VIRY.CZ

Zdravím,

jak koukám, tak v poslední době má dost lidí problém s tímto virem a bohužel stejný problém postihl i můj počítač (problém začal, když se otevřelo vyskakovací okno při brouzdání po internetu v Mozille). Počítač běží v nouzovém režimu v pohodě.

Předem děkuji za všechny rady.

Zde přikládám RSIT log, bohužel při spuštění s připojením k internetu RSIT přestane odpovídat při kroku Running HijackThis (nechal jsem jej běžet celé dopoledne a bohužel se nerozběhl ani po 5 hodinách), takže nevím, zda log pomůže.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Ouředník at 2013-05-21 15:37:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 27 GB (54%) free of 50 GB
Total RAM: 3326 MB (92% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AutoKMS.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}]
Zonealarm Helper Object - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.24.4\bh\zonealarm.dll [2012-05-29 269416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-12-30 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-04-30 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-12-30 170416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - ZoneAlarm Security Toolbar - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.24.4\zonealarmTlbr.dll [2012-05-29 277096]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-04-30 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-04-05 98304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-08-08 348664]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-04-30 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-06-21 73392]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-08-17 20064872]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OscarEditor"=C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2010-07-22 2636800]

C:\Documents and Settings\Ouředník\Nabídka Start\Programy\Po spuštění
msconfig.lnk - C:\WINDOWS\system32\rundll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-04-06 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 4171424]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"D:\GAMES\STEAM\Steam.exe"="D:\GAMES\STEAM\Steam.exe:*:Enabled:Steam"
"C:\WINDOWS\KMSEmulator.exe"="C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\GAMES\STEAM\steamapps\common\left 4 dead\left4dead.exe"="D:\GAMES\STEAM\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"D:\GAMES\STEAM\steamapps\common\Legend of Grimrock\grimrock.exe"="D:\GAMES\STEAM\steamapps\common\Legend of Grimrock\grimrock.exe:*:Enabled:Legend of Grimrock"
"D:\GAMES\STEAM\steamapps\common\dota 2 beta\dota.exe"="D:\GAMES\STEAM\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\GAMES\STEAM\steamapps\common\Team Fortress 2\hl2.exe"="D:\GAMES\STEAM\steamapps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7M\ICQ.exe"="C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"

======List of files/folders created in the last 1 months======

2013-05-21 15:04:43 ----A---- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
2013-05-21 13:36:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-05-21 12:37:59 ----D---- C:\rsit
2013-05-21 08:25:21 ----D---- C:\Program Files\trend micro
2013-05-21 08:13:19 ----A---- C:\Documents and Settings\All Users\Data aplikací\inirgz6.js
2013-05-21 07:36:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-05-21 06:44:39 ----A---- C:\WINDOWS\ntbtlog.txt
2013-05-21 01:02:10 ----A---- C:\Documents and Settings\All Users\Data aplikací\as98213.txt
2013-05-16 00:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-16 00:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-05-15 16:00:34 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 months======

2013-05-21 15:13:13 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-21 15:13:11 ----D---- C:\WINDOWS\Temp
2013-05-21 15:09:51 ----D---- C:\WINDOWS\system32\drivers
2013-05-21 15:05:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-21 15:05:11 ----D---- C:\WINDOWS\Prefetch
2013-05-21 15:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2013-05-21 13:36:52 ----RD---- C:\Program Files
2013-05-21 08:25:02 ----SHD---- C:\RECYCLER
2013-05-21 08:12:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-05-21 06:50:51 ----D---- C:\WINDOWS\system32
2013-05-21 06:44:50 ----D---- C:\Documents and Settings
2013-05-21 06:44:39 ----D---- C:\WINDOWS
2013-05-19 01:21:05 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-16 08:13:22 ----RSD---- C:\WINDOWS\assembly
2013-05-16 08:13:22 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-16 00:44:02 ----HD---- C:\WINDOWS\inf
2013-05-16 00:44:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-05-16 00:43:59 ----D---- C:\Program Files\Internet Explorer
2013-05-16 00:43:49 ----D---- C:\WINDOWS\ie8updates
2013-05-16 00:43:42 ----SHD---- C:\WINDOWS\Installer
2013-05-16 00:43:21 ----D---- C:\WINDOWS\WinSxS
2013-05-16 00:39:21 ----A---- C:\WINDOWS\imsins.BAK
2013-05-16 00:39:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-16 00:38:32 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-16 00:37:10 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-15 17:00:51 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-07 06:22:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-05-02 00:52:49 ----D---- C:\Program Files\Mozilla Firefox
2013-04-24 21:41:46 ----D---- C:\WINDOWS\system32\config

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-04-27 137928]
S1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2012-04-16 36000]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
S1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2012-06-21 526640]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-04-25 83392]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
S2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-04-06 7746048]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2012-02-23 99856]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-08-30 6435432]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2011-07-06 4137960]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-12-08 327400]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 109328]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AntiVirService;Avira Echtzeit Scanner; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-02 110032]
S2 AntiVirSchedulerService;Avira Planer; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-02 86224]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-04-06 647168]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 497280]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-12-30 170408]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944]
S2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-06-21 2445880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-12-22 541760]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Extras.txt

OTL Extras logfile created on: 21.5.2013 16:15:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ouředník\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 88,32% Memory free
5,09 Gb Paging File | 4,88 Gb Available in Paging File | 95,84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 26,12 Gb Free Space | 53,50% Space Free | Partition Type: NTFS
Drive D: | 649,80 Gb Total Space | 540,74 Gb Free Space | 83,22% Space Free | Partition Type: NTFS

Computer Name: OU-B8A560E8A896 | User Name: Ouředník | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:Instalátor AVG
"C:\Program Files\ICQ7M\ICQ.exe" = C:\Program Files\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"D:\GAMES\STEAM\Steam.exe" = D:\GAMES\STEAM\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\WINDOWS\KMSEmulator.exe" = C:\WINDOWS\KMSEmulator.exe:*:Enabled:KMSEmulator
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"D:\GAMES\STEAM\steamapps\common\left 4 dead\left4dead.exe" = D:\GAMES\STEAM\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead -- ()
"D:\GAMES\STEAM\steamapps\common\Legend of Grimrock\grimrock.exe" = D:\GAMES\STEAM\steamapps\common\Legend of Grimrock\grimrock.exe:*:Enabled:Legend of Grimrock -- ()
"D:\GAMES\STEAM\steamapps\common\dota 2 beta\dota.exe" = D:\GAMES\STEAM\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2 -- ()
"D:\GAMES\STEAM\steamapps\common\Team Fortress 2\hl2.exe" = D:\GAMES\STEAM\steamapps\common\Team Fortress 2\hl2.exe:*:Enabled:Team Fortress 2 -- ()

