Policejni vir - Findass

Zpráva

Findass · #1 Příspěvek od **Findass** » 10 led 2013 14:15

Ahoj, dnes se mi do ntbk dostal tento vir a nevim co s tim mam delat. Zkousel jsem nejake navody z internetu ale nic mi nepomohlo. Zkousel jsem rucni smazani, roguekiller v nouzovym rezimu, ale nefunguje. Nejde mi pouzit tlacitko Prochazet v nouzovem rezimu ve spravci uloh. A kdyz to chci spustit pres c:/ a pak se dostat do nejake slozky nebo na usb protoze nez cokoli z toho stihnu, vir se zapne opet a nejde nic delat. Prosim o pomoc. Dekuji moc, Findas

#2 Příspěvek od **vyosek** » 10 led 2013 15:08

Zdravim

Tema jsem oddelil at se nam to neplete

Na zdravem PC stahnete Farbar Recovery Scan Tool http://www.bleepingcomputer.com/downloa ... scan-tool/

Ulozte na nejaky flash disk, primo na jeho koren

Na poskozenem PC nabootujte Nouzovy rezim s prikazovym radkem MS-DOS

Nyni si zjisteme pismeno flash disku

Zadejte prikaz notepad a odenterujte
Otebre se poznamkovy blok (notepad)
Dejte Soubor --> Otevrit --> najdete tento pocitac a otevrete USB klic je FRST ulozeny
Podivejte se, jake pismeno ma USB klic (F:\, G:\ apod)
Zavrete notepad krizkem

Ted si ziskame log

Pokud mate stazeny FRST pro 64 bit OS, tak se jmenuje FRST64.exe a je nutne jej tak zadat
Zadejte prikaz "pismeno disku":\FRST.exe a odenterujte (napr. F:\FRST.exe)
Spusti se FRST
Spuste prohledavani kliknutim na Scan
Po chvili se vytvori na flash disku log FRST.exe
Ten mi sem vlozte pres zdravy PC

Findass · #3 Příspěvek od **Findass** » 13 led 2013 11:37

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-01-2013
Ran by Honza at 13-01-2013 11:32:32
Running from C:\Users\Honza\Downloads
Service Pack 2 (X86) OS Language: Czech
Attention: Could not load system hive.
Chyba: Proces nem pýˇstup k souboru, neboś jej pr vŘ vyu§ˇv jině proces.

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.

