Trojan WIN32Generic!BT a asi i další breberky

[petr-kapr]

Dobrý den,

nejde mi nainstalovat aktualizace Microsoft XML Core Service 4.0 SP3 pro systémy platformy x64 a pak několik dalších aktualizací. Nějakou dobu jsem na to kašlal, ale teď mi v pc řádí viry, tak už to musím nějak řešit. AD-Aware mi našel Trojan WIN32Generic!BT, ale asi pořád v pc nějaké viry jsou navíc aktualizace furt nefunguje. Může mi někdo poradit? Díky moc.

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by mp at 2012-04-20 12:18:04
Microsoft Windows 7 Home Premium
System drive C: has 73 GB (61%) free of 119 GB
Total RAM: 4095 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:18:50, on 20.4.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\PROGRA~2\AD-AWA~1\AdAware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\Program Files\trend micro\mp.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [BlazeServoTool] "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MP3 Skype Recorder] C:\Program Files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Application Updater - Unknown owner - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: PCSpeedUp Service (PCSpeedUpService) - Unknown owner - C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware (SBAMSvc) - Sunbelt Software - C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vtigercrm504 - Unknown owner - C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15760 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {E71AAF3C-15A3-401B-B476-AA552EEA4421}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
WLIDSvcM.exe 2596
"taskhost.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {6796C824-9630-413F-A35E-B05C3F8712A1}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\ASUS\Net4Switch\Net4Switch.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4
"C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
C:\PROGRA~2\AD-AWA~1\AdAware.exe --run-from-service --silent
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2996.cae5e20.2097555184 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 2996 "\\.\pipe\gecko-crash-server-pipe.2996" plugin
"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\AUDIODG.EXE 0x66c
"C:\Program Files (x86)\CCleaner\CCleaner64.exe"
"D:\Users\mp\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-879712419-658512947-2250940320-1001Core1cd0692f3b2715d.job
C:\Windows\tasks\iMeshNAG.job
C:\Windows\tasks\vtigerCRM Email Reminder.job
C:\Windows\tasks\vtigerCRM Notification Scheduler.job

=========Mozilla firefox=========

ProfilePath - C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, pdfforge@mybrowserbar.com:4.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, wtxpcom@mybrowserbar.com:4.3, jsobrier@zscaler.com:1.5, forcetls@sid.stamm:3.0.0, DTToolbar@toolbarnet.com:1.1.7.0190, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.7&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\
DTToolbar@toolbarnet.com
forcetls@sid.stamm
jsobrier@zscaler.com
nostmp
{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
{800b5000-a755-47e1-992b-48a1c1357f07}
{87934c42-161d-45bc-8cef-ef18abe2a30c}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}

C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\
askcom.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
MyStart Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}]
ALOT Toolbar Helper - C:\Program Files (x86)\alot\bin\BHO\alotBHO.dll [2011-03-17 831848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
Ad-Aware Security Toolbar - C:\Program Files (x86)\adawaretb\adawareDx.dll [2012-03-06 87440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-03-12 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll [2011-05-06 734048]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-03-12 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2012-03-07 1211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]
{F3FEE66E-E034-436a-86E4-9690573BEE8A}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll [2011-05-06 734048]
{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - ALOT Toolbar - C:\Program Files (x86)\alot\bin\alot.dll [2011-03-17 831848]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]
{6c97a91e-4524-4019-86af-2aa2d567bf5c} - Ad-Aware Security Toolbar - C:\Program Files (x86)\adawaretb\adawareDx.dll [2012-03-06 87440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Google Update"=C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-25 136176]
"ICQ"=C:\Program Files (x86)\ICQ7.5\ICQ.exe [2011-08-01 124480]
"BlazeServoTool"=C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [2010-03-06 286720]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-12-25 47672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-02 98304]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-05-06 532320]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-03-07 4241512]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"Ad-Aware Browsing Protection"=C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [2011-10-21 198032]
"Ad-Aware Antivirus"=C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher --windows-run []


askcom.xml
daemon-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
MyStart Search.xml
searchplugins-backup

C:\Users\mp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-04-20 11:58:39 ----D---- C:\rsit
2012-04-20 11:58:39 ----D---- C:\Program Files\trend micro
2012-04-20 11:51:36 ----A---- C:\Windows\SYSWOW64\drivers\ikcspu.sys
2012-04-20 11:51:36 ----A---- C:\Program Files (x86)\ljvpbr.txt
2012-04-20 09:18:20 ----D---- C:\Windows\CheckSur
2012-04-18 07:27:40 ----D---- C:\Users\mp\AppData\Roaming\Malwarebytes
2012-04-18 07:27:00 ----D---- C:\ProgramData\Malwarebytes
2012-04-18 07:26:50 ----A---- C:\Windows\system32\drivers\mbam.sys
2012-04-17 22:04:13 ----A---- C:\Windows\system32\SBRC.dat
2012-04-16 20:44:00 ----A---- C:\Windows\system32\sbbd.exe
2012-04-16 20:41:14 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-04-16 20:41:12 ----A---- C:\Windows\system32\drivers\sbtis.sys
2012-04-16 20:40:01 ----A---- C:\Windows\system32\drivers\SbFwIm.sys
2012-04-16 20:40:00 ----A---- C:\Windows\system32\drivers\SbFw.sys
2012-04-16 20:39:41 ----D---- C:\ProgramData\Lavasoft
2012-04-16 20:39:35 ----D---- C:\Program Files (x86)\Ad-Aware Antivirus
2012-04-16 20:36:03 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-04-16 20:35:33 ----D---- C:\Program Files (x86)\Toolbar Cleaner
2012-04-16 20:35:06 ----D---- C:\Program Files (x86)\adawaretb
2012-04-16 20:33:27 ----D---- C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus
2012-04-16 20:26:11 ----D---- C:\Windows\Minidump
2012-04-10 11:08:04 ----D---- C:\ProgramData\Microsoft Help
2012-04-10 10:54:07 ----SHD---- C:\Users\mp\AppData\Roaming\.#
2012-04-10 10:54:07 ----D---- C:\Users\mp\AppData\Roaming\602XML
2012-04-10 10:54:07 ----D---- C:\Users\mp\AppData\Roaming\602Installer
2012-04-08 21:56:21 ----D---- C:\ProgramData\Adobe
2012-04-08 21:55:06 ----D---- C:\ProgramData\ATI
2012-04-08 21:54:41 ----D---- C:\ProgramData\Spybot - Search & Destroy
2012-04-08 21:54:40 ----D---- C:\ProgramData\BlazeVideo
2012-04-06 13:27:37 ----D---- C:\Program Files (x86)\Youtube Downloader
2012-04-06 13:22:11 ----D---- C:\Program Files (x86)\Sierra
2012-04-06 13:22:07 ----D---- C:\Program Files (x86)\rajce
2012-04-06 13:21:57 ----D---- C:\Program Files (x86)\PSPad editor
2012-04-06 13:21:57 ----D---- C:\Program Files (x86)\ProgDVB
2012-04-06 13:21:35 ----D---- C:\Program Files (x86)\PDFCreator
2012-04-06 13:21:35 ----D---- C:\Program Files (x86)\MP3 Skype Recorder
2012-04-06 13:21:27 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2012-04-06 13:21:03 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2012-04-06 13:20:39 ----D---- C:\Program Files (x86)\Java
2012-04-06 13:19:16 ----D---- C:\Program Files (x86)\ICQ7.6
2012-04-06 13:18:28 ----D---- C:\Program Files (x86)\HattrickOrganizer
2012-04-06 13:18:24 ----D---- C:\Program Files (x86)\FreeMind
2012-04-06 13:18:18 ----D---- C:\Program Files (x86)\Digiarty
2012-04-06 13:18:18 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2012-04-06 13:14:37 ----D---- C:\Program Files (x86)\Buzzer Control
2012-04-06 13:14:37 ----ASH---- C:\Program Files (x86)\desktop.ini
2012-03-25 09:32:01 ----A---- C:\Windows\system32\drivers\aswKbd.sys

