50:26 | 000,000,000 | ---D | M] (searchya.com) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com
[2012.09.04 20:23:09 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com
[2012.09.02 21:13:14 | 000,000,911 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\conduit.xml
[2012.09.15 10:13:24 | 000,000,487 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\GadgetBox.xml
[2012.08.22 20:58:10 | 000,002,203 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\MyStart Search.xml
[2012.09.03 12:50:28 | 000,002,323 | ---- | M] () -- C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\Search.xml
[2012.09.09 21:19:45 | 000,003,751 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.09.03 13:28:11 | 000,002,349 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.09.03 13:28:43 | 000,000,000 | ---D | M] (General Crawler) -- C:\USERS\PEPA\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR - Extension: BcoolApp = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\crossrider
CHR - Extension: BcoolApp = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\
CHR - Extension: Yontoo = C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
O2 - BHO: (BcoolApp) - {11111111-1111-1111-1111-110111181125} - C:\Program Files (x86)\BcoolApp\BcoolApp.dll (BcoolTeam)
O2 - BHO: (Ironsource LTD Helper Object) - {25927741-5E5B-4D27-8D8B-9188FE64373F} - C:\Program Files (x86)\SearchYa!\1.5.25.0\bh\searchya.dll (Montera Technologeis LTD)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (SearchYa Toolbar) - {33AA308B-B565-4376-AC66-59EE9B6AD13E} - C:\Program Files (x86)\SearchYa!\1.5.25.0\searchyaTlbr.dll (Montera Technologeis LTD)
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {246ADB73-110D-4BE4-868A-ABF6D2D90FD3} - No CLSID value found.
O3 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: clonewarsadventures.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: freerealms.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: soe.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: sony.com ([]* in Důvěryhodné servery)
O15 - HKU\S-1-5-21-1103553103-3746867903-610120872-1001\..Trusted Domains: vizzed.com ([www] * in Důvěryhodné servery)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{a02819db-e534-11e1-af3b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e1e7944a-f196-11e1-a191-c86000792557}\Shell - "" = AutoRun
[2012.09.03 13:28:06 | 000,000,000 | ---D | M] -- C:\Users\pepa\AppData\Roaming\Babylon
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2012.09.28 22:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 09:40:19 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.09.28 23:10:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:0A8E2C33

:services
Updater Service for StartNow Toolbar
gupdate
gupdatem

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"uTorrent"=-
"Optimizer Pro"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=-

:files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Program Files (x86)\StartNow Toolbar
C:\Program Files (x86)\Incredibar.com
C:\Program Files (x86)\Ask.com
C:\PROGRA~2\SearchYa!
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