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00DF228D-0F08-9C76-F2D9-2FB5000439EB}" = CCC Help Thai
"{03D375B0-8750-5182-0F7A-2E7478EB53F6}" = CCC Help Finnish
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04B7FE00-9D1E-FAB5-6AE3-9570CCF43058}" = CCC Help Japanese
"{07AC654E-38B1-410A-E655-7C7D975F9986}" = Catalyst Control Center InstallProxy
"{0AF50818-4920-620E-C71B-7EE0440AE1EC}" = CCC Help Korean
"{0F3BEAD5-4368-4CBC-9876-11B8475DE285}" = OSCAR Editor
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{18EC172E-2FBB-1C87-36D5-D87C3FF393D3}" = CCC Help French
"{1962E9F3-7870-DA54-3A18-2669DF9DE216}" = ccc-utility
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D9B22F5-D40C-38FA-46E4-11D8E0F0CB95}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21082652-1361-FA14-14C2-6048A6B30209}" = CCC Help Chinese Standard
"{24A4214B-819F-D5C8-3EB6-23098FD0E7E4}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2D2B857A-2D9A-62EC-0C8B-143A67D44BAA}" = CCC Help Spanish
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{356B2830-696A-888B-F501-9223ABF478FB}" = CCC Help Czech
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DECEA7E-BC27-5B1D-10CE-CB1BBA0DD4CA}" = Catalyst Control Center Graphics Previews Common
"{41245369-03C6-873A-0E5A-F5296A1213B9}" = CCC Help Hungarian
"{45EB96EE-AC25-5797-FAC5-78025043708F}" = Catalyst Control Center
"{4B33371A-C04F-48D3-980C-285369ECD634}" = ZoneAlarm Firewall
"{50542AEE-76BD-4BCD-A890-E2FF4D4E051A}" = Camtasia Studio 8
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{59CB0414-01D1-D394-5CD7-8A6845F45947}" = CCC Help Italian
"{6E0B6D9B-9C27-095E-33CE-057D2677C80F}" = CCC Help Russian
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{7803FC29-BB90-F52B-13F6-BC480DFB0ACD}" = CCC Help Swedish
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1" = FVD Suite 3.0.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUSR_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{8148DB19-71B1-4415-8B26-DF5B9E873FC3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{EEF3E2C0-135B-44DC-BEDD-7F01CFBEFF46}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUSR_{E6C0DAE8-3840-4117-AB4D-674930D0DDE9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{911FEE13-483C-CABD-B024-993E97A07F18}" = CCC Help Dutch
"{986D042E-5211-3D34-0DB0-2FB3FFF00C39}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A057B18B-71F3-7C99-5948-7727EC9C0923}" = CCC Help Portuguese
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.6.943
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{ACD8576E-C02F-0118-9D06-2E65BCEC3540}" = CCC Help English
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4C255FE-BE15-4C06-AAD9-A08F2DBB2E39}" = ZoneAlarm Security
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CBBEDBF2-0095-A8BD-891E-E3245D388F90}" = CCC Help German
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D158588C-B6A4-636B-2A24-38C15EAD2D5C}" = Catalyst Control Center Localization All
"{D67107F9-3DFB-9D54-434B-028CA4F1ADF2}" = AMD Catalyst Install Manager
"{DBBD6080-FB66-FD07-EE8B-7B0D5EA509A9}" = CCC Help Chinese Traditional
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB53C441-9BF0-30F4-6537-F7A3F26058C5}" = CCC Help Norwegian
"{FF34CC98-7A5D-FDA1-3EE9-CF628A45EA4F}" = CCC Help Greek
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adventure Inlay" = GameHouse Games Collection: Adventure Inlay
"Adventure Inlay - Safari Edition" = GameHouse Games Collection: Adventure Inlay - Safari Edition
"Aloha Solitaire" = GameHouse Games Collection: Aloha Solitaire
"Aloha TriPeaks" = GameHouse Games Collection: Aloha TriPeaks
"Ancient Tri-Jong" = GameHouse Games Collection: Ancient Tri-Jong
"Ancient Tripeaks" = GameHouse Games Collection: Ancient Tripeaks
"Astrobatics" = GameHouse Games Collection: Astrobatics
"Atlantis" = GameHouse Games Collection: Atlantis
"Atomaders" = GameHouse Games Collection: Atomaders
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bejeweled 2" = GameHouse Games Collection: Bejeweled 2
"Bewitched" = GameHouse Games Collection: Bewitched
"Big Kahuna Reef" = GameHouse Games Collection: Big Kahuna Reef
"Boggle Supreme" = GameHouse Games Collection: Boggle Supreme
"Bounce Out Blitz" = GameHouse Games Collection: Bounce Out Blitz
"Casino Island To Go" = GameHouse Games Collection: Casino Island To Go
"Collapse! Crunch" = GameHouse Games Collection: Collapse! Crunch
"Combo Chaos!" = GameHouse Games Collection: Combo Chaos!
"Crystal Path" = GameHouse Games Collection: Crystal Path
"Cubis Gold 2" = GameHouse Games Collection: Cubis Gold 2
"Digby's Donuts" = GameHouse Games Collection: Digby's Donuts
"Diner Dash" = GameHouse Games Collection: Diner Dash
"Feeding Frenzy" = GameHouse Games Collection: Feeding Frenzy
"Fiber Twig" = GameHouse Games Collection: Fiber Twig
"Five Card Deluxe" = GameHouse Games Collection: Five Card Deluxe
"Flip Words" = GameHouse Games Collection: Flip Words
"Flying Leo" = GameHouse Games Collection: Flying Leo
"FormatFactory" = FormatFactory 2.95
"Fortune Tiles Gold" = GameHouse Games Collection: Fortune Tiles Gold
"Fresco Wizard" = GameHouse Games Collection: Fresco Wizard
"GameHouse Sudoku" = GameHouse Games Collection: GameHouse Sudoku
"Gearz" = GameHouse Games Collection: Gearz
"Granny in Paradise" = GameHouse Games Collection: Granny in Paradise
"Gutterball" = GameHouse Games Collection: Gutterball
"Gutterball 2" = GameHouse Games Collection: Gutterball 2
"Hamsterball" = GameHouse Games Collection: Hamsterball
"Hello!" = GameHouse Games Collection: Hello!
"Holiday Express" = GameHouse Games Collection: Holiday Express
"Chainz" = GameHouse Games Collection: Chainz
"Chainz 2: Relinked" = GameHouse Games Collection: Chainz 2 - Relinked
"Charm Solitaire" = GameHouse Games Collection: Charm Solitaire
"Charm Tale" = GameHouse Games Collection: Charm Tale
"Chicktionary" = GameHouse Games Collection: Chicktionary