======List of files/folders modified in the last 1 month======

2012-04-20 12:16:50 ----D---- C:\Users\mp\AppData\Roaming\Skype
2012-04-20 12:16:49 ----D---- C:\Windows\Temp
2012-04-20 12:16:49 ----D---- C:\Windows
2012-04-20 11:58:39 ----RD---- C:\Program Files
2012-04-20 11:55:19 ----D---- C:\Users\mp\AppData\Roaming\ICQ
2012-04-20 11:54:55 ----D---- C:\Windows\Prefetch
2012-04-20 11:51:36 ----RD---- C:\Program Files (x86)
2012-04-20 11:51:36 ----D---- C:\Windows\SYSWOW64\drivers
2012-04-20 10:17:19 ----SHD---- C:\Windows\Installer
2012-04-20 10:17:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-04-20 10:16:59 ----D---- C:\Windows\SysWOW64
2012-04-20 10:16:03 ----SHD---- C:\System Volume Information
2012-04-20 09:42:51 ----A---- C:\Windows\system32\acovcnt.exe
2012-04-20 09:18:49 ----D---- C:\Windows\system32\config
2012-04-18 07:32:53 ----D---- C:\Windows\System32
2012-04-18 07:32:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-18 07:32:52 ----D---- C:\Windows\inf
2012-04-18 07:27:00 ----HD---- C:\ProgramData
2012-04-18 07:26:52 ----AD---- C:\Windows\system32\drivers
2012-04-17 22:17:31 ----D---- C:\Windows\debug
2012-04-17 08:11:17 ----D---- C:\Windows\system32\wdi
2012-04-16 21:35:59 ----D---- C:\Windows\system32\Tasks
2012-04-16 21:35:58 ----D---- C:\Windows\Tasks
2012-04-16 21:34:08 ----A---- C:\Windows\system32\ServiceFilter.ini
2012-04-16 21:34:06 ----A---- C:\Windows\system32\AutoRunFilter.ini
2012-04-16 20:40:25 ----D---- C:\Windows\system32\catroot
2012-04-16 20:40:18 ----D---- C:\Windows\system32\DriverStore
2012-04-16 20:24:35 ----D---- C:\Windows\LiveKernelReports
2012-04-15 12:26:59 ----SD---- C:\ProgramData\Microsoft
2012-04-14 22:08:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-04-14 11:19:01 ----RD---- C:\Program Files (x86)\Skype
2012-04-14 11:19:01 ----D---- C:\Program Files (x86)\Common Files
2012-04-14 11:18:53 ----D---- C:\ProgramData\Skype
2012-04-14 10:13:02 ----D---- C:\Windows\system32\catroot2
2012-04-13 11:20:15 ----D---- C:\Windows\Microsoft.NET
2012-04-13 11:20:14 ----RSD---- C:\Windows\assembly
2012-04-12 22:02:55 ----A---- C:\Windows\system32\MRT.exe
2012-04-06 13:27:21 ----D---- C:\Program Files (x86)\Software602
2012-04-04 20:32:05 ----A---- C:\Windows\win.ini
2012-04-04 08:32:10 ----D---- C:\Users\mp\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-03-07 28504]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 253528]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2011-04-29 55384]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 94296]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys [2011-05-11 72280]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 6182400]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-05-20 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-06-05 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys []
S0 vedi;vedi; C:\Windows\system32\drivers\ikcspu.sys []
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2011-08-26 113280]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 60504]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 Ad-Aware Service;Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2012-03-29 1161072]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 202752]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-07 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 SBAMSvc;Ad-Aware; C:\Program Files (x86)\Ad-Aware Antivirus\Engine\SBAMSvc.exe [2011-05-17 2804280]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe []
S2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2012-03-07 134920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 PCSpeedUpService;PCSpeedUp Service; C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S2 vtigercrm504;vtigercrm504; C:\Program Files (x86)\vtigercrm5\apache\bin\Apache.exe -k runservice []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny den preji

Odinstalujte Ad-Aware. Jednak je v kolizi s Avastem a dale uz je davno za zenitem a neni schopen celit aktualnim hrozbam. Totez udelejte se Spybotem - ten je uz mimo cca 3 roky

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Odinstalujte Spigot Search Settings a tez Zrychleni Pocitace a jeste Application Updater

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

[petr-kapr]

Díky za rady. Udělal jsem vše dle návodu, ale OTL se mi vždycky v půlce kousne a nechce to jet dál. Dalo by se postupovat nějak jinak?

Už se to zase rozjelo, tak třeba se to dokončí...

[vyosek]

Tak jej nechte bezet, on ma obcas maly zasek, ale ty jsou radove sekundove

[petr-kapr]

Výsledky Olt 1/2.
OLT.txt

OTL logfile created on: 4/20/2012 3:25:55 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\mp\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 45.07% Memory free
8.00 Gb Paging File | 5.66 Gb Available in Paging File | 70.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 71.07 Gb Free Space | 61.03% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 263.11 Gb Free Space | 78.62% Space Free | Partition Type: NTFS

Computer Name: MICHAL-PC | User Name: mp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012/04/20 14:37:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\mp\Desktop\OTL.exe
PRC - [2012/03/13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/03/07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- D:\Program Files (x86)\PSI\psia.exe
PRC - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- D:\Program Files (x86)\PSI\sua.exe
PRC - [2011/10/14 08:01:46 | 000,291,896 | ---- | M] (Secunia) -- D:\Program Files (x86)\PSI\psi_tray.exe
PRC - [2011/10/10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2011/10/04 12:28:14 | 000,220,992 | ---- | M] (Software602) -- C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
PRC - [2011/08/01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/05/06 18:15:20 | 000,532,320 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2010/03/06 17:46:14 | 000,286,720 | ---- | M] (BlazeVideo Company) -- C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
PRC - [2009/12/25 16:57:10 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/25 19:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/09/24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/09/16 03:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/08/17 19:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 21:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/17 21:34:16 | 001,392,128 | ---- | M] (Marek Jasinski - www.FreeCommander.com) -- C:\Program Files (x86)\FreeCommander\FreeCommander.exe
PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/07/19 05:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/11/20 13:50:36 | 001,145,400 | ---- | M] (ASUS) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
PRC - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/20 13:20:18 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/03/13 06:36:53 | 001,969,080 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/03/15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt32.dll
MOD - [2009/09/24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009/09/16 03:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/06/03 04:09:06 | 000,225,280 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2009/03/20 10:01:38 | 000,188,416 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswsysmon.dll
MOD - [2009/03/19 14:29:12 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\LogonStartup.dll
MOD - [2008/12/30 12:40:30 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\VersionInfo.dll
MOD - [2008/12/30 12:40:26 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\mlutil.dll
MOD - [2008/12/30 12:40:26 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MMKeyboardHook.dll
MOD - [2008/08/28 02:32:36 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008/06/09 19:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008/05/16 11:28:20 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswcore.dll
MOD - [2008/05/16 11:28:10 | 000,081,920 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswobj.dll
MOD - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
MOD - [2007/08/02 09:53:06 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswresmgr.dll
MOD - [2007/07/27 15:10:02 | 000,049,152 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ResItf.dll
MOD - [2007/06/19 11:38:08 | 000,208,896 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswui.dll
MOD - [2007/06/15 20:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007/06/02 03:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
MOD - [2007/05/14 11:10:40 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswgblset.dll
MOD - [2006/12/09 09:34:36 | 000,139,264 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipsw_cfgmgr.dll
MOD - [2006/12/07 09:29:06 | 000,007,168 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\iphelper.dll
MOD - [2006/12/06 16:55:32 | 000,053,248 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswhlp.dll
MOD - [2006/12/06 16:55:22 | 000,086,016 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\ipswds.dll
MOD - [2006/12/06 16:42:26 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\Net4Switch\cxcmrt.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe -- (PCSpeedUpService)
SRV:64bit: - [2012/03/07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/03/07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2009/10/02 05:38:17 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/09/17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV:64bit: - [2007/08/03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2012/04/20 13:24:31 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011/10/10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/03/07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/03/07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/03/07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/03/07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/03/07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/08/26 09:54:25 | 000,113,280 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/05 17:35:20 | 000,253,528 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SbFw.sys -- (SbFw)
DRV:64bit: - [2011/04/05 17:35:20 | 000,094,296 | ---- | M] (Sunbelt Software, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbtis.sys -- (SbTis)
DRV:64bit: - [2011/04/05 17:35:20 | 000,060,504 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sbhips.sys -- (sbhips)
DRV:64bit: - [2011/02/18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/02/08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCLMP)
DRV:64bit: - [2011/02/08 09:14:20 | 000,084,568 | ---- | M] (Sunbelt Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SbFwIm.sys -- (SBFWIMCL)
DRV:64bit: - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2009/12/25 16:56:05 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AsDsm.sys -- (AsDsm)
DRV:64bit: - [2009/10/02 06:11:13 | 006,182,400 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/08/21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/17 08:00:11 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/17 08:00:11 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/12 13:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 13:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/05/20 18:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/05/05 16:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/08/03 06:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV:64bit: - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2012/04/20 11:51:36 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\ikcspu.sys -- (vedi)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\InprocServer32 File not found
IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{1B3793A9-70A0-4EC7-B5F5-D064EF23451A}: "URL" = http://websearch.ask.com/redirect?clien ... 517044FC88
IE - HKCU\..\SearchScopes\{5A2D83D3-3152-47AA-8659-0CC2A6533A3D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTer ... .5.18000.3
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.incredimail.com/?search= ... rch_box_fs
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.3.1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.cz/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: jsobrier@zscaler.com:1.5
FF - prefs.js..extensions.enabledItems: forcetls@sid.stamm:3.0.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.99
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.4.7&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\mp\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\mp\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\mp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\mp\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/03/25 09:31:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/14 22:08:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/12 19:11:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.8\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2010/06/23 16:47:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 0.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/04/06 13:21:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2011/01/19 16:13:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Extensions
[2010/06/23 16:55:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/04/20 14:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions
[2012/01/05 21:08:01 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2012/04/01 14:12:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/03/03 10:51:03 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011/04/25 12:52:32 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\DTToolbar@toolbarnet.com
[2011/03/26 09:44:40 | 000,000,000 | ---D | M] (Force-TLS) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm
[2011/01/19 16:17:45 | 000,000,000 | ---D | M] ("BlackSheep") -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com
[2011/05/01 09:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp
[2010/06/23 16:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Sunbird\Profiles\xv408hry.default\extensions
[2011/04/27 13:41:47 | 000,002,396 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\askcom.xml
[2010/11/24 16:11:28 | 000,002,059 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\daemon-search.xml
[2012/04/20 07:56:53 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-1.xml
[2011/05/01 09:57:32 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-10.xml
[2011/05/15 19:23:27 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-11.xml
[2011/07/02 09:35:48 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-12.xml
[2011/08/20 19:55:23 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-13.xml
[2011/09/01 08:04:56 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-14.xml
[2011/09/09 13:38:08 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-15.xml
[2011/10/01 17:57:18 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-16.xml
[2011/10/14 17:32:43 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-17.xml
[2011/11/09 22:24:20 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-18.xml
[2012/01/10 18:38:54 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-19.xml
[2010/09/22 13:19:19 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-2.xml
[2012/01/10 18:48:11 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-20.xml
[2012/02/18 10:02:20 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-21.xml
[2012/03/19 18:40:24 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-22.xml
[2012/04/06 10:04:13 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-23.xml
[2010/10/20 16:10:53 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-3.xml
[2010/10/30 09:55:44 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-4.xml
[2010/12/15 11:11:26 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-5.xml
[2011/03/02 12:07:09 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-6.xml
[2011/03/05 22:39:15 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-7.xml
[2011/03/24 18:45:42 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-8.xml
[2011/03/29 09:51:27 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-9.xml
[2011/03/30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin.xml
[2010/11/01 18:45:34 | 000,002,030 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\MyStart Search.xml
[2012/04/20 13:09:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/10 18:24:09 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/04/10 18:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/04/20 13:09:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012/03/25 09:31:43 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST5\WEBREP\FF
[2012/03/13 06:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/12 19:43:09 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 10:38:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012/03/13 10:38:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012/03/13 10:38:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012/03/13 10:38:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012/03/13 10:38:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010/07/13 22:22:45 | 000,411,980 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14234 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll File not found
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Print2PDF Print Monitor] C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe (Software602)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BlazeServoTool] C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe (BlazeVideo Company)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2A239A3-68F8-4499-8B57-3F7481CF9C15}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[petr-kapr]