==================== One Month Created Files and Folders ========

2013-01-13 11:32 - 2013-01-13 11:32 - 00000000 ____D C:\FRST
2013-01-13 11:31 - 2013-01-13 11:32 - 00909506 ____A (Farbar) C:\Users\Honza\Downloads\FRST.exe
2013-01-13 11:31 - 2013-01-13 11:31 - 01464233 ____A (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2013-01-13 07:54 - 2013-01-13 10:31 - 1464054344 ____A C:\Users\Honza\Downloads\Batman-začíná-(2005)-DVDRip-CZ.avi
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setupact.log
2013-01-11 16:59 - 2013-01-11 16:59 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-01-11 16:56 - 2013-01-11 17:00 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer
2013-01-11 16:56 - 2013-01-11 16:56 - 00000009 ____A C:\END
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer Pro
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Local\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Webteh
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\BS_Player
2013-01-11 16:53 - 2013-01-11 16:53 - 00000000 ____D C:\Users\Honza\Downloads\bsplayer261.1065
2013-01-11 08:26 - 2013-01-13 07:19 - 00015664 ____A C:\Windows\PFRO.log
2013-01-11 00:46 - 2013-01-11 00:46 - 00279568 ____A C:\Users\Honza\Documents\cc_20130111_004631.reg
2013-01-10 23:13 - 2013-01-10 23:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-01-10 15:04 - 2012-10-30 23:51 - 00106560 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
2013-01-10 14:59 - 2012-10-30 23:51 - 00199320 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
2013-01-10 14:59 - 2012-10-30 23:51 - 00020624 ____A (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2013-01-10 14:58 - 2012-09-21 10:26 - 00012112 ____A (ALWIL Software) C:\Windows\System32\Drivers\aswNdis.sys
2013-01-10 09:31 - 2013-01-10 09:36 - 00000000 ____D C:\Users\Honza\2013-01-10
2013-01-10 07:39 - 2012-11-23 02:35 - 02048000 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-10 07:37 - 2012-11-22 04:54 - 00353280 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2013-01-10 07:37 - 2012-11-20 05:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-10 07:37 - 2012-11-02 11:19 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-12-30 22:43 - 2012-12-30 22:43 - 00000000 ____D C:\Users\Honza\Downloads\Rytmus-Jediny-Co-Hresi-(2012)-novy-album
2012-12-27 10:09 - 2013-01-13 11:08 - 00000370 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Honza.job
2012-12-27 10:09 - 2013-01-13 07:20 - 00000376 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Honza.job
2012-12-27 10:09 - 2013-01-12 12:08 - 00000366 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Honza.job
2012-12-25 18:22 - 2012-12-25 18:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2012-12-24 21:48 - 2012-12-24 21:48 - 00001668 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-24 21:47 - 2012-12-24 21:48 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-24 21:47 - 2012-12-24 21:48 - 00000000 ____D C:\Program Files\iTunes
2012-12-24 21:47 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iPod
2012-12-21 15:32 - 2012-12-16 14:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 15:32 - 2012-12-16 11:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