"Chuzzle Deluxe" = GameHouse Games Collection: Chuzzle Deluxe
"ie8" = Windows Internet Explorer 8
"Iggle Pop!" = GameHouse Games Collection: Iggle Pop!
"Incadia" = GameHouse Games Collection: Incadia
"Incredible Ink" = GameHouse Games Collection: Incredible Ink
"Insaniquarium Deluxe" = GameHouse Games Collection: Insaniquarium Deluxe
"Inspector Parker" = GameHouse Games Collection: Inspector Parker
"InstallShield_{0F3BEAD5-4368-4CBC-9876-11B8475DE285}" = X7 Oscar Editor
"Invadazoid" = GameHouse Games Collection: Invadazoid
"Jewel Quest" = GameHouse Games Collection: Jewel Quest
"Lemonade Tycoon" = GameHouse Games Collection: Lemonade Tycoon
"Luxor" = GameHouse Games Collection: Luxor
"Mad Caps" = GameHouse Games Collection: Mad Caps
"Magic Ball 2" = GameHouse Games Collection: Magic Ball 2
"Magic Ball 2 - New Worlds" = GameHouse Games Collection: Magic Ball 2 - New Worlds
"Magic Ball Deluxe" = GameHouse Games Collection: Magic Ball
"Magic Inlay" = GameHouse Games Collection: Magic Inlay
"Magic Vines" = GameHouse Games Collection: Magic Vines
"Mah Jong Adventures" = GameHouse Games Collection: Mah Jong Adventures
"Mah Jong Medley" = GameHouse Games Collection: Mah Jong Medley
"Mah Jong Quest" = GameHouse Games Collection: Mah Jong Quest
"Mahjong Garden To Go" = GameHouse Games Collection: Mahjong Garden To Go
"Mahjong Towers Eternity" = GameHouse Games Collection: Mahjong Towers Eternity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Maui Wowee" = GameHouse Games Collection: Maui Wowee
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Montezumova pomsta" = Montezumova pomsta
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 cs)" = Mozilla Firefox 16.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Phlinx To Go" = GameHouse Games Collection: Phlinx To Go
"Pin High Country Club Golf" = GameHouse Games Collection: Pin High Country Club Golf
"Pizza Frenzy" = GameHouse Games Collection: Pizza Frenzy
"Platypus" = GameHouse Games Collection: Platypus
"Poker Superstars" = GameHouse Games Collection: Poker Superstars
"Puzzle Express" = GameHouse Games Collection: Puzzle Express
"Puzzle Inlay" = GameHouse Games Collection: Puzzle Inlay
"Puzzle Solitaire" = GameHouse Games Collection: Puzzle Solitaire
"QBz" = GameHouse Games Collection: QBz
"Reader's Digest Super Word Power" = GameHouse Games Collection: Reader's Digest Super Word Power
"Ricochet" = GameHouse Games Collection: Ricochet
"Ricochet Lost Worlds" = GameHouse Games Collection: Ricochet Lost Worlds
"Ricochet Lost Worlds: Recharged" = GameHouse Games Collection: Ricochet Lost Worlds - Recharged
"Roller Rush" = GameHouse Games Collection: Roller Rush
"Saints & Sinners Bingo" = GameHouse Games Collection: Saints & Sinners Bingo
"SCRABBLE" = GameHouse Games Collection: SCRABBLE
"Shape Shifter" = GameHouse Games Collection: Shape Shifter
"Slingo Deluxe" = GameHouse Games Collection: Slingo Deluxe
"SpeedFan" = SpeedFan (remove only)
"Spelvin" = GameHouse Games Collection: Spelvin
"Splash" = GameHouse Games Collection: Splash
"Spring Sprang Sprung" = GameHouse Games Collection: Spring Sprang Sprung
"Steam App 207170" = Legend of Grimrock
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 570" = Dota 2
"Super 5-Line Slots" = GameHouse Games Collection: Super 5-Line Slots
"Super Blackjack!" = GameHouse Games Collection: Super Blackjack!
"Super Bounce Out!" = GameHouse Games Collection: Super Bounce Out!
"Super Candy Cruncher" = GameHouse Games Collection: Super Candy Cruncher
"Super Collapse!" = GameHouse Games Collection: Super Collapse!
"Super Collapse! II" = GameHouse Games Collection: Super Collapse! II
"Super Collapse! II Platinum" = GameHouse Games Collection: Super Collapse! II Platinum
"Super Fruit Frolic" = GameHouse Games Collection: Super Fruit Frolic
"Super GameHouse Solitaire Vol. 1" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 1
"Super GameHouse Solitaire Vol. 2" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 2
"Super GameHouse Solitaire Vol. 3" = GameHouse Games Collection: Super GameHouse Solitaire Vol. 3
"Super Gem Drop" = GameHouse Games Collection: Super Gem Drop
"Super Glinx!" = GameHouse Games Collection: Super Glinx!
"Super Letter Linker" = GameHouse Games Collection: Super Letter Linker
"Super Mah Jong Solitaire" = GameHouse Games Collection: Super Mah Jong Solitaire
"Super Nisqually" = GameHouse Games Collection: Super Nisqually
"Super PileUp!" = GameHouse Games Collection: Super PileUp!
"Super Pool" = GameHouse Games Collection: Super Pool
"Super Pop & Drop!" = GameHouse Games Collection: Super Pop & Drop!
"Super Rumble Cube" = GameHouse Games Collection: Super Rumble Cube
"Super SpongeBob Collapse!" = GameHouse Games Collection: Super SpongeBob Collapse!
"Super TextTwist" = GameHouse Games Collection: Super TextTwist
"Super WHATword" = GameHouse Games Collection: Super WHATword
"Super Wild Wild Words" = GameHouse Games Collection: Super Wild Wild Words
"Tap a Jam" = GameHouse Games Collection: Tap a Jam
"Ten Pin Championship Bowling Pro" = GameHouse Games Collection: Ten Pin Championship Bowling Pro
"Tennis Titans" = GameHouse Games Collection: Tennis Titans
"Totalcmd" = Total Commander (Remove or Repair)
"Tradewinds 2" = GameHouse Games Collection: Tradewinds 2
"Trivia Machine" = GameHouse Games Collection: Trivia Machine
"Tropical Swaps" = GameHouse Games Collection: Tropical Swaps
"Tumblebugs" = GameHouse Games Collection: Tumblebugs
"Turtle Bay" = GameHouse Games Collection: Turtle Bay
"Twistingo" = GameHouse Games Collection: Twistingo
"Ultimate Dominoes" = GameHouse Games Collection: Ultimate Dominoes
"Varmintz Deluxe" = GameHouse Games Collection: Varmintz Deluxe
"VLC media player" = VLC media player 2.0.1
"Walls of Jericho, The" = GameHouse Games Collection: Walls of Jericho, The
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
"Zuma Deluxe" = GameHouse Games Collection: Zuma Deluxe