OLT 2/2

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\Windows\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012/04/20 14:37:58 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\mp\Desktop\OTL.exe
[2012/04/20 13:24:11 | 008,766,112 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/20 13:20:18 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 13:16:24 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3
[2012/04/20 13:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/04/20 13:09:37 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/04/20 13:09:36 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/04/20 13:09:36 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/04/20 13:01:35 | 000,000,000 | ---D | C] -- C:\Users\mp\Desktop\OpenOffice.org 3.3 (en-US) Installation Files
[2012/04/20 13:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/04/20 12:58:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/04/20 12:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012/04/20 12:58:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2012/04/20 12:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/04/20 12:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/04/20 12:48:13 | 000,000,000 | ---D | C] -- C:\Users\mp\AppData\Local\Secunia PSI
[2012/04/20 12:45:23 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/04/20 11:58:39 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/04/20 11:58:39 | 000,000,000 | ---D | C] -- C:\rsit
[2012/04/20 09:18:20 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/04/18 07:27:40 | 000,000,000 | ---D | C] -- C:\Users\mp\AppData\Roaming\Malwarebytes
[2012/04/18 07:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/16 20:41:14 | 000,060,504 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\sbhips.sys
[2012/04/16 20:41:12 | 000,094,296 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\sbtis.sys
[2012/04/16 20:40:01 | 000,084,568 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\SbFwIm.sys
[2012/04/16 20:40:00 | 000,253,528 | ---- | C] (Sunbelt Software, Inc.) -- C:\Windows\SysNative\drivers\SbFw.sys
[2012/04/16 20:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/04/16 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2012/04/16 20:36:40 | 000,000,000 | ---D | C] -- C:\Users\mp\AppData\Local\adawarebp
[2012/04/16 20:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012/04/16 20:33:27 | 000,000,000 | ---D | C] -- C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus
[2012/04/16 20:26:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/04/14 18:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/04/14 11:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/14 11:19:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/06 13:17:08 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 7 Days ==========

[2012/04/20 15:37:00 | 000,000,430 | ---- | M] () -- C:\Windows\tasks\vtigerCRM Email Reminder.job
[2012/04/20 15:32:18 | 008,126,464 | -HS- | M] () -- C:\Users\mp\ntuser.dat
[2012/04/20 15:32:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/04/20 15:24:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/20 15:20:02 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/04/20 14:37:32 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\mp\Desktop\OTL.exe
[2012/04/20 14:35:31 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/20 14:35:31 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/20 14:27:15 | 000,114,976 | ---- | M] () -- C:\Users\mp\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/04/20 14:27:06 | 000,002,240 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/04/20 14:27:06 | 000,001,797 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/04/20 14:26:33 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\iMeshNAG.job
[2012/04/20 14:26:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/04/20 14:26:29 | 000,444,000 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/04/20 14:26:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/20 14:26:04 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/20 14:25:04 | 001,510,838 | -H-- | M] () -- C:\Users\mp\AppData\Local\IconCache.db
[2012/04/20 13:24:30 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/20 13:24:30 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/20 13:24:11 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/20 12:53:54 | 000,000,996 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/20 12:45:23 | 000,000,685 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/04/20 11:51:36 | 000,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\ikcspu.sys
[2012/04/20 11:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\vtigerCRM Notification Scheduler.job
[2012/04/20 09:42:51 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2012/04/18 07:32:53 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/18 07:32:53 | 000,666,656 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012/04/18 07:32:53 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/18 07:32:53 | 000,140,320 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012/04/18 07:32:53 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/17 22:04:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[2012/04/17 17:40:48 | 000,001,188 | ---- | M] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/04/17 00:24:36 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/04/14 22:08:34 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/14 18:03:33 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/14 18:02:32 | 000,002,068 | -H-- | M] () -- C:\Users\mp\Documents\Default.rdp

========== Files Created - No Company Name ==========

[2012/04/20 14:49:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/04/20 13:20:21 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/20 13:16:25 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
[2012/04/20 12:53:54 | 000,000,996 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012/04/20 12:45:23 | 000,000,685 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/04/20 12:45:23 | 000,000,664 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/04/20 11:51:36 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\ikcspu.sys
[2012/04/17 22:04:13 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2012/04/17 17:40:48 | 000,001,188 | ---- | C] () -- C:\Windows\SysWow64\ServiceConfig.xml
[2012/04/16 21:35:58 | 000,000,938 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2012/04/14 22:08:34 | 000,001,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/04/14 22:08:34 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/04/14 18:03:33 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/04/10 10:54:10 | 000,006,144 | ---- | C] () -- C:\Users\mp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/08 21:54:48 | 000,114,976 | ---- | C] () -- C:\Users\mp\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/04/06 13:36:24 | 001,510,838 | -H-- | C] () -- C:\Users\mp\AppData\Local\IconCache.db
[2012/04/06 13:17:08 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2012/04/06 13:17:08 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2011/09/13 10:44:16 | 000,039,962 | ---- | C] () -- C:\Windows\php.ini
[2011/08/26 11:48:00 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\SysInfo_6_5_p.dll
[2011/08/26 11:12:05 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\SysInfo_6_6_p.dll
[2011/08/26 10:27:56 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\SysInfo_6_6_s.dll
[2011/08/26 10:12:25 | 000,000,014 | ---- | C] () -- C:\Windows\SysWow64\systeminfo.dll
[2011/06/10 22:41:32 | 000,000,328 | ---- | C] () -- C:\Windows\SIERRA.INI
[2011/05/04 01:01:41 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/05/04 01:01:41 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/01/29 14:14:28 | 000,000,501 | ---- | C] () -- C:\Windows\headache.ini
[2010/09/29 21:38:27 | 001,556,632 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/26 15:10:25 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010/06/23 16:22:54 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI

========== LOP Check ==========

[2010/06/23 18:10:01 | 000,000,000 | -HSD | M] -- C:\Users\mp\AppData\Roaming\.#
[2012/04/10 10:54:07 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\602Installer
[2012/04/10 10:54:07 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\602XML
[2012/04/18 07:28:35 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus
[2011/01/19 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Asus WebStorage
[2011/12/23 02:35:34 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Atari
[2011/11/18 21:26:58 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\DAEMON Tools Lite
[2012/03/08 02:57:25 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\FreeCommander
[2011/04/27 10:39:36 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\FreeFLVConverter
[2011/01/19 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\GameConsole
[2012/04/20 14:28:46 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\ICQ
[2011/06/20 12:09:13 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Leadertech
[2011/09/15 08:37:33 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\MP3SkypeRecorder
[2012/04/20 12:58:38 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\OpenCandy
[2010/06/23 16:36:52 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\OpenOffice.org
[2011/10/29 17:58:55 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\pdfforge
[2010/09/30 09:37:31 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Skinux
[2011/08/26 10:55:42 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Thinstall
[2011/01/19 16:13:24 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Thunderbird
[2012/02/26 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Xi
[2011/01/19 16:14:33 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Zoner
[2012/04/17 00:24:36 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2011/10/09 19:42:58 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/04/20 14:26:33 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
[2012/04/01 16:49:09 | 000,032,588 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/20 15:39:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Email Reminder.job
[2012/04/20 11:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Notification Scheduler.job