==================== One Month Modified Files and Folders ========

2013-01-13 11:32 - 2013-01-13 11:31 - 00909506 ____A (Farbar) C:\Users\Honza\Downloads\FRST.exe
2013-01-13 11:31 - 2013-01-13 11:31 - 01464233 ____A (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2013-01-13 11:19 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-13 11:19 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-13 11:09 - 2009-01-07 01:53 - 01349358 ____A C:\Windows\WindowsUpdate.log
2013-01-13 11:08 - 2012-12-27 10:09 - 00000370 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Honza.job
2013-01-13 10:59 - 2012-08-25 09:56 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-13 10:48 - 2009-01-08 21:06 - 00119808 ____A C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-13 10:39 - 2010-02-08 15:57 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-13 10:31 - 2013-01-13 07:54 - 1464054344 ____A C:\Users\Honza\Downloads\Batman-začíná-(2005)-DVDRip-CZ.avi
2013-01-13 07:20 - 2012-12-27 10:09 - 00000376 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Honza.job
2013-01-13 07:20 - 2010-02-08 15:57 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-13 07:20 - 2008-05-08 23:52 - 00000147 ____A C:\Windows\System32\agent.log
2013-01-13 07:19 - 2013-01-11 08:26 - 00015664 ____A C:\Windows\PFRO.log
2013-01-13 07:19 - 2012-06-15 21:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-01-13 07:19 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-12 21:07 - 2009-01-06 20:04 - 00011183 ____A C:\Windows\bthservsdp.dat
2013-01-12 21:07 - 2006-11-02 14:01 - 00032600 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setupact.log
2013-01-12 12:41 - 2009-01-08 15:47 - 00000000 ____D C:\Users\Honza\Desktop\Ostatní
2013-01-12 12:08 - 2012-12-27 10:09 - 00000366 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Honza.job
2013-01-11 17:00 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer
2013-01-11 16:59 - 2013-01-11 16:59 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-01-11 16:56 - 2013-01-11 16:56 - 00000009 ____A C:\END
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer Pro
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Local\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Webteh
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\BS_Player
2013-01-11 16:53 - 2013-01-11 16:53 - 00000000 ____D C:\Users\Honza\Downloads\bsplayer261.1065
2013-01-11 12:33 - 2010-02-28 12:40 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Winamp
2013-01-11 12:33 - 2009-01-18 12:49 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Media Player Classic
2013-01-11 12:27 - 2012-11-27 21:10 - 00000000 ____D C:\Users\Honza\Downloads\Swag new
2013-01-11 09:32 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-01-11 00:46 - 2013-01-11 00:46 - 00279568 ____A C:\Users\Honza\Documents\cc_20130111_004631.reg
2013-01-11 00:44 - 2010-01-05 17:04 - 00000000 ____D C:\Windows\Minidump
2013-01-11 00:44 - 2009-02-01 12:18 - 00000000 ____D C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2013-01-10 23:13 - 2013-01-10 23:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-01-10 19:29 - 2006-11-02 13:47 - 00381544 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-10 19:24 - 2008-05-08 23:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-10 19:05 - 2006-11-02 11:24 - 65273848 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-01-10 15:18 - 2009-01-06 20:01 - 00000000 ____D C:\users\Honza
2013-01-10 14:59 - 2006-11-02 11:23 - 00002577 ____A C:\Windows\System32\config.nt
2013-01-10 12:37 - 2012-08-08 15:57 - 00000680 ____A C:\Users\Honza\AppData\Local\d3d9caps.dat
2013-01-10 12:09 - 2008-05-08 23:24 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-01-10 12:04 - 2009-01-06 20:19 - 00000000 ____A C:\Windows\System32\LogConfigTemp.xml
2013-01-10 09:36 - 2013-01-10 09:31 - 00000000 ____D C:\Users\Honza\2013-01-10
2013-01-10 08:59 - 2012-08-25 09:56 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-01-10 08:59 - 2011-09-05 19:20 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-01-08 12:34 - 2006-11-02 11:33 - 00005552 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-07 15:01 - 2009-01-23 12:42 - 00000106 ____A C:\Users\Honza\AppData\default.pls
2012-12-30 22:43 - 2012-12-30 22:43 - 00000000 ____D C:\Users\Honza\Downloads\Rytmus-Jediny-Co-Hresi-(2012)-novy-album
2012-12-25 18:22 - 2012-12-25 18:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2012-12-24 21:48 - 2012-12-24 21:48 - 00001668 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-24 21:48 - 2012-12-24 21:47 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-24 21:48 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iTunes
2012-12-24 21:47 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iPod
2012-12-24 21:47 - 2012-10-15 17:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-12-16 14:12 - 2012-12-21 15:32 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 11:50 - 2012-12-21 15:32 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-12 08:54] - [2012-08-21 12:47] - 0224640 ____A (Microsoft Corporation) 786DB5771F05EF300390399F626BF30A

==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 3000.12 MB
Available physical RAM: 1016.79 MB
Total Pagefile: 6224.47 MB
Available Pagefile: 4311.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.77 MB

==================== Partitions =============================

1 Drive c: (ACER) (Fixed) (Total:144.17 GB) (Free:45.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (DATA) (Fixed) (Total:144.15 GB) (Free:68.59 GB) NTFS

#4 Příspěvek od **vyosek** » 13 led 2013 11:42

Zdravim

To ale neni udelano dle navodu, ze

Findass · #5 Příspěvek od **Findass** » 13 led 2013 11:53

Zdravim, pravda že jsem to udělal už na odvirovaným PC normálně ve windows

#6 Příspěvek od **vyosek** » 13 led 2013 11:54

A cim jste to odvirovaval???

Samozrejme je mi takto ziskany log na nic...

Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Findass · #7 Příspěvek od **Findass** » 13 led 2013 11:59

odblokoval jsem to pomocí návodu na blogu nějakého uživatele, byl tam ruční návod co smazat a ještě jsem použil roguekiller.