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20.2.2013 19:30:59 | Computer Name = OU-B8A560E8A896 | Source = Application Error | ID = 1000
Description = Chybující aplikace HelpCtr.exe, verze 5.1.2600.5512, chybující modul
ieframe.dll, verze 8.0.6001.19394, adresa chyby 0x000b89dd.

Error - 1.3.2013 23:46:22 | Computer Name = OU-B8A560E8A896 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 9.3.2013 20:15:51 | Computer Name = OU-B8A560E8A896 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 10.3.2013 23:51:59 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application mom.exe, version 2.0.0.0, stamp 49ef8e68, faulting
module mscorwks.dll, version 2.0.50727.3643, stamp 50405371, debug? 0, fault address
0x0010ad96.

Error - 16.4.2013 23:57:05 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application ccc.exe, version 2.0.0.0, stamp 4c90e454, faulting
module mscorwks.dll, version 2.0.50727.3643, stamp 50405371, debug? 0, fault address
0x0010ad96.

Error - 16.5.2013 0:23:39 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ Application Events ]
Error - 20.2.2013 19:30:59 | Computer Name = OU-B8A560E8A896 | Source = Application Error | ID = 1000
Description = Chybující aplikace HelpCtr.exe, verze 5.1.2600.5512, chybující modul
ieframe.dll, verze 8.0.6001.19394, adresa chyby 0x000b89dd.

Error - 1.3.2013 23:46:22 | Computer Name = OU-B8A560E8A896 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 9.3.2013 20:15:51 | Computer Name = OU-B8A560E8A896 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/m ... ootseq.txt>
se nezdařilo. Chyba: A connection with the server could not be established

Error - 10.3.2013 23:51:59 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application mom.exe, version 2.0.0.0, stamp 49ef8e68, faulting
module mscorwks.dll, version 2.0.50727.3643, stamp 50405371, debug? 0, fault address
0x0010ad96.

Error - 16.4.2013 23:57:05 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application ccc.exe, version 2.0.0.0, stamp 4c90e454, faulting
module mscorwks.dll, version 2.0.50727.3643, stamp 50405371, debug? 0, fault address
0x0010ad96.

Error - 16.5.2013 0:23:39 | Computer Name = OU-B8A560E8A896 | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
- Tried to start a service that wasn't the latest version of CLR Optimization service.
Will shutdown

[ System Events ]
Error - 21.5.2013 9:36:51 | Computer Name = OU-B8A560E8A896 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7001
Description = Služba Klient DHCP závisí na službě Rozhraní NetBios nad protokolem
TCP/IP, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7001
Description = Služba Klient DNS závisí na službě Ovladač protokolu TCP/IP, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7001
Description = Služba Podpora rozhraní NetBIOS nad protokolem TCP/IP závisí na službě
AFD, která neuspěla při spuštění v důsledku následující chyby: %%31

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7001
Description = Služba TrueVector Internet Monitor závisí na službě Vsdatant, která
neuspěla při spuštění v důsledku následující chyby: %%31

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7001
Description = Služba Služby IPSEC závisí na službě Ovladač IPSEC, která neuspěla
při spuštění v důsledku následující chyby: %%31

Error - 21.5.2013 9:37:45 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: AFD avipbb avkmgr Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss ssmdrv
Tcpip
Vsdatant

Error - 21.5.2013 9:38:34 | Computer Name = OU-B8A560E8A896 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 21.5.2013 9:41:10 | Computer Name = OU-B8A560E8A896 | Source = DCOM | ID = 10005
Description = Služba DCOM zjistila chybu %1084 při pokusu o spuštění služby EventSystem
s argumenty za účelem spuštění serveru: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 21.5.2013 9:42:29 | Computer Name = OU-B8A560E8A896 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: avipbb avkmgr Fips intelppm ssmdrv

< End of report >

OTL.txt

OTL logfile created on: 21.5.2013 16:15:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Ouředník\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,87 Gb Available Physical Memory | 88,32% Memory free
5,09 Gb Paging File | 4,88 Gb Available in Paging File | 95,84% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 48,83 Gb Total Space | 26,12 Gb Free Space | 53,50% Space Free | Partition Type: NTFS
Drive D: | 649,80 Gb Total Space | 540,74 Gb Free Space | 83,22% Space Free | Partition Type: NTFS

Computer Name: OU-B8A560E8A896 | User Name: Ouředník | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.05.21 16:10:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ouředník\Plocha\OTL.exe
PRC - [2012.06.21 15:58:50 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.15 17:00:52 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.30 05:35:00 | 000,170,408 | ---- | M] (Oracle Corporation) [Auto | Stopped] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.12.22 05:34:57 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.11.09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.24 19:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.21 15:58:50 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.30 21:05:22 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.06.21 15:29:14 | 000,526,640 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2012.04.30 21:05:40 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.04.06 07:16:18 | 007,746,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012.02.23 14:31:22 | 000,099,856 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.12.08 08:09:16 | 000,327,400 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011.08.30 11:28:46 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2011.07.06 12:16:08 | 004,137,960 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtKHDMI.sys -- (RTHDMIAzAudService)
DRV - [2011.03.18 18:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010.12.22 16:31:36 | 000,109,328 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009.11.18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={0448 ... 2012-06-20 10:38:33&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{B3F400C6-8319-4C17-B4B9-8A05EBDACA8B}: "URL" = http://websearch.ask.com/redirect?clien ... AA29FD9D85
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 81.177.143.140:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..extensions.enabledAddons: ffxtlbr@zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledAddons: artur.dubovoy@gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: flashcatch-amo@flashcatch.com:1.0.6.1
FF - prefs.js..extensions.enabledAddons: {9051303c-7e41-4311-a783-d6fe5ef2832d}:20.0.1
FF - prefs.js..extensions.enabledAddons: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.5.5
FF - prefs.js..extensions.enabledAddons: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:1.30