========== Purity Check ==========



========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\SysWOW64\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\SysNative\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\drivers\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/12/25 16:54:31 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/12/25 16:54:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/12/25 16:54:31 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/12/25 16:54:31 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\SysNative\hal.dll
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[19 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\531725f6d0e1ef874022ca9d934c2a57\*.tmp files -> C:\Windows\SoftwareDistribution\Download\531725f6d0e1ef874022ca9d934c2a57\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\79a228ce41a71b2e835a64261760f498\*.tmp files -> C:\Windows\SoftwareDistribution\Download\79a228ce41a71b2e835a64261760f498\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\80d8082a4a55a420d345a07e3af4eb8f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\80d8082a4a55a420d345a07e3af4eb8f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\96dfe48078f007360039dcfc29006d3c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\96dfe48078f007360039dcfc29006d3c\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\98ac3c59866a88ff291f739b97f47c53\*.tmp files -> C:\Windows\SoftwareDistribution\Download\98ac3c59866a88ff291f739b97f47c53\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\98bc604e4c4e21a1efca04b344436e42\*.tmp files -> C:\Windows\SoftwareDistribution\Download\98bc604e4c4e21a1efca04b344436e42\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\ca50ea8614b029b5b6b63fe596ea6d81\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ca50ea8614b029b5b6b63fe596ea6d81\*.tmp -> ]
[2 C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\faae445bdf9eab291317cd2ccf09b1df\*.tmp files -> C:\Windows\SoftwareDistribution\Download\faae445bdf9eab291317cd2ccf09b1df\*.tmp -> ]
[4 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/06/23 18:10:01 | 000,000,000 | -HSD | M] -- C:\Users\mp\AppData\Roaming\.#
[2012/04/10 10:54:07 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\602Installer
[2012/04/10 10:54:07 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\602XML
[2012/04/18 07:28:35 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus
[2011/01/19 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Adobe
[2011/01/19 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Asus WebStorage
[2011/12/23 02:35:34 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Atari
[2011/01/19 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\ATI
[2011/01/19 16:12:49 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\CyberLink
[2011/11/18 21:26:58 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\DAEMON Tools Lite
[2011/09/16 10:39:03 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Download Manager
[2012/03/02 15:59:48 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\dvdcss
[2012/03/08 02:57:25 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\FreeCommander
[2011/04/27 10:39:36 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\FreeFLVConverter
[2011/01/19 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\GameConsole
[2012/04/20 14:28:46 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\ICQ
[2011/01/19 16:12:58 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Identities
[2011/11/24 19:03:46 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\InstallShield
[2011/06/20 12:09:13 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Leadertech
[2011/01/19 15:31:56 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Macromedia
[2012/04/18 07:27:40 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Malwarebytes
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Media Center Programs
[2011/01/28 12:42:53 | 000,000,000 | --SD | M] -- C:\Users\mp\AppData\Roaming\Microsoft
[2012/04/04 08:32:10 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Mozilla
[2011/09/15 08:37:33 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\MP3SkypeRecorder
[2012/04/20 12:58:38 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\OpenCandy
[2010/06/23 16:36:52 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\OpenOffice.org
[2011/10/29 17:58:55 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\pdfforge
[2012/02/12 15:33:20 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\PSpad
[2010/09/30 09:37:31 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Skinux
[2012/04/20 15:52:45 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Skype
[2011/07/02 14:48:00 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\skypePM
[2011/01/19 16:13:23 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Talkback
[2011/08/26 10:55:42 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Thinstall
[2011/01/19 16:13:24 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Thunderbird
[2011/07/28 21:00:53 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\vlc
[2011/01/19 16:14:29 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\WinRAR
[2012/02/26 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Xi
[2011/01/19 16:14:33 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010/11/24 16:31:04 | 000,010,134 | R--- | M] () -- C:\Users\mp\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/02/02 12:00:32 | 000,277,392 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe.exe
[2011/02/02 12:00:32 | 000,034,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlus_registrar.exe
[2010/10/21 21:12:40 | 003,920,702 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\WINNT_x86-msvc\firesheep-backend.exe
[2011/02/02 12:00:32 | 000,277,392 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp\content\getPlusPlus_Adobe.exe
[2011/02/02 12:00:32 | 000,034,592 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp\content\getPlus_registrar.exe
[2012/02/06 20:18:56 | 002,081,208 | ---- | M] (Speedchecker Limited ) -- C:\Users\mp\AppData\Roaming\OpenCandy\AFC23A10CFF245AEA2B844AF419D8B37\pcspeedup_oc.exe
[2011/05/30 09:51:39 | 000,416,160 | ---- | M] () -- C:\Users\mp\AppData\Roaming\OpenCandy\OpenCandy_1F316261C3474474B817C95087D4C195\LatestDLMgr.exe
[2010/12/18 00:07:06 | 000,043,440 | ---- | M] () -- C:\Users\mp\AppData\Roaming\OpenCandy\OpenCandy_1F316261C3474474B817C95087D4C195\SpeedstarterCZ.exe
[2010/12/17 19:48:22 | 001,720,472 | ---- | M] (Speedchecker Limited ) -- C:\Users\mp\AppData\Roaming\OpenCandy\OpenCandy_1F316261C3474474B817C95087D4C195\ZrychleniPocitace.exe
[2011/05/30 09:51:52 | 001,842,096 | ---- | M] () -- C:\Users\mp\AppData\Roaming\OpenCandy\OpenCandy_1F316261C3474474B817C95087D4C195\ZrychleniPocitace_p2v1.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012/04/17 00:24:36 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
[2011/10/09 19:42:58 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/04/20 15:24:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/03/20 14:14:08 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-879712419-658512947-2250940320-1001Core1cd0692f3b2715d.job
[2012/04/20 14:26:33 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
[2012/04/20 15:59:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Email Reminder.job
[2012/04/20 11:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Notification Scheduler.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >
[2012/04/20 11:51:36 | 000,061,440 | ---- | M] () -- C:\Windows\system32\drivers\ikcspu.sys

< %systemroot%\system32\*.* /3 >
[2012/04/20 13:24:30 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2012/04/20 13:24:30 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2012/04/20 13:24:11 | 008,766,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerInstaller.exe
[2012/04/17 17:40:48 | 000,001,188 | ---- | M] () -- C:\Windows\system32\ServiceConfig.xml

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\mp\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2011/07/25 22:15:44 | 000,136,176 | ---- | M] (Google Inc.)
"ICQ" = "C:\Program Files (x86)\ICQ7.5\ICQ.exe" silent loginmode=4 -- [2011/08/01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.)
"BlazeServoTool" = "C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" -- [2010/03/06 17:46:14 | 000,286,720 | ---- | M] (BlazeVideo Company)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012/02/29 08:55:08 | 017,148,552 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012/03/13 06:36:40 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=637F2BDC0E53704D121DDD27A1F62090 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009/07/14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/04/20 15:32:12 | 000,000,512 | ---- | M] () MD5=0CD6AD52F5165F1AEE84DAD147DDF121 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/11/01 18:44:30 | 000,003,031 | ---- | M] () -- \Users\mp\AppData\Local\IM\Sound\tchaikovsky_the_nutcracker.imw

< *keygen* /s >

< *loader* /s >
[2009/11/27 07:29:06 | 000,079,120 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
[2006/10/26 23:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 23:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2011/05/15 19:22:07 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/05/15 19:22:08 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/05/15 19:22:07 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011/07/28 13:06:26 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011/05/15 19:22:53 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011/05/15 19:22:48 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011/06/09 21:34:33 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\rps\preloader02.swf
[2011/06/09 18:11:00 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\slide-a-lama\preloader02.swf
[2011/06/09 21:36:48 | 000,003,830 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\warsheep\preloader02.swf
[2011/10/14 20:44:15 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011/10/14 20:44:16 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011/10/14 20:44:15 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.6\imApp\theme\MUICoreLib\xtraLoader.swf
[2011/10/14 20:44:49 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.6\Xtraz\icq\content\profile_lightboxs\preloader.html
[2011/05/09 13:01:02 | 000,005,987 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\scripts\io\downloader.js
[2008/01/16 21:35:50 | 000,004,608 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\AxInterop.POILOADER_OCXLib.dll
[2008/01/16 21:35:50 | 000,005,632 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Interop.POILOADER_OCXLib.dll
[2008/03/13 21:55:42 | 000,000,458 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Loader.ini
[2008/03/07 20:51:36 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader.dll
[2008/03/17 16:14:02 | 000,094,208 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoaderDataOper.dll
[2008/03/19 19:37:46 | 000,049,152 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoaderPanel.dll
[2008/03/14 18:30:22 | 000,000,448 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_Cfg.xml
[2008/02/19 17:32:26 | 000,909,312 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_OCX.ocx
[2007/12/27 10:42:46 | 000,001,936 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\POILoader_OCX.tlb
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0405.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.040E.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0415.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0418.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0419.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.041B.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.041F.MUI
[2008/03/04 20:41:40 | 000,032,768 | ---- | M] () -- \Program Files (x86)\Mio Technology\MioMore Desktop\Language\POILoader.exe.0809.MUI
[2011/01/17 16:21:04 | 000,006,263 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2012/04/20 15:20:36 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2011/01/17 18:52:40 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2012/04/20 15:20:52 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010/11/19 12:24:20 | 000,003,689 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2011/10/30 13:33:38 | 003,429,376 | ---- | M] () -- \Program Files (x86)\Youtube Downloader\youtube-downloader.exe
[2010/03/15 11:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2012/02/29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/02/29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/04/20 13:19:38 | 000,000,723 | ---- | M] () -- \Users\mp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GB3Z20WF\downloaderror[1].js
[2012/04/20 13:19:38 | 000,001,174 | ---- | M] () -- \Users\mp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GB3Z20WF\downloader[1].js
[2012/04/20 14:30:42 | 000,010,364 | ---- | M] () -- \Users\mp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WFVRKV2E\AdLoader-31f86c1d55aec17be3f2a203a8e4fb19.min[1].js
[2012/04/20 14:30:41 | 000,000,652 | ---- | M] () -- \Users\mp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WFVRKV2E\AdLoader[1].htm
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/08/03 22:00:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/08/03 22:00:16 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009/08/03 22:00:16 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009/08/03 22:00:16 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009/08/03 22:00:16 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2009/07/14 04:58:45 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:58:45 | 000,641,088 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.efi_75834aa0
[2009/07/14 04:58:45 | 000,604,192 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winload.exe_75835076
[2009/07/14 04:58:45 | 000,557,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.efi_85cd069f
[2009/07/14 04:58:45 | 000,518,352 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/08/03 21:57:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[petr-kapr]

Extras

OTL Extras logfile created on: 4/20/2012 3:25:55 PM - Run 1
OTL by OldTimer - Version 3.2.40.0 Folder = C:\Users\mp\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 45.07% Memory free
8.00 Gb Paging File | 5.66 Gb Available in Paging File | 70.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 71.07 Gb Free Space | 61.03% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 263.11 Gb Free Space | 78.62% Space Free | Partition Type: NTFS