Toto je log z FRST, ale asi ho musim udělat v příkazovém řádku že? a nebo už je pozdě, když mám počítač spuštěn normálně a log dělám až ted?
je to pro mě španělská vesnice a ted si řikám jakej jsem vůl že jsem to neudělal podle návodu kompletně

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-01-2013
Ran by Honza at 13-01-2013 11:32:32
Running from C:\Users\Honza\Downloads
Service Pack 2 (X86) OS Language: Czech
Attention: Could not load system hive.
Chyba: Proces nem pýˇstup k souboru, neboś jej pr vŘ vyu§ˇv jině proces.

ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.

==================== One Month Created Files and Folders ========

2013-01-13 11:32 - 2013-01-13 11:32 - 00000000 ____D C:\FRST
2013-01-13 11:31 - 2013-01-13 11:32 - 00909506 ____A (Farbar) C:\Users\Honza\Downloads\FRST.exe
2013-01-13 11:31 - 2013-01-13 11:31 - 01464233 ____A (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2013-01-13 07:54 - 2013-01-13 10:31 - 1464054344 ____A C:\Users\Honza\Downloads\Batman-začíná-(2005)-DVDRip-CZ.avi
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setupact.log
2013-01-11 16:59 - 2013-01-11 16:59 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-01-11 16:56 - 2013-01-11 17:00 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer
2013-01-11 16:56 - 2013-01-11 16:56 - 00000009 ____A C:\END
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer Pro
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Local\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Webteh
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\BS_Player
2013-01-11 16:53 - 2013-01-11 16:53 - 00000000 ____D C:\Users\Honza\Downloads\bsplayer261.1065
2013-01-11 08:26 - 2013-01-13 07:19 - 00015664 ____A C:\Windows\PFRO.log
2013-01-11 00:46 - 2013-01-11 00:46 - 00279568 ____A C:\Users\Honza\Documents\cc_20130111_004631.reg
2013-01-10 23:13 - 2013-01-10 23:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-01-10 15:04 - 2012-10-30 23:51 - 00106560 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFW.sys
2013-01-10 14:59 - 2012-10-30 23:51 - 00199320 ____A (AVAST Software) C:\Windows\System32\Drivers\aswNdis2.sys
2013-01-10 14:59 - 2012-10-30 23:51 - 00020624 ____A (AVAST Software) C:\Windows\System32\Drivers\aswKbd.sys
2013-01-10 14:58 - 2012-09-21 10:26 - 00012112 ____A (ALWIL Software) C:\Windows\System32\Drivers\aswNdis.sys
2013-01-10 09:31 - 2013-01-10 09:36 - 00000000 ____D C:\Users\Honza\2013-01-10
2013-01-10 07:39 - 2012-11-23 02:35 - 02048000 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-01-10 07:37 - 2012-11-22 04:54 - 00353280 ____A (Microsoft Corporation) C:\Windows\System32\shlwapi.dll
2013-01-10 07:37 - 2012-11-20 05:22 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-01-10 07:37 - 2012-11-02 11:19 - 01400832 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-12-30 22:43 - 2012-12-30 22:43 - 00000000 ____D C:\Users\Honza\Downloads\Rytmus-Jediny-Co-Hresi-(2012)-novy-album
2012-12-27 10:09 - 2013-01-13 11:08 - 00000370 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Honza.job
2012-12-27 10:09 - 2013-01-13 07:20 - 00000376 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Honza.job
2012-12-27 10:09 - 2013-01-12 12:08 - 00000366 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Honza.job
2012-12-25 18:22 - 2012-12-25 18:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2012-12-24 21:48 - 2012-12-24 21:48 - 00001668 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-24 21:47 - 2012-12-24 21:48 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-24 21:47 - 2012-12-24 21:48 - 00000000 ____D C:\Program Files\iTunes
2012-12-24 21:47 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iPod
2012-12-21 15:32 - 2012-12-16 14:12 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 15:32 - 2012-12-16 11:50 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