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012.06.24 00:08:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.28 09:13:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.06.23 23:58:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Extensions
[2013.05.09 14:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions
[2012.08.07 20:46:23 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\ffxtlbr@zonealarm.com
[2013.03.31 17:19:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\9t1jwze9.Nepojmenovaný\extensions
[2013.04.03 05:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions
[2013.03.01 17:50:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.04.03 05:31:53 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012.08.08 08:44:05 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\ffxtlbr@zonealarm.com
[2013.04.03 05:31:45 | 000,000,000 | ---D | M] (FlashCatch) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\flashcatch-amo@flashcatch.com
[2013.03.29 18:43:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\re2jjk7a.Petr\extensions
[2012.08.06 16:16:32 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\re2jjk7a.Petr\extensions\ffxtlbr@zonealarm.com
[2013.05.02 00:58:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions
[2012.09.19 18:02:50 | 000,000,000 | ---D | M] (Lightshot (screenshot tool)) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}
[2012.06.24 00:24:30 | 000,000,000 | ---D | M] (Html Validator) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2012.09.27 06:46:12 | 000,000,000 | ---D | M] (Fasterfox Lite) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\FasterFox_Lite@BigRedBrent
[2012.08.06 18:41:48 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\ffxtlbr@zonealarm.com
[2013.03.31 01:54:20 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\flashfirebug@o-minds.com
[2012.09.18 17:30:07 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\foxmarks@kei.com
[2012.11.23 07:22:46 | 000,000,000 | ---D | M] (MinimizeToTray revived (MinTrayR)) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\mintrayr@tn123.ath.cx
[2013.05.02 00:59:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\staged
[2013.03.03 08:46:20 | 000,134,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\adblockpopups@jessehakanen.net.xpi
[2012.08.10 17:14:15 | 000,617,362 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\check4change-owner@mozdev.org.xpi
[2012.08.26 20:59:07 | 000,005,001 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\ed2d7689120c3444fd05c2c76b652b0b@link.codefisher.org.xpi
[2012.08.09 15:50:45 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\elemhidehelper@adblockplus.org.xpi
[2013.03.30 18:07:48 | 000,305,092 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
[2012.11.27 23:55:06 | 000,065,551 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2013.05.09 14:00:32 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.31 17:19:49 | 000,305,092 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\9t1jwze9.Nepojmenovaný\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
[2013.03.10 03:41:15 | 000,275,665 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.12.30 04:46:04 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.04.03 05:31:45 | 000,349,484 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2013.04.03 05:31:51 | 000,305,092 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
[2013.04.01 18:57:51 | 000,221,336 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.02.16 02:58:41 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.20 06:45:29 | 000,698,867 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.03.29 18:43:30 | 000,305,092 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\re2jjk7a.Petr\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
[2013.03.03 14:41:41 | 000,269,007 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\re2jjk7a.Petr\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.03.04 05:41:56 | 000,134,804 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\adblockpopups@jessehakanen.net.xpi
[2013.04.16 19:25:47 | 000,159,732 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\addon@music-clips.net.xpi
[2013.03.11 02:10:34 | 000,275,665 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\artur.dubovoy@gmail.com.xpi
[2012.06.24 00:24:05 | 000,617,362 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\check4change-owner@mozdev.org.xpi
[2012.08.26 19:45:53 | 000,005,001 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\ed2d7689120c3444fd05c2c76b652b0b@link.codefisher.org.xpi
[2012.07.06 20:04:35 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\elemhidehelper@adblockplus.org.xpi
[2012.11.03 01:29:35 | 002,042,908 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\firebug@software.joehewitt.com.xpi
[2013.05.02 00:50:46 | 000,084,118 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\FirePHPExtension-Build@firephp.org.xpi
[2013.03.31 01:54:20 | 000,470,590 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\toolbar@mail.com.xpi
[2012.06.24 00:24:29 | 000,012,128 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{600452e8-6851-46db-80fd-fa571b2deaa7}.xpi
[2013.04.01 08:34:38 | 000,305,092 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi
[2012.11.28 06:29:56 | 000,065,551 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
[2013.02.15 02:20:53 | 000,817,280 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.03.04 05:41:56 | 000,269,007 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.03.04 05:41:56 | 000,062,130 | ---- | M] () (No name found) -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{e6c4c3ef-3d4d-42d6-8283-8da73c53a283}.xpi
[2012.10.28 09:13:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{9051303C-7E41-4311-A783-D6FE5EF2832D}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{BEE6EB20-01E0-EBD1-DA83-080329FB9A3A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\FFXTLBR@ZONEALARM.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\FLASHCATCH-AMO@FLASHCATCH.COM
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.11 06:47:24 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.10.11 06:47:24 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.10.11 06:47:24 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.10.11 06:47:24 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.10.11 06:47:24 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.24.4\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files\Check Point Software Technologies LTD\zonealarm\1.5.24.4\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\Run: [BrowserChoice] C:\WINDOWS\System32\browserchoice.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [BrowserChoice] C:\WINDOWS\System32\browserchoice.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-515967899-115176313-1801674531-1004..\Run: [OscarEditor] C:\Program Files\OSCAR Editor X7\OscarEditor.exe ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe (ICQ, LLC.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B1BF440-0C19-462C-9C3F-7BDB9FBC3377}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.19 15:27:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 10

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.tsc2 - C:\WINDOWS\system32\tsc2_codec32.dll (TechSmith Corporation)
Drivers32: vidc.tscc - C:\WINDOWS\system32\tsccvid.dll (TechSmith Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.21 16:10:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Ouředník\Plocha\OTL.exe
[2013.05.21 15:04:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.05.21 13:36:52 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.05.21 13:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.05.21 12:48:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Ouředník\Plocha\RK_Quarantine
[2013.05.21 12:37:59 | 000,000,000 | ---D | C] -- C:\rsit
[2013.05.21 08:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.05.21 07:36:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.05.15 16:00:34 | 017,613,192 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.05.21 16:17:19 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.21 16:10:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Ouředník\Plocha\OTL.exe
[2013.05.21 15:40:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.21 15:39:30 | 000,000,206 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2013.05.21 15:05:29 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.pad
[2013.05.21 15:04:43 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.05.21 13:36:55 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.05.21 12:48:13 | 000,816,128 | ---- | M] () -- C:\Documents and Settings\Ouředník\Plocha\RogueKiller.exe
[2013.05.21 12:36:30 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\Ouředník\Plocha\RSIT.exe
[2013.05.21 08:13:19 | 000,003,087 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.js
[2013.05.21 06:50:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.05.21 01:02:22 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Ouředník\Nabídka Start\Programy\Po spuštění\msconfig.lnk
[2013.05.21 01:02:01 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\6zgrini.dat
[2013.05.21 01:01:58 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\Ouředník\7854765.dll
[2013.05.21 01:00:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.19 08:19:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.19 01:21:06 | 000,472,866 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.19 01:21:06 | 000,468,026 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.05.19 01:21:06 | 000,075,960 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.19 01:21:05 | 000,087,742 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.05.16 06:21:42 | 000,192,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.16 00:39:21 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.05.15 17:00:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.05.15 17:00:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.05.15 17:00:47 | 017,613,192 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.05.21 16:17:19 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.21 13:36:55 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.05.21 12:48:12 | 000,816,128 | ---- | C] () -- C:\Documents and Settings\Ouředník\Plocha\RogueKiller.exe
[2013.05.21 12:36:28 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\Ouředník\Plocha\RSIT.exe
[2013.05.21 08:13:19 | 000,003,087 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.js
[2013.05.21 06:46:42 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.05.21 01:02:22 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\Ouředník\Nabídka Start\Programy\Po spuštění\msconfig.lnk
[2013.05.21 01:02:08 | 095,023,320 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.pad
[2013.05.21 01:02:01 | 000,147,456 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\6zgrini.dat
[2013.05.21 01:01:57 | 000,147,456 | ---- | C] () -- C:\Documents and Settings\Ouředník\7854765.dll
[2012.07.17 04:56:42 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2012.07.10 03:55:37 | 000,272,303 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-515967899-115176313-1801674531-1004-0.dat
[2012.07.10 03:55:37 | 000,206,642 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2012.07.06 09:34:55 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2012.06.24 08:47:20 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Ouředník\mm_backup.cfg
[2012.06.24 05:24:05 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2012.06.23 22:09:49 | 000,006,144 | ---- | C] () -- C:\Documents and Settings\Ouředník\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.19 17:49:37 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.19 17:33:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.06.19 17:33:15 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.06.19 17:33:15 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.06.19 17:33:15 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2012.06.19 17:22:32 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.06.19 17:16:20 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.06.19 17:15:18 | 000,192,184 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.19 15:29:16 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.06.19 15:25:34 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== ZeroAccess Check ==========