Computer Name: MICHAL-PC | User Name: mp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{191FE572-888E-8C1E-B6A5-131DD157A769}" = ATI Catalyst Install Manager
"{5550FCDE-9697-C0DC-E993-19425370648F}" = ccc-utility64
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040E-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hungarian) 2007
"{90120000-002A-0415-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Polish) 2007
"{90120000-002A-0418-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Romanian) 2007
"{90120000-002A-041B-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovak) 2007
"{90120000-002A-0424-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Slovenian) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D35D9E34-7B4A-44E3-A882-69A6C6088BC6}" = Windows Live Zabezpečení rodiny
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"ASUS WebStorage" = ASUS WebStorage
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0CB3C535-1171-4A20-B549-E2CB5DEB9723}" = MySQL Connector/ODBC 3.51
"{0DF229B9-6AE9-32F0-D987-7EC53ED469D0}" = CCC Help French
"{13FF79F8-7385-1961-DF96-EA4995408083}" = CCC Help Norwegian
"{15030F2A-C19C-4780-8064-46C8CF4A822E}" = Caesar IV
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{1A0D4388-C483-6B7E-B5C9-218A6A8CC2ED}" = Catalyst Control Center Graphics Full Existing
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2F291F64-7664-6FA7-E63E-ECB96F1132D5}" = Catalyst Control Center Localization All
"{3119C2B0-FDC9-7E84-0AFE-99C37A120F9F}" = CCC Help English
"{32C74893-0243-4235-A6F3-201F0E5D2C03}" = Software602 Print2PDF
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4EA44BA4-A708-4223-BC1A-22B6DA9E7D1C}" = Windows Live Essentials
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{50F89EEA-D568-663C-9D0A-62156F2909DC}" = CCC Help Chinese Standard
"{524C5088-B615-E3C0-84EC-44B1AE86480B}" = Catalyst Control Center Graphics Light
"{54FEAF1A-8F2A-44C1-95CA-5C1C21F4F934}" = Windows Live Mail
"{5ACE78D9-2859-A192-F416-1D3E93370ACA}" = Catalyst Control Center InstallProxy
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5DBC79DA-87D2-376D-A65D-B14097C06C71}" = Google Talk Plugin
"{62C37D4D-0561-7281-28F6-918D1E09A7E1}" = CCC Help Hungarian
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6BBBBBE8-5B46-8BB6-27DD-F9F12A8961B3}" = ccc-core-static
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{6E5EEE1B-3907-44C3-83BA-AD4B8CE40F76}" = Windows Live Writer
"{709B5A11-1C2D-0CAA-6190-26AA341ED9C9}" = CCC Help Greek
"{73D0A63E-3CF1-010A-9F5E-9FB44759E959}" = CCC Help Russian
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7CA2E36B-EE3C-F83F-CBA3-9118376162D8}" = CCC Help Polish
"{7DE2EE83-1B5B-4FC8-A9DD-AEAC58633F27}" = Catalyst Control Center Graphics Full New
"{7F79299F-AE44-27A5-480E-72BD1B65D62C}" = Catalyst Control Center Core Implementation
"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}" = Island Wars 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-040E-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hungarian) 2007
"{90120000-0015-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0415-0000-0000000FF1CE}" = Microsoft Office Access MUI (Polish) 2007
"{90120000-0015-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2007
"{90120000-0015-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040E-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hungarian) 2007
"{90120000-0016-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0415-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Polish) 2007
"{90120000-0016-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2007
"{90120000-0016-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040E-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hungarian) 2007
"{90120000-0018-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0415-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Polish) 2007
"{90120000-0018-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2007
"{90120000-0018-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-040E-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hungarian) 2007
"{90120000-0019-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0415-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Polish) 2007
"{90120000-0019-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2007
"{90120000-0019-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-040E-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hungarian) 2007
"{90120000-001A-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0415-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Polish) 2007
"{90120000-001A-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2007
"{90120000-001A-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040E-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hungarian) 2007
"{90120000-001B-040E-0000-0000000FF1CE}_PROHYBRIDR_{D6F600AB-D132-40CA-B78A-20BE2C83395E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0415-0000-0000000FF1CE}" = Microsoft Office Word MUI (Polish) 2007
"{90120000-001B-0415-0000-0000000FF1CE}_PROHYBRIDR_{01CC3B2D-70DB-49DC-839A-A923D2A39EA4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2007
"{90120000-001B-0424-0000-0000000FF1CE}_PROHYBRIDR_{DE6F6651-39D5-44FA-96FD-647D5B3A3093}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0415-0000-0000000FF1CE}" = Microsoft Office Proof (Polish) 2007
"{90120000-001F-0415-0000-0000000FF1CE}_PROHYBRIDR_{9CC96D78-9E1D-46E0-AF4D-3EB440CD4619}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2007
"{90120000-001F-041A-0000-0000000FF1CE}_PROHYBRIDR_{9DECF714-4963-48E2-924A-B9075485AF6B}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2007
"{90120000-001F-0424-0000-0000000FF1CE}_PROHYBRIDR_{8FF4ED5D-9EA1-4EC5-8F10-767E1705310C}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040E-1000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0415-1000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0418-1000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-041B-1000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0424-1000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040E-0000-0000000FF1CE}" = Microsoft Office Proofing (Hungarian) 2007
"{90120000-002C-0415-0000-0000000FF1CE}" = Microsoft Office Proofing (Polish) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040E-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hungarian) 2007
"{90120000-006E-040E-0000-0000000FF1CE}_PROHYBRIDR_{1E71F4A2-F832-4B10-8CA5-2B49A20AAD87}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0415-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Polish) 2007
"{90120000-006E-0415-0000-0000000FF1CE}_PROHYBRIDR_{0C8AB602-A234-45AB-B355-4C863C1D2FA8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2007
"{90120000-006E-0424-0000-0000000FF1CE}_PROHYBRIDR_{455248D4-FBA8-4C55-AB56-3F209028D7B5}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92881120-6DA5-44A3-8BAB-2429A01D022E}" = YouTube Downloader Toolbar v4.3
"{92F124CB-D9AA-4E20-93E4-7A9442878FD2}" = Software602 Form Filler
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{A0B3637D-BDD9-7882-E8B3-8A3387463D10}" = CCC Help Danish
"{A13DE9CB-8C84-4889-B114-C5A9661F844E}" = Windows Live Fotogalerie
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A89EFC7E-4469-5F69-1CDE-C2D02B961B20}" = CCC Help Thai
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{AF1926EF-7640-A7A2-1908-B665869C705B}" = CCC Help German
"{B61F1ADD-F7FA-772C-ABFB-526C953CBD30}" = CCC Help Spanish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BB981E40-9F71-6EF2-50B3-69761683AA40}" = CCC Help Japanese
"{BCB52F35-4C56-49F2-A3D6-FDED54B01847}" = pdfforge Toolbar v4.4
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C4500D96-FDB3-5EE0-D460-1349823879A6}" = CCC Help Czech
"{C462542C-359F-6867-D44B-46F839A8B0A5}" = CCC Help Swedish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C5C450C4-886B-3B83-DE91-CEC809049DF5}" = CCC Help Korean
"{CD6A498E-0FF5-49CE-A70C-2D342E68E709}" = MioMore Desktop
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DB649148-BF0E-2244-FD5C-3CFCD75FBD00}" = CCC Help Italian
"{DB865E3E-E7FC-A4A2-84FA-545AD61BC3F7}" = CCC Help Portuguese
"{DFC6DCD2-033C-D834-23ED-77636EDCAE84}" = CCC Help Dutch
"{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.14
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E8EE2011-D936-42B6-9A68-3B388BE5F3E7}" = CCC Help Chinese Traditional
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{EECFF7F2-3A6D-F071-2D58-993A3A6018BA}" = CCC Help Finnish
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3A46425-5D0A-31C5-35A8-BE02EC5FE4E7}" = Catalyst Control Center Graphics Previews Vista
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F9E11402-22F4-22AD-D484-8ECCB29E461D}" = CCC Help Turkish
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"ASUS AP Bank_is1" = ASUS AP Bank
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"aTube Catcher" = aTube Catcher
"avast" = avast! Internet Security
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"BlazeDTV 6.0_is1" = BlazeDTV 6.0
"Brain Workshop_is1" = Brain Workshop 4.8.1
"Caesar 3" = Caesar 3
"FreeCommander_is1" = FreeCommander 2009.02
"InstallShield_{15030F2A-C19C-4780-8064-46C8CF4A822E}" = Caesar IV
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Mozilla Firefox 11.0 (x86 cs)" = Mozilla Firefox 11.0 (x86 cs)
"Mozilla Sunbird (0.8)" = Mozilla Sunbird (0.8)
"Mozilla Thunderbird 11.0.1 (x86 cs)" = Mozilla Thunderbird 11.0.1 (x86 cs)
"Picasa 3" = Picasa 3
"ProFact 3.0 Free_is1" = ProFact 3.0 Free
"PROHYBRIDR" = 2007 Microsoft Office system
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče průvodce verze 1.59.40.255
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"Sierra Utilities" = Sierra Utilities
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinX Free AVI to FLV Converter_is1" = WinX Free AVI to FLV Converter 4.1.3
"Youtube Downloader_is1" = Youtube Downloader 4.52

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/31/2011 7:17:24 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:25 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:25 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:30 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:30 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:30 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:39 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:39 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:39 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

Error - 5/31/2011 7:17:39 AM | Computer Name = Michal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Neplatné údaje. .

[ Media Center Events ]
Error - 1/23/2011 10:18:31 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:18:31 - Chyba při připojování k Internetu 15:18:31 - Nelze kontaktovat
server..

Error - 1/23/2011 10:18:43 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:18:36 - Chyba při připojování k Internetu 15:18:36 - Nelze kontaktovat
server..

Error - 1/29/2011 10:06:55 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:06:55 - Chyba při připojování k Internetu 15:06:55 - Nelze kontaktovat
server..

Error - 1/29/2011 10:07:13 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:07:00 - Chyba při připojování k Internetu 15:07:00 - Nelze kontaktovat
server..

Error - 2/4/2011 10:51:34 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:51:33 - Chyba při připojování k Internetu 15:51:34 - Nelze kontaktovat
server..