tady to je

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4973C6C8-4014-515D-9D57-67E2CD0632BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Backup.Old.Start Page| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Restore| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKU\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{246adb73-110d-4be4-868a-abf6d2d90fd3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{246adb73-110d-4be4-868a-abf6d2d90fd3}\ not found.
HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0388404D-6072-4CEB-B521-8F090FEAEE57}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4973C6C8-4014-515D-9D57-67E2CD0632BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4973C6C8-4014-515D-9D57-67E2CD0632BB}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
Prefs.js: "TVce Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "TVce Customized Web Search" removed from browser.search.selectedEngine
Prefs.js: crossriderapp11825@crossrider.com:0.83.2 removed from extensions.enabledAddons
Prefs.js: ffxtlbr@incredibar.com:1.5.0 removed from extensions.enabledAddons
Prefs.js: ffxtlbr@searchya.com:1.5.1 removed from extensions.enabledAddons
Prefs.js: gencrawler@some.com:2.6 removed from extensions.enabledAddons
Prefs.js: plugin@yontoo.com:1.20.00 removed from extensions.enabledAddons
Prefs.js: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.485 removed from extensions.enabledAddons
Prefs.js: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.5.6 removed from extensions.enabledAddons
Prefs.js: "http://search.conduit.com/ResultsExt.as ... ource=2&q=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\ubisoft.com/uplaypc\ deleted successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\META-INF folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged\ffxtlbr@searchya.com\content\imgs\flgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged\ffxtlbr@searchya.com\content\imgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged\ffxtlbr@searchya.com\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged\ffxtlbr@searchya.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\staged folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\searchplugin folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\Plugins folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\modules folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\META-INF folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\defaults folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\components folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\chrome folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3} folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\skin folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\META-INF folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\locale\en-US folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\locale folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\defaults\preferences folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\defaults folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com\content\imgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com\content\imgs\flgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com\content\imgs folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\skin folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\locale\en-US folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\locale folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\defaults\preferences folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\defaults folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\chrome\content folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\chrome folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com\plugins folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com\META-INF folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com folder moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions folder moved successfully.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{246adb73-110d-4be4-868a-abf6d2d90fd3}\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\battlefieldheroespatcher@ea.com\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\crossriderapp11825@crossrider.com\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@incredibar.com\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\ffxtlbr@searchya.com\ not found.
Folder C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\extensions\plugin@yontoo.com\ not found.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\conduit.xml moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\GadgetBox.xml moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\MyStart Search.xml moved successfully.
C:\Users\pepa\AppData\Roaming\Mozilla\Firefox\Profiles\szsav9z7.default\searchplugins\Search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
C:\USERS\PEPA\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM\chrome\content folder moved successfully.
C:\USERS\PEPA\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM\chrome folder moved successfully.
C:\USERS\PEPA\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\GENCRAWLER@SOME.COM folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to remove the default_search_provider items.
File C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\crossrider not found.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\js\lib folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\js\api folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\js folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\icons\notifications folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\icons\actions folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0\icons folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\maeiepphbmmcgpcnalhdnobgijjphace\1.18.2_0 folder moved successfully.
C:\Users\pepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111181125}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110111181125}\ deleted successfully.
C:\Program Files (x86)\BcoolApp\BcoolApp.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F}\ deleted successfully.
C:\Program Files (x86)\SearchYa!\1.5.25.0\bh\searchya.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ deleted successfully.
C:\Program Files (x86)\Yontoo\YontooIEClient.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{33AA308B-B565-4376-AC66-59EE9B6AD13E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E}\ deleted successfully.
C:\Program Files (x86)\SearchYa!\1.5.25.0\searchyaTlbr.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{246ADB73-110D-4BE4-868A-ABF6D2D90FD3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{246ADB73-110D-4BE4-868A-ABF6D2D90FD3}\ not found.
Registry value HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-1103553103-3746867903-610120872-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\vizzed.com\www\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a02819db-e534-11e1-af3b-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a02819db-e534-11e1-af3b-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e1e7944a-f196-11e1-a191-c86000792557}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e1e7944a-f196-11e1-a191-c86000792557}\ not found.
C:\Users\pepa\AppData\Roaming\Babylon folder moved successfully.
C:\Windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP\WiseCustomCalla.dll deleted successfully.
C:\Windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP folder deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD661.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP40A7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1199.tmp deleted successfully.
C:\Windows\Installer\MSI3084.tmp deleted successfully.
C:\Windows\Installer\MSI5797.tmp deleted successfully.
C:\Windows\Installer\MSI6CC2.tmp deleted successfully.
C:\Windows\Installer\MSI78B1.tmp deleted successfully.
C:\Windows\Installer\MSI7FE2.tmp deleted successfully.
C:\Windows\Installer\MSI8BBF.tmp deleted successfully.
C:\Windows\Installer\MSIB2C2.tmp deleted successfully.
C:\Windows\Installer\MSIC484.tmp deleted successfully.
C:\Windows\Installer\MSIC79.tmp deleted successfully.
C:\Windows\Installer\MSIE46F.tmp deleted successfully.
C:\Windows\Installer\MSIF18.tmp deleted successfully.
C:\Windows\Installer\MSIF37B.tmp deleted successfully.
C:\Windows\Installer\MSIF86C.tmp deleted successfully.
C:\Windows\Installer\MSIFD4.tmp deleted successfully.
C:\Windows\System32\tmp7F8F.tmp deleted successfully.
C:\Windows\System32\tmp7FFD.tmp deleted successfully.
C:\Windows\Temp\CR_BC090.tmp\SETUP_PATCH.PACKED.7Z deleted successfully.
C:\Windows\Temp\CR_BC090.tmp folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\ProgramData\TEMP:0A8E2C33 deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named Updater Service for StartNow Toolbar was found to stop!
Service\Driver key Updater Service for StartNow Toolbar not found.
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\VirtualCloneDrive deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
File\Folder C:\Program Files (x86)\StartNow Toolbar not found.
File\Folder C:\Program Files (x86)\Incredibar.com not found.
File\Folder C:\Program Files (x86)\Ask.com not found.
C:\PROGRA~2\SearchYa!\1.5.25.0\bh folder moved successfully.
C:\PROGRA~2\SearchYa!\1.5.25.0 folder moved successfully.
C:\PROGRA~2\SearchYa! folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pepa
->Temp folder emptied: 26175169 bytes
->Temporary Internet Files folder emptied: 21128273 bytes
->FireFox cache emptied: 57019106 bytes
->Google Chrome cache emptied: 359561137 bytes
->Flash cache emptied: 1270 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 24280 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 212629 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 443,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: pepa
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: pepa

User: Public

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10012012_084841

Files\Folders moved on Reboot...
C:\Users\pepa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL udelalo co melo, jak se chova PC

zdravím, je to v pohodě

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

děkuji za Vaši ochotu a pomoc

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

A na zaklade Pravidla o zamykani temat

VIRY.CZ

prosím o kontrolu

prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu

Re: prosím o kontrolu