[2012.06.19 17:32:14 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 14:00:00 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 14:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.02.13 04:39:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acoustica
[2012.06.23 23:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CheckPoint
[2012.06.20 10:37:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.08.03 06:22:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GameBlend
[2012.06.23 23:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2012.07.09 15:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TechSmith
[2013.02.13 04:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Acoustica
[2012.07.01 14:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Check Point Software Technologies LTD
[2012.06.23 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\CheckPoint
[2012.10.08 02:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\FileZilla
[2012.07.11 18:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Friday's games
[2012.07.17 04:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\FVD Suite
[2012.06.23 22:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\GHISLER
[2013.02.14 02:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\ICQ
[2012.06.23 23:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\IObit
[2013.02.13 04:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\SynthMaker
[2012.07.09 15:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\TechSmith
[2012.07.17 04:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\VDownloader

========== Purity Check ==========

========== Custom Scans ==========

< >
[2012.06.19 15:26:23 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2012.06.19 15:31:35 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2012.06.24 05:24:05 | 000,000,206 | ---- | C] () -- C:\WINDOWS\Tasks\AutoKMS.job
[2013.01.14 06:11:04 | 000,000,914 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 14:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.04.14 14:00:00 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.04.14 14:00:00 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 14:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008.04.29 17:42:08 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 14:00:00 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.14 14:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 14:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.04.14 14:00:00 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 14:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2008.07.01 15:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.14 14:00:00 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB2509553$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 14:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 14:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
[2008.07.01 15:17:12 | 000,090,624 | ---- | M] () MD5=FBB39A4487E11F64DCFFD36AEC2D2216 -- C:\Program Files\CheckPoint\ZAForceField\Heuristics\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
[58 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.02.13 04:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Acoustica
[2012.10.09 11:27:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Adobe
[2012.06.19 17:35:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\ATI
[2012.06.23 23:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Avira
[2012.07.01 14:32:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Check Point Software Technologies LTD
[2012.06.23 23:41:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\CheckPoint
[2012.10.08 02:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\FileZilla
[2012.07.11 18:16:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Friday's games
[2012.07.17 04:45:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\FVD Suite
[2012.06.23 22:24:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\GHISLER
[2013.02.14 02:09:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\ICQ
[2012.06.19 15:32:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Identities
[2012.06.23 23:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\IObit
[2012.06.24 00:56:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Macromedia
[2013.02.03 18:39:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Microsoft
[2012.06.23 23:58:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla
[2013.03.07 01:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Skype
[2012.12.30 05:33:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\Sun
[2013.02.13 04:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\SynthMaker
[2012.07.09 15:29:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\TechSmith
[2012.07.17 04:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\VDownloader
[2013.04.18 07:12:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\vlc
[2012.12.31 03:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >
[2012.07.09 14:33:31 | 000,158,000 | ---- | M] () -- C:\Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\FlashGot.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.05.21 01:00:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.21 15:39:30 | 000,000,206 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2012.06.19 17:14:22 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2012.06.19 17:14:21 | 001,069,056 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2012.06.19 17:14:21 | 000,503,808 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.05.21 06:50:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\system32\d3d9caps.dat
[2013.05.19 01:21:05 | 000,087,742 | ---- | M] () -- C:\WINDOWS\system32\perfc005.dat
[2013.05.19 01:21:06 | 000,075,960 | ---- | M] () -- C:\WINDOWS\system32\perfc009.dat
[2013.05.19 01:21:06 | 000,468,026 | ---- | M] () -- C:\WINDOWS\system32\perfh005.dat
[2013.05.19 01:21:06 | 000,472,866 | ---- | M] () -- C:\WINDOWS\system32\perfh009.dat
[2013.05.19 01:21:05 | 001,120,900 | ---- | M] () -- C:\WINDOWS\system32\PerfStringBackup.INI
[2013.05.19 08:19:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 14:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"OscarEditor" = "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum -- [2010.07.22 14:18:08 | 002,636,800 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.10.11 03:04:29 | 000,917,984 | ---- | M] (Mozilla Corporation) MD5=BC03475EC281AA1E685388896ACADE8D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.21 16:17:19 | 000,000,512 | ---- | M] () MD5=2959D8D7BE213C0828315988E7AE69D1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.11.08 16:16:50 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.11.08 16:16:50 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.11.08 16:16:50 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2012.12.10 05:13:15 | 000,000,882 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\FVD Suite\FVD Downloader.lnk
[2012.07.17 04:56:43 | 000,001,550 | ---- | M] () -- \Documents and Settings\All Users\Nabídka Start\Programy\VDownloader\VDownloader.lnk
[2012.07.17 04:56:43 | 000,001,538 | ---- | M] () -- \Documents and Settings\All Users\Plocha\VDownloader.lnk
[2013.04.18 14:54:31 | 000,293,017 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\farm.maxgames.com\shadez3MTc1NQ==.swf\json.stats.loader.0.sol
[2013.05.20 11:43:46 | 000,000,121 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013.01.27 12:11:28 | 000,000,060 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\static4.kizi.com\system\static\games\heli-attack-3.swf\MiniclipLoaderAd.sol
[2013.02.05 13:33:37 | 000,000,060 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\superhry.cz\cnt_img\000\693.swf\MiniclipLoaderAd.sol
[2013.01.15 15:44:05 | 000,000,275 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\www.goplay.cz\games\Truck-Loader-4.swf\truckloader4.sol