Error - 2/4/2011 10:52:00 AM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 15:51:40 - Chyba při připojování k Internetu 15:51:40 - Nelze kontaktovat
server..

Error - 2/6/2011 2:05:29 PM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 19:05:28 - Chyba při připojování k Internetu 19:05:29 - Nelze kontaktovat
server..

Error - 2/6/2011 2:05:41 PM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 19:05:34 - Chyba při připojování k Internetu 19:05:34 - Nelze kontaktovat
server..

Error - 2/6/2011 3:05:46 PM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 20:05:46 - Chyba při připojování k Internetu 20:05:46 - Nelze kontaktovat
server..

Error - 2/6/2011 3:05:54 PM | Computer Name = Michal-PC | Source = MCUpdate | ID = 0
Description = 20:05:51 - Chyba při připojování k Internetu 20:05:51 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 9/5/2010 9:06:20 AM | Computer Name = Michal-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/30/2010 5:43:55 AM | Computer Name = Michal-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/30/2010 6:29:03 PM | Computer Name = Michal-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/21/2011 10:18:34 AM | Computer Name = Michal-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/20/2012 9:07:53 AM | Computer Name = Michal-PC | Source = DCOM | ID = 10005
Description =

Error - 4/20/2012 9:07:53 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:07:59 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 4/20/2012 9:08:00 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7000
Description = Služba TrustedInstaller neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >

[vyosek]

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe -- (PCSpeedUpService)
  DRV - [2012/04/20 11:51:36 | 000,061,440 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\ikcspu.sys -- (vedi)
  IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
  IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/#utm_source=icq&u ... um=generic
  IE - HKCU\..\URLSearchHook: - No CLSID value found
  IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
  IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\InprocServer32 File not found
  IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
  IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
  IE - HKCU\..\SearchScopes\{1B3793A9-70A0-4EC7-B5F5-D064EF23451A}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=a6da0211-ccc3-4e8a-b285-20c20ef18c52&apn_sauid=60CDD5C8-591D-46AD-BE00-0B517044FC88
  IE - HKCU\..\SearchScopes\{5A2D83D3-3152-47AA-8659-0CC2A6533A3D}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =302398&p={searchTerms}
  IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=525F1C6001CC1E9F006CA268&install_time=2011-05-30T07:58:12Z&src_id=12251&camp_id=2556&tb_version=2.5.18000.3
  IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
  IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_fs
  IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
  FF - prefs.js..browser.search.defaultengine: "Ask.com"
  FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
  FF - prefs.js..browser.search.order.1: "Ask.com"
  FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
  FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
  FF - prefs.js..browser.search.useDBForOrder: true
  FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
  FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
  FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.4.7&q="
  FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  [2012/01/05 21:08:01 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
  [2012/04/01 14:12:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  oolbar@toolbarnet.com
  [2011/03/26 09:44:40 | 000,000,000 | ---D | M] (Force-TLS) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm
  [2011/01/19 16:17:45 | 000,000,000 | ---D | M] ("BlackSheep") -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com
  [2011/05/01 09:56:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp
  [2010/06/23 16:48:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\mp\AppData\Roaming\Mozilla\Sunbird\Profiles\xv408hry.default\extensions
  [2011/04/27 13:41:47 | 000,002,396 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\askcom.xml
  [2010/11/24 16:11:28 | 000,002,059 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\daemon-search.xml
  [2012/04/20 07:56:53 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-1.xml
  [2011/05/01 09:57:32 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-10.xml
  [2011/05/15 19:23:27 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-11.xml
  [2011/07/02 09:35:48 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-12.xml
  [2011/08/20 19:55:23 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-13.xml
  [2011/09/01 08:04:56 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-14.xml
  [2011/09/09 13:38:08 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-15.xml
  [2011/10/01 17:57:18 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-16.xml
  [2011/10/14 17:32:43 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-17.xml
  [2011/11/09 22:24:20 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-18.xml
  [2012/01/10 18:38:54 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-19.xml
  [2010/09/22 13:19:19 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-2.xml
  [2012/01/10 18:48:11 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-20.xml
  [2012/02/18 10:02:20 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-21.xml
  [2012/03/19 18:40:24 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-22.xml
  [2012/04/06 10:04:13 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-23.xml
  [2010/10/20 16:10:53 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-3.xml
  [2010/10/30 09:55:44 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-4.xml
  [2010/12/15 11:11:26 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-5.xml
  [2011/03/02 12:07:09 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-6.xml
  [2011/03/05 22:39:15 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-7.xml
  [2011/03/24 18:45:42 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-8.xml
  [2011/03/29 09:51:27 | 000,000,950 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-9.xml
  [2011/03/30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin.xml
  [2010/11/01 18:45:34 | 000,002,030 | ---- | M] () -- C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\MyStart Search.xml
  O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll File not found
  O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O2 - BHO: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
  O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
  O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll File not found
  O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
  O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
  O4 - HKLM..\Run: [] File not found
  O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
  O1364bit: - gopher Prefix: missing
  O13 - gopher Prefix: missing
  O18:64bit: - Protocol\Handler\livecall - No CLSID value found
  O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
  O18:64bit: - Protocol\Handler\msnim - No CLSID value found
  O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
  O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
  O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
  O18 - Protocol\Handler\gopher - No CLSID value found
  O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
  O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  [2012/04/16 20:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
  [2012/04/16 20:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
  [2010/06/23 18:10:01 | 000,000,000 | -HSD | M] -- C:\Users\mp\AppData\Roaming\.#
  [2012/04/18 07:28:35 | 000,000,000 | ---D | M] -- C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus
  [6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [13 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
  [19 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
  [2 C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\531725f6d0e1ef874022ca9d934c2a57\*.tmp files -> C:\Windows\SoftwareDistribution\Download\531725f6d0e1ef874022ca9d934c2a57\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\79a228ce41a71b2e835a64261760f498\*.tmp files -> C:\Windows\SoftwareDistribution\Download\79a228ce41a71b2e835a64261760f498\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\80d8082a4a55a420d345a07e3af4eb8f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\80d8082a4a55a420d345a07e3af4eb8f\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\96dfe48078f007360039dcfc29006d3c\*.tmp files -> C:\Windows\SoftwareDistribution\Download\96dfe48078f007360039dcfc29006d3c\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\98ac3c59866a88ff291f739b97f47c53\*.tmp files -> C:\Windows\SoftwareDistribution\Download\98ac3c59866a88ff291f739b97f47c53\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\98bc604e4c4e21a1efca04b344436e42\*.tmp files -> C:\Windows\SoftwareDistribution\Download\98bc604e4c4e21a1efca04b344436e42\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\ca50ea8614b029b5b6b63fe596ea6d81\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ca50ea8614b029b5b6b63fe596ea6d81\*.tmp -> ]
  [2 C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\*.tmp files -> C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\*.tmp -> ]
  [1 C:\Windows\SoftwareDistribution\Download\faae445bdf9eab291317cd2ccf09b1df\*.tmp files -> C:\Windows\SoftwareDistribution\Download\faae445bdf9eab291317cd2ccf09b1df\*.tmp -> ]
  [4 C:\Windows\Temp\_avast_\*.tmp files -> C:\Windows\Temp\_avast_\*.tmp -> ]
  [2012/04/17 00:24:36 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
  [2011/10/09 19:42:58 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
  [2012/04/20 15:24:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
  [2012/03/20 14:14:08 | 000,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-879712419-658512947-2250940320-1001Core1cd0692f3b2715d.job
  [2012/04/20 14:26:33 | 000,000,280 | ---- | M] () -- C:\Windows\Tasks\iMeshNAG.job
  [2012/04/20 15:59:00 | 000,000,430 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Email Reminder.job
  [2012/04/20 11:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\Tasks\vtigerCRM Notification Scheduler.job
  
  :services
  Application Updater
  gusvc
  gupdate
  gupdatem
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "SpybotSD TeaTimer"=-
  "Google Update"=-
  "ICQ"=-
  "Skype"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
  "UpdateLBPShortCut"=-
  "UpdateP2GoShortCut"=-
  "Adobe ARM"=-
  "Adobe Reader Speed Launcher"=-
  "QuickTime Task"=-
  ""=-
  "SearchSettings"=-
  "SunJavaUpdateSched"=-
  "Ad-Aware Browsing Protection"=-
  "Ad-Aware Antivirus"=-
  
  :files
  C:\Program Files (x86)\Application Updater
  C:\Program Files (x86)\Common Files\Spigot
  C:\Program Files\Zrychleni Pocitace
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[petr-kapr]

Zde to je:

All processes killed
========== OTL ==========
Service PCSpeedUpService stopped successfully!
Service PCSpeedUpService deleted successfully!
File C:\Program Files\Zrychleni Pocitace\PCSpeedUpService.exe not found.
Service vedi stopped successfully!
Service vedi deleted successfully!
C:\Windows\SysWOW64\drivers\ikcspu.sys moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1B3793A9-70A0-4EC7-B5F5-D064EF23451A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B3793A9-70A0-4EC7-B5F5-D064EF23451A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5A2D83D3-3152-47AA-8659-0CC2A6533A3D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5A2D83D3-3152-47AA-8659-0CC2A6533A3D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B63A8D6-BBED-4341-8867-790E5F524C96}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.3.1&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: pdfforge@mybrowserbar.com:4.3 removed from extensions.enabledItems
Prefs.js: DTToolbar@toolbarnet.com:1.1.7.0190 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.4.7&q=" removed from keyword.URL
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\defaults\preferences folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\defaults folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\skin folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\zh-TW folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\zh-CN folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\vi-VN folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\uk-UA folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\tr-TR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\th-TH folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\sv-SE folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\sr-RS folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\sl-SI folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\sk-SK folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ru-RU folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ro-RO folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\pt-PT folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\pt-BR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\pl-PL folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\nl-NL folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\nb-NO folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\mn-MN folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\lt-LT folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ko-KR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\km-KH folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ja-JP folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\it-IT folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\id-ID folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\hu-HU folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\hr-HR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\he-IL folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\fy-NL folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\fr-FR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\fi-FI folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\fa-IR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\eu-ES folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\et-EE folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\es-ES folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\es-AR folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\en-US folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\de-DE folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\da-DK folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\cs-CZ folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ca-AD folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\bg-BG folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\be-BY folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\ar folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale\af-ZA folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\locale folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome\content folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\chrome folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\skin folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\tr folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\sk folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\ru folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\it folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\he folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\fr folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\es folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\en-US folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\de folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\cs folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale\bg folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\locale folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content\img folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\content folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\skin folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\locale\en-US folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\locale folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\jslib folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\defaults\preferences folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\defaults folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\content folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\forcetls@sid.stamm folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\WINNT_x86-msvc\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\WINNT_x86-msvc folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Linux_x86_64-gcc3\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Linux_x86_64-gcc3 folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Linux_x86-gcc3\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Linux_x86-gcc3 folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3\firesheep-backend.dSYM\Contents\Resources\DWARF folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3\firesheep-backend.dSYM\Contents\Resources folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3\firesheep-backend.dSYM\Contents folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3\firesheep-backend.dSYM folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform\Darwin_x86-gcc3 folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\platform folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\modules\util folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\modules folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\locale\en-US folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\locale folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\handlers folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\defaults\preferences folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\defaults folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\components folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\chrome\skin folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\chrome\locale\en-US folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\chrome\locale folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\chrome\content folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com\chrome folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\jsobrier@zscaler.com folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp\plugins folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp\content folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\extensions\nostmp folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Sunbird\Profiles\xv408hry.default\extensions folder moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\askcom.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\daemon-search.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-10.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-11.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-12.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-13.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-14.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-15.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-16.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-17.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-18.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-19.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-20.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-21.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-22.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-23.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-8.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin-9.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\searchplugins\MyStart Search.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\gopher\ deleted successfully.
File Protocol\Handler\gopher - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\Lavasoft\AntiMalware\Rules folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\Quarantine folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\Logs folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\History folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\FW History folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\Events folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware\Downloads folder moved successfully.
C:\ProgramData\Lavasoft\AntiMalware folder moved successfully.
C:\ProgramData\Lavasoft folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus\Engine\Definitions folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus\Engine folder moved successfully.
C:\Program Files (x86)\Ad-Aware Antivirus folder moved successfully.
C:\Users\mp\AppData\Roaming\.# folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120420T095515.518389PID4368 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120420T080254.999757PID3816 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120420T074313.857825PID3720 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120420T052732.172496PID3508 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120419T171332.268518PID3600 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120419T170955.859314PID3516 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120419T151205.276629PID3740 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120419T065921.770393PID4796 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120419T065640.563644PID3936 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120418T205902.344600PID3416 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120418T045610.390722PID3908 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120417T230425.085600PID1200 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120417T195451.844502PID3256 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120417T135809.387378PID2848 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120417T060832.996736PID3868 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120416T222604.465204PID3904 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs\20120416T193517.924004PID3272 folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus\Logs folder moved successfully.
C:\Users\mp\AppData\Roaming\Ad-Aware Antivirus folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A74.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A98.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP43D5.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7F9D.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8D41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP406.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP44D0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6CF6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7946.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7DB9.tmp\LoadMxf.exe deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7DB9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7E24.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP844C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP955C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP96A6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD3B6.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD43F.tmp\System.Runtime.Serialization.Formatters.Soap.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD43F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI16CC.tmp deleted successfully.
C:\Windows\Installer\MSI212.tmp deleted successfully.
C:\Windows\Installer\MSI2271.tmp deleted successfully.
C:\Windows\Installer\MSI25AD.tmp deleted successfully.
C:\Windows\Installer\MSI2D68.tmp deleted successfully.
C:\Windows\Installer\MSI4FE4.tmp deleted successfully.
C:\Windows\Installer\MSI6709.tmp deleted successfully.
C:\Windows\Installer\MSI6D5D.tmp deleted successfully.
C:\Windows\Installer\MSI786B.tmp deleted successfully.
C:\Windows\Installer\MSI8745.tmp deleted successfully.
C:\Windows\Installer\MSI8890.tmp deleted successfully.
C:\Windows\Installer\MSI8A8E.tmp deleted successfully.
C:\Windows\Installer\MSI9CFA.tmp deleted successfully.
C:\Windows\Installer\MSIC595.tmp deleted successfully.
C:\Windows\Installer\MSIC62D.tmp deleted successfully.
C:\Windows\Installer\MSIC6C0.tmp deleted successfully.
C:\Windows\Installer\MSIC8DC.tmp deleted successfully.
C:\Windows\Installer\MSID471.tmp deleted successfully.
C:\Windows\Installer\MSIF013.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt2F3B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\3ae9d64fe4836ae7e90426e7ea7a787e\BITCF4F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\531725f6d0e1ef874022ca9d934c2a57\BITAEF6.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\79a228ce41a71b2e835a64261760f498\BIT408B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\80d8082a4a55a420d345a07e3af4eb8f\BIT7AF1.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\96dfe48078f007360039dcfc29006d3c\BIT1D44.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\98ac3c59866a88ff291f739b97f47c53\BIT5B7B.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\98bc604e4c4e21a1efca04b344436e42\BITCA0E.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\ca50ea8614b029b5b6b63fe596ea6d81\BIT80FB.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\$dpx$.tmp\job.xml deleted successfully.
C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\ea6d22aca566ac3d2b4dd04e4d231d95\BIT6565.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\faae445bdf9eab291317cd2ccf09b1df\BITCDD7.tmp deleted successfully.
C:\Windows\Temp\_avast_\unp144523027.tmp deleted successfully.
C:\Windows\Temp\_avast_\unp222016356.tmp deleted successfully.
C:\Windows\Temp\_avast_\unp65897254.tmp deleted successfully.
C:\Windows\Temp\_avast_\unp9610456.tmp deleted successfully.
C:\Windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job moved successfully.
C:\Windows\Tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-879712419-658512947-2250940320-1001Core1cd0692f3b2715d.job moved successfully.
C:\Windows\Tasks\iMeshNAG.job moved successfully.
C:\Windows\Tasks\vtigerCRM Email Reminder.job moved successfully.
C:\Windows\Tasks\vtigerCRM Notification Scheduler.job moved successfully.
========== SERVICES/DRIVERS ==========
Service Application Updater stopped successfully!
Service Application Updater deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateLBPShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\UpdateP2GoShortCut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Browsing Protection not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Ad-Aware Antivirus not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Application Updater not found.
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\wtxpcom folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot\Search Settings folder moved successfully.
C:\Program Files (x86)\Common Files\Spigot folder moved successfully.
File\Folder C:\Program Files\Zrychleni Pocitace not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Default
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes

User: mp
->Temp folder emptied: 176589966 bytes
->Temporary Internet Files folder emptied: 9804575 bytes
->Java cache emptied: 559979 bytes
->FireFox cache emptied: 87072312 bytes
->Flash cache emptied: 4334 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34998589 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68045 bytes
RecycleBin emptied: 12209656142 bytes

Total Files Cleaned = 11,939.00 mb


[EMPTYFLASH]

User: Default
->Flash cache emptied: 0 bytes

User: mp
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.40.0 log created on 04202012_184211

Files\Folders moved on Reboot...
C:\Users\mp\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\mp\AppData\Local\Mozilla\Firefox\Profiles\rlcn1z7y.default\Cache\_CACHE_001_ moved successfully.
C:\Users\mp\AppData\Local\Mozilla\Firefox\Profiles\rlcn1z7y.default\Cache\_CACHE_002_ moved successfully.
C:\Users\mp\AppData\Local\Mozilla\Firefox\Profiles\rlcn1z7y.default\Cache\_CACHE_003_ moved successfully.
C:\Users\mp\AppData\Local\Mozilla\Firefox\Profiles\rlcn1z7y.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\mp\AppData\Local\Mozilla\Firefox\Profiles\rlcn1z7y.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[vyosek]

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

• Ukoncete vsechny programy
• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Pockejte na dokonceni PreScanu
• Zvolte moznost Prohledat (scan)
• Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte

[petr-kapr]

Zde to je:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: mp [Práva správce]
Mód: Kontrola -- Datum: 04/20/2012 22:17:49

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 3 ¤¤¤
[SUSP PATH] iMeshNAG.job @ : C:\Users\mp\AppData\Local\Temp\iMesh_setup.exe -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] 0cd6ad52f5165f1aee84dad147ddf121
[BSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

[vyosek]

Spustte znovu RogueKiller

• Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
• Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
• Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

[petr-kapr]

Zde to je:

RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: mp [Práva správce]
Mód: Odebrat -- Datum: 04/21/2012 12:17:52

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Záznamy Registrů: 3 ¤¤¤
[SUSP PATH] iMeshNAG.job @ : C:\Users\mp\AppData\Local\Temp\iMesh_setup.exe -> DELETED
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST950032 5AS SATA Disk Device +++++
--- User ---
[MBR] 0cd6ad52f5165f1aee84dad147ddf121
[BSP] 430eaf6ed8558d670d2c84579f07828f : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 14997 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 30716280 | Size: 119232 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 274904280 | Size: 342706 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt



RogueKiller V7.3.2 [03/20/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v: Normální režim
Uživatel: mp [Práva správce]
Mód: Oprava HOSTS -- Datum: 04/21/2012 12:18:09