[2013.01.05 11:28:41 | 000,000,060 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\www.miniclip.com\games\heli-attack-3\en\ha3miniclip.swf\MiniclipLoaderAd.sol
[2013.01.26 13:50:49 | 000,000,206 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Macromedia\Flash Player\#SharedObjects\L8JPGKFD\www8.agame.com\mirror\flash\t\Truck_loader2\TruckLoader2Spil.swf\truckloader2.sol
[2012.07.02 16:31:08 | 000,001,462 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\5nb1dho3.mama5\extensions\ffxtlbr@zonealarm.com\content\loader.xul
[2012.07.02 16:31:08 | 000,001,462 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\k9i3vzps.default\extensions\ffxtlbr@zonealarm.com\content\loader.xul
[2012.07.02 16:31:08 | 000,001,462 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\re2jjk7a.Petr\extensions\ffxtlbr@zonealarm.com\content\loader.xul
[2012.08.30 12:45:02 | 000,274,432 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\plugins\uploader.dll
[2012.07.02 16:31:08 | 000,001,462 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\ffxtlbr@zonealarm.com\content\loader.xul
[2013.01.25 04:51:35 | 000,000,621 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\images\UIComponents\UILoader.gif
[2013.01.25 04:51:35 | 000,000,621 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\flashfirebug@o-minds.com\chrome\content\themes\default\inspector\UIComponents\UILoader.gif
[2013.01.25 04:51:36 | 000,000,621 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\flashfirebug@o-minds.com\chrome\skin\classic\inspector\UIComponents\UILoader.gif
[2012.11.13 16:56:30 | 000,274,432 | ---- | M] () -- \Documents and Settings\Ouředník\Data aplikací\Mozilla\Firefox\Profiles\vst9jq23.kobra5\extensions\staged\{394DCBA4-1F92-4f8e-8EC9-8D2CB90CB69B}\components\uploader.dll
[2012.12.10 05:14:38 | 000,946,800 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temp\~hotfix-downloader.exe
[552 \Documents and Settings\Ouředník\Local Settings\Temp\*.tmp files -> \Documents and Settings\Ouředník\Local Settings\Temp\*.tmp -> ]
[2012.06.20 10:38:48 | 000,006,494 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temp\avg@toolbar\modules\skin\ajax-loader.gif
[2012.06.20 10:38:48 | 000,000,729 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temp\avg@toolbar\modules\skin\loader.gif
[2012.10.08 03:00:47 | 000,003,784 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temporary Internet Files\Content.IE5\0LBCG9J1\bundleloader[1].js
[2012.09.10 13:22:00 | 000,000,723 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temporary Internet Files\Content.IE5\0LBCG9J1\downloaderror[1].js
[2012.10.08 03:00:54 | 000,000,723 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temporary Internet Files\Content.IE5\0LBCG9J1\downloaderror[2].js
[2013.01.29 00:31:38 | 000,007,247 | ---- | M] () -- \Documents and Settings\Ouředník\Local Settings\Temporary Internet Files\Content.IE5\X34KFE7V\ajax-loader[1].gif
[2012.05.02 00:57:30 | 000,047,568 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.dll
[2012.05.02 00:57:39 | 000,232,912 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2012.05.02 00:59:06 | 001,715,152 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloadergui.dll
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.09.14 15:19:02 | 001,070,616 | ---- | M] () -- \Program Files\FVD Suite\FVD Downloader\FVD Downloader.exe
[2012.06.27 18:57:02 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012.06.27 18:57:03 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012.06.27 18:57:02 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.06.27 19:00:07 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2009.05.29 05:52:00 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012.06.28 10:23:28 | 000,002,223 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_azul_preloader.swf
[2012.06.28 10:23:28 | 000,001,841 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_outline_preloader.swf
[2012.06.28 10:23:28 | 000,001,810 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_black_preloader.swf
[2012.06.28 10:23:28 | 000,002,173 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_blue_preloader.swf
[2012.06.28 10:23:28 | 000,028,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_large_preloader.swf
[2012.06.28 10:23:28 | 000,017,183 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_branded_small_preloader.swf
[2012.06.28 10:23:28 | 000,002,140 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_gray_grad_preloader.swf
[2012.06.28 10:23:28 | 000,001,845 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp7_white_preloader.swf
[2012.06.28 10:23:28 | 000,002,278 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_azul_preloader.swf
[2012.06.28 10:23:28 | 000,001,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_outline_preloader.swf
[2012.06.28 10:23:28 | 000,001,863 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_black_preloader.swf
[2012.06.28 10:23:28 | 000,002,227 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_blue_preloader.swf
[2012.06.28 10:23:28 | 000,028,967 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_large_preloader.swf
[2012.06.28 10:23:28 | 000,017,248 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_branded_small_preloader.swf
[2012.06.28 10:23:28 | 000,002,204 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_gray_grad_preloader.swf
[2012.06.28 10:23:28 | 000,001,899 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\fp8_white_preloader.swf
[2012.06.28 10:23:28 | 000,236,529 | ---- | M] () -- \Program Files\TechSmith\Camtasia Studio 8\Media\Studio\Swf\Preloaders\preloaders_src.zip
[2011.09.27 16:18:22 | 001,614,848 | ---- | M] () -- \Program Files\VDownloader\VDownloader.exe
[2011.03.06 17:42:30 | 000,015,086 | ---- | M] () -- \Program Files\VDownloader\VDownloader.ico
[2011.09.27 16:14:10 | 000,284,160 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.dll
[2011.08.18 18:14:40 | 004,348,416 | ---- | M] () -- \Program Files\VDownloader\Addons\npVDownloader.dll
[2011.08.18 18:14:18 | 000,000,247 | ---- | M] () -- \Program Files\VDownloader\Addons\FireFox\chrome\content\vdownloader.xul
[2011.09.27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ar\VDownloader.resources.dll
[2011.09.27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\de\VDownloader.resources.dll
[2011.09.27 16:14:12 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\es\VDownloader.resources.dll
[2011.09.27 16:14:12 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\fr\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\hu\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\it\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\ja\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\ko\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,049,152 | ---- | M] () -- \Program Files\VDownloader\nl\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,032,768 | ---- | M] () -- \Program Files\VDownloader\pl\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,036,864 | ---- | M] () -- \Program Files\VDownloader\pt-BR\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,053,248 | ---- | M] () -- \Program Files\VDownloader\ru\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,028,672 | ---- | M] () -- \Program Files\VDownloader\sr\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\tr\VDownloader.resources.dll
[2011.09.27 16:14:14 | 000,045,056 | ---- | M] () -- \Program Files\VDownloader\zh-CHS\VDownloader.resources.dll
[2010.03.24 20:12:34 | 000,018,264 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 20:12:34 | 000,249,680 | R--- | M] () -- \WINDOWS\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2012.12.30 05:37:01 | 000,031,732 | ---- | M] () -- \WINDOWS\Prefetch\JDOWNLOADER.EXE-0B7A9522.pf
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2008.04.14 14:00:00 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