¤¤¤ Škodlivé procesy: 0 ¤¤¤

¤¤¤ Ovladač: [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

[vyosek]

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[petr-kapr]

Tak nakonec to trvalo skoro hodinu a půl. Zde jsou výsledky:

ComboFix 12-04-20.03 - mp 21.04.2012 12:46:14.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4095.2672 [GMT 2:00]
Spuštěný z: c:\users\mp\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\windows\msxml4-KB973685-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-21 do 2012-04-21 )))))))))))))))))))))))))))))))
.
.
2012-04-21 09:57 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{553012F1-6595-491E-9629-C0F9ACA53210}\mpengine.dll
2012-04-21 09:54 . 2012-04-21 09:54 -------- d-----w- c:\programdata\Plugins
2012-04-20 17:37 . 2012-04-20 17:37 -------- d-----w- c:\program files (x86)\JRE
2012-04-20 17:24 . 2012-04-20 17:31 -------- d-----w- c:\programdata\PC Optimizer Pro
2012-04-20 17:19 . 2012-04-20 17:19 -------- d-----w- c:\users\mp\AppData\Local\WeatherBug
2012-04-20 17:19 . 2012-04-20 17:19 -------- d-----w- c:\users\mp\AppData\Roaming\WeatherBug
2012-04-20 17:19 . 2012-04-20 17:19 18944 ----a-r- c:\users\mp\AppData\Roaming\Microsoft\Installer\{8F018A9E-56DE-4A79-A5EF-25F413F1D538}\IconBB6A16301.exe
2012-04-20 17:18 . 2012-04-20 17:18 50 ----a-w- C:\user.js
2012-04-20 16:42 . 2012-04-20 16:42 -------- d-----w- C:\_OTL
2012-04-20 14:29 . 2012-04-20 14:28 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-04-20 14:29 . 2012-04-20 14:28 660368 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-20 14:28 . 2012-04-20 14:28 -------- d-----w- c:\program files\Java
2012-04-20 14:28 . 2012-04-20 14:28 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-04-20 14:26 . 2012-04-20 14:26 637848 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-04-20 12:49 . 2012-04-20 13:32 512 ----a-w- C:\PhysicalMBR.bin
2012-04-20 11:24 . 2012-04-20 11:24 8766112 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-20 11:20 . 2012-04-20 11:24 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-20 10:58 . 2012-04-20 11:00 -------- d-----w- c:\program files (x86)\QuickTime
2012-04-20 10:58 . 2012-04-20 10:58 -------- d-----w- c:\programdata\Apple Computer
2012-04-20 10:57 . 2012-04-20 10:57 -------- d-----w- c:\programdata\Ask
2012-04-20 10:48 . 2012-04-20 10:48 -------- d-----w- c:\users\mp\AppData\Local\Secunia PSI
2012-04-20 09:58 . 2012-04-20 10:18 -------- d-----w- c:\program files\trend micro
2012-04-20 09:58 . 2012-04-20 09:59 -------- d-----w- C:\rsit
2012-04-20 07:18 . 2012-04-20 07:18 -------- d-----w- c:\windows\CheckSur
2012-04-18 05:27 . 2012-04-18 05:27 -------- d-----w- c:\users\mp\AppData\Roaming\Malwarebytes
2012-04-18 05:27 . 2012-04-18 05:27 -------- d-----w- c:\programdata\Malwarebytes
2012-04-16 18:41 . 2011-04-05 15:35 60504 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-04-16 18:41 . 2011-04-05 15:35 94296 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-04-16 18:40 . 2011-02-08 07:14 84568 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-04-16 18:40 . 2011-04-05 15:35 253528 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-04-16 18:36 . 2012-04-16 18:36 -------- d-----w- c:\users\mp\AppData\Local\adawarebp
2012-04-16 18:35 . 2012-04-16 18:35 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-04-14 20:08 . 2012-03-13 04:38 97208 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-04-14 09:19 . 2012-04-14 09:19 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-04-10 09:08 . 2012-04-12 20:08 -------- d-----w- c:\programdata\Microsoft Help
2012-04-09 07:08 . 2012-04-09 07:08 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-04-09 07:08 . 2012-04-09 07:08 19352 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-04-08 19:57 . 2012-04-10 08:54 -------- d-----w- c:\users\mp\AppData\Local\Mozilla
2012-04-08 19:55 . 2012-04-08 19:55 -------- d-----w- c:\users\mp\AppData\Local\ATI
2012-04-08 19:55 . 2012-04-08 19:55 -------- d-----w- c:\programdata\ATI
2012-04-08 19:54 . 2012-04-20 12:34 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-04-08 19:54 . 2012-04-08 19:54 -------- d-----w- c:\programdata\BlazeVideo
2012-04-08 19:54 . 2012-04-10 08:54 -------- d-----w- c:\users\mp\AppData\Local\VirtualStore
2012-04-06 11:27 . 2006-10-27 04:12 18744 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\MSInfo\OINFOS12.DLL
2012-04-06 11:27 . 2006-10-27 04:12 87352 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\MSInfo\OINFOP12.EXE
2012-04-06 11:27 . 2012-04-06 11:27 -------- d-----w- c:\program files (x86)\Youtube Downloader
2012-04-06 11:22 . 2012-04-06 11:22 -------- d-----w- c:\program files (x86)\Sierra
2012-04-06 11:22 . 2012-04-06 11:22 -------- d-----w- c:\program files (x86)\rajce
2012-04-06 11:21 . 2012-04-06 11:22 -------- d-----w- c:\program files (x86)\PSPad editor
2012-04-06 11:21 . 2012-04-06 11:21 -------- d-----w- c:\program files (x86)\ProgDVB
2012-04-06 11:21 . 2012-04-06 11:21 -------- d-----w- c:\program files (x86)\PDFCreator
2012-04-06 11:21 . 2012-04-06 11:21 -------- d-----w- c:\program files (x86)\MP3 Skype Recorder
2012-04-06 11:21 . 2012-04-06 11:21 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-04-06 11:21 . 2012-04-06 11:21 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-04-06 11:20 . 2012-04-20 14:26 -------- d-----w- c:\program files (x86)\Java
2012-04-06 11:19 . 2012-04-06 11:20 -------- d-----w- c:\program files (x86)\ICQ7.6
2012-04-06 11:17 . 2001-01-16 12:23 192512 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\VS Runtime\1060\CMDDEFUI.DLL
2012-04-06 11:07 . 2012-04-10 08:54 -------- d-----w- c:\users\mp\AppData\Local\Microsoft Games
2012-04-04 18:37 . 2012-04-04 18:37 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-03-26 15:41 . 2012-03-26 15:41 103864 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2012-03-25 07:32 . 2012-03-06 23:02 28504 ----a-w- c:\windows\system32\drivers\aswKbd.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-20 14:26 . 2010-06-23 15:20 567696 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-04-20 11:24 . 2011-05-16 17:39 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-20 07:42 . 2010-08-21 21:53 45056 ----a-w- c:\windows\system32\acovcnt.exe
2012-03-06 23:15 . 2010-08-23 18:53 41184 ----a-w- c:\windows\avastSS.scr
2012-03-06 23:15 . 2010-08-23 18:53 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-06 23:15 . 2011-01-19 07:42 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-06 23:04 . 2011-04-12 06:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-06 23:04 . 2010-08-23 18:55 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-06 23:02 . 2012-02-26 20:43 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-06 23:01 . 2010-08-23 18:55 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-06 23:01 . 2010-08-23 18:55 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-06 23:01 . 2010-08-23 18:55 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-23 08:18 . 2010-06-23 14:50 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlazeServoTool"="c:\program files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" [2010-03-06 286720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-10-02 98304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-17 2245120]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - d:\program files (x86)\PSI\psi_tray.exe [2011-10-14 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2012-03-06 134920]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 vtigercrm504;vtigercrm504;c:\program files (x86)\vtigercrm5\apache\bin\Apache.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 253088]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [x]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [x]
S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
S2 Secunia PSI Agent;Secunia PSI Agent;d:\program files (x86)\PSI\PSIA.exe [2011-10-14 994360]
S2 Secunia Update Agent;Secunia Update Agent;d:\program files (x86)\PSI\sua.exe [2011-10-14 399416]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\Drivers\IT9135BDA.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2009-11-26 1732608]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
mLocal Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.2.0.200 212.65.193.157
FF - ProfilePath - c:\users\mp\AppData\Roaming\Mozilla\Firefox\Profiles\rlcn1z7y.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
pref('extensions.shownSelectionUI',true); pref('extensions.autoDisableScopes',0);FF - user.js: extensions.funmoods_i.newTab - false
FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=axl&q=
FF - user.js: extensions.funmoods_i.id - e299c483000000000000e0cb4e4a290a
FF - user.js: extensions.funmoods_i.instlDay - 15450
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1619:18
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - axl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef -
FF - user.js: extensions.funmoods_i.dfltLng -
FF - user.js: extensions.funmoods_i.excTlbr - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-Weather - c:\program files (x86)\AWS\WeatherBug\Weather.exe
Wow6432Node-HKU-Default-Run-MP3 Skype Recorder - c:\program files (x86)\MP3 Skype Recorder\MP3 Skype Recorder.exe
AddRemove-Activation Assistant for the 2007 Microsoft Office suites - c:\programdata\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe
AddRemove-Caesar 3 - c:\sierra\Caesar3\Uninst.isu
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,1e,d3,33,68,a1,d6,4a,b7,ce,ad,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c3,1e,d3,33,68,a1,d6,4a,b7,ce,ad,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Hotkey\WDC.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
.
**************************************************************************
.
Celkový čas: 2012-04-21 14:13:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-21 12:13
.
Před spuštěním: Volných bajtů: 76 155 924 480
Po spuštění: Volných bajtů: 75 516 436 480
.
- - End Of File - - 0878C959A082E1B77FCE10905B1E494A