< End of report >

Co s temi nelegalnimi Office?? Nase forum nepodporuje piratsky SW

Můžeme odinstalovat.

Nějaký nápad na odinstalování officů v nouzovém režimu?

Při standartní odinstalaci to nahlásí chybovou hlášku, že produkt nebyl odinstalován.

Mrknete sem http://support.microsoft.com/kb/2739501

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={04487776-6A7F-43B4-B56A-D6CEF8623C1A}&mid=747850daecb147d09eced156967405db-b1776c4de2ab540b53686708d61240dcaa8957cc&lang=cs&ds=AVG&pr=pr&d=2012-06-20 10:38:33&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\SearchScopes\{B3F400C6-8319-4C17-B4B9-8A05EBDACA8B}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_CZ&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^CZ&apn_uid=77963331-1a84-422a-b3d8-5b46334890e6&apn_sauid=AC2D1384-C4BD-426C-AAAF-F7AA29FD9D85
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 81.177.143.140:3128
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{9051303C-7E41-4311-A783-D6FE5EF2832D}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{BEE6EB20-01E0-EBD1-DA83-080329FB9A3A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\FFXTLBR@ZONEALARM.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\OUĹ™EDNĂK\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\K9I3VZPS.DEFAULT\EXTENSIONS\FLASHCATCH-AMO@FLASHCATCH.COM
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-515967899-115176313-1801674531-1004\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
[2013.05.21 15:04:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.05.21 15:39:30 | 000,000,206 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job
[2013.05.21 15:05:29 | 095,023,320 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.pad
[2013.05.21 15:04:43 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Data aplikací\rundll32.exe
[2013.05.21 08:13:19 | 000,003,087 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\inirgz6.js
[2013.05.21 06:50:51 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013.05.21 01:02:22 | 000,000,796 | ---- | M] () -- C:\Documents and Settings\Ouředník\Nabídka Start\Programy\Po spuštění\msconfig.lnk
[2013.05.21 01:02:01 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\All Users\Data aplikací\6zgrini.dat
[2013.05.21 01:01:58 | 000,147,456 | ---- | M] () -- C:\Documents and Settings\Ouředník\7854765.dll
[2012.06.24 05:24:05 | 000,000,135 | ---- | C] () -- C:\WINDOWS\AutoKMS.ini
[2012.06.23 23:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Ouředník\Data aplikací\IObit
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[13 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\DirectX\*.tmp files -> C:\WINDOWS\system32\DirectX\*.tmp -> ]
[2013.05.21 01:00:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.05.21 15:39:30 | 000,000,206 | ---- | M] () -- C:\WINDOWS\Tasks\AutoKMS.job

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Office odstraněný.

Zde je log.

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service VBoxNetFlt stopped successfully!
Service VBoxNetFlt deleted successfully!
File system32\DRIVERS\VBoxNetFlt.sys not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{B3F400C6-8319-4C17-B4B9-8A05EBDACA8B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3F400C6-8319-4C17-B4B9-8A05EBDACA8B}\ not found.
HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
Registry value HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-21-515967899-115176313-1801674531-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
C:\Documents and Settings\All Users\Data aplikací\rundll32.exe moved successfully.
C:\WINDOWS\tasks\AutoKMS.job moved successfully.
C:\Documents and Settings\All Users\Data aplikací\inirgz6.pad moved successfully.
File C:\Documents and Settings\All Users\Data aplikací\rundll32.exe not found.
C:\Documents and Settings\All Users\Data aplikací\inirgz6.js moved successfully.
C:\WINDOWS\system32\d3d9caps.dat moved successfully.
C:\Documents and Settings\Ouředník\Nabídka Start\Programy\Po spuštění\msconfig.lnk moved successfully.
C:\Documents and Settings\All Users\Data aplikací\6zgrini.dat moved successfully.
C:\Documents and Settings\Ouředník\7854765.dll moved successfully.
C:\WINDOWS\AutoKMS.ini moved successfully.
C:\Documents and Settings\Ouředník\Data aplikací\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Documents and Settings\Ouředník\Data aplikací\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Documents and Settings\Ouředník\Data aplikací\IObit\IObit Uninstaller folder moved successfully.
C:\Documents and Settings\Ouředník\Data aplikací\IObit folder moved successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SET4.tmp deleted successfully.
C:\WINDOWS\SET8.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP158.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP169.tmp\System.Data.Entity.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP169.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP261.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9C0.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB2.tmp\System.ServiceModel.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB2.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBA4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPBE3.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEE9.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFC5.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFD2.tmp folder deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\system folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\sysbckup folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\inf folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\help folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\drivers folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\directx folder deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2005_d3dx9_25_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2006_d3dx9_30_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2006_mdx1_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2006_mdx1_x86_archive.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2006_xinput_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2007_d3dx10_33_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2007_d3dx9_33_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2007_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\apr2007_xinput_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2005_d3dx9_27_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2006_xinput_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2007_d3dx10_35_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2007_d3dx9_35_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\aug2007_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Aug2008_d3dx10_39_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Aug2008_d3dx9_39_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Aug2008_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Aug2008_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_D3DCompiler_42_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_d3dcsx_42_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_d3dx10_42_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_d3dx11_42_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_d3dx9_42_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\AUG2009_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\d3dx9_24.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\d3dx9_24_w9x.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\d3dx9_24_x86.cat deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\d3dx9_24_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dec2005_d3dx9_28_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dec2006_d3dx10_00_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dec2006_d3dx9_32_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dec2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dxdllreg.exe deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dxdllreg_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dxupdate.cif deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dxupdate.dll deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\dxupdate.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\feb2006_d3dx9_29_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\feb2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\feb2007_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\FEB2010_X3DAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\FEB2010_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\FEB2010_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\jun2005_d3dx9_26_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\jun2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\jun2007_d3dx10_34_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\jun2007_d3dx9_34_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\jun2007_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Jun2008_d3dx10_38_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Jun2008_d3dx9_38_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Jun2008_X3DAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Jun2008_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Jun2008_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_D3DCompiler_43_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_d3dcsx_43_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_d3dx10_43_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_d3dx11_43_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_d3dx9_43_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\JUN2010_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2008_d3dx10_37_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2008_d3dx9_37_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2008_X3DAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2008_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2008_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2009_d3dx10_41_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2009_d3dx9_41_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2009_X3DAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2009_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Mar2009_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\nov2007_d3dx10_36_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\nov2007_d3dx9_36_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\nov2007_x3daudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\nov2007_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Nov2008_d3dx10_40_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Nov2008_d3dx9_40_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Nov2008_X3DAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Nov2008_XACT_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\Nov2008_XAudio_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\oct2005_xinput_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\oct2006_d3dx9_31_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp\oct2006_xact_x86.inf deleted successfully.
C:\WINDOWS\system32\DirectX\DX4F0.tmp folder deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
File C:\WINDOWS\Tasks\AutoKMS.job not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 1500160 bytes
->Temporary Internet Files folder emptied: 27358903 bytes
->Flash cache emptied: 801 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 2047256 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 1982680 bytes
->Temporary Internet Files folder emptied: 33237 bytes

User: Ouýednˇk
->Temporary Internet Files folder emptied: 33170 bytes

User: Ouředník
->Temp folder emptied: 633701787 bytes
->Temporary Internet Files folder emptied: 1295122000 bytes
->FireFox cache emptied: 2993966447 bytes
->Flash cache emptied: 308841147 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41077756 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 236456598 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 4210975243 bytes

Total Files Cleaned = 9 301,00 mb

[EMPTYFLASH]

User: Administrator
->Flash cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Ouýednˇk

User: Ouředník
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Ouýednˇk

User: Ouředník

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 05222013_004542

Fajn, jak se chova PC

Windows naběhl zcela v pohodě a vše se tváří být v pořádku.

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

Takže já bych chtěl poděkovat za pomoc, vše funguje a žádné další otázky nejsou.

Jako poděkování zašlu malý finanční příspěvek.

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Za podporu fora jmenem celeho tymu dekuji

A na zaklade Pravidla o zamykani temat

VIRY.CZ

Policie ČR - vir

Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir

Re: Policie ČR - vir