==================== One Month Modified Files and Folders ========

2013-01-13 11:32 - 2013-01-13 11:31 - 00909506 ____A (Farbar) C:\Users\Honza\Downloads\FRST.exe
2013-01-13 11:31 - 2013-01-13 11:31 - 01464233 ____A (Farbar) C:\Users\Honza\Downloads\FRST64.exe
2013-01-13 11:19 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-13 11:19 - 2006-11-02 13:47 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-13 11:09 - 2009-01-07 01:53 - 01349358 ____A C:\Windows\WindowsUpdate.log
2013-01-13 11:08 - 2012-12-27 10:09 - 00000370 ____A C:\Windows\Tasks\ReclaimerUpdateFiles_Honza.job
2013-01-13 10:59 - 2012-08-25 09:56 - 00000914 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-01-13 10:48 - 2009-01-08 21:06 - 00119808 ____A C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-13 10:39 - 2010-02-08 15:57 - 00000940 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-13 10:31 - 2013-01-13 07:54 - 1464054344 ____A C:\Users\Honza\Downloads\Batman-začíná-(2005)-DVDRip-CZ.avi
2013-01-13 07:20 - 2012-12-27 10:09 - 00000376 ____A C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Honza.job
2013-01-13 07:20 - 2010-02-08 15:57 - 00000936 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-13 07:20 - 2008-05-08 23:52 - 00000147 ____A C:\Windows\System32\agent.log
2013-01-13 07:19 - 2013-01-11 08:26 - 00015664 ____A C:\Windows\PFRO.log
2013-01-13 07:19 - 2012-06-15 21:32 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-01-13 07:19 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-12 21:07 - 2009-01-06 20:04 - 00011183 ____A C:\Windows\bthservsdp.dat
2013-01-12 21:07 - 2006-11-02 14:01 - 00032600 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setuperr.log
2013-01-12 12:41 - 2013-01-12 12:41 - 00000000 ____A C:\Windows\setupact.log
2013-01-12 12:41 - 2009-01-08 15:47 - 00000000 ____D C:\Users\Honza\Desktop\Ostatní
2013-01-12 12:08 - 2012-12-27 10:09 - 00000366 ____A C:\Windows\Tasks\ReclaimerUpdateXML_Honza.job
2013-01-11 17:00 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer
2013-01-11 16:59 - 2013-01-11 16:59 - 00000069 ____A C:\Windows\NeroDigital.ini
2013-01-11 16:56 - 2013-01-11 16:56 - 00000009 ____A C:\END
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Roaming\BSplayer Pro
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Users\Honza\AppData\Local\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Webteh
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\Conduit
2013-01-11 16:56 - 2013-01-11 16:56 - 00000000 ____D C:\Program Files\BS_Player
2013-01-11 16:53 - 2013-01-11 16:53 - 00000000 ____D C:\Users\Honza\Downloads\bsplayer261.1065
2013-01-11 12:33 - 2010-02-28 12:40 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Winamp
2013-01-11 12:33 - 2009-01-18 12:49 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Media Player Classic
2013-01-11 12:27 - 2012-11-27 21:10 - 00000000 ____D C:\Users\Honza\Downloads\Swag new
2013-01-11 09:32 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-01-11 00:46 - 2013-01-11 00:46 - 00279568 ____A C:\Users\Honza\Documents\cc_20130111_004631.reg
2013-01-11 00:44 - 2010-01-05 17:04 - 00000000 ____D C:\Windows\Minidump
2013-01-11 00:44 - 2009-02-01 12:18 - 00000000 ____D C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2013-01-10 23:13 - 2013-01-10 23:13 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-01-10 19:29 - 2006-11-02 13:47 - 00381544 ____A C:\Windows\System32\FNTCACHE.DAT
2013-01-10 19:24 - 2008-05-08 23:33 - 00000000 ____D C:\Users\All Users\Microsoft Help
2013-01-10 19:05 - 2006-11-02 11:24 - 65273848 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-01-10 15:18 - 2009-01-06 20:01 - 00000000 ____D C:\users\Honza
2013-01-10 14:59 - 2006-11-02 11:23 - 00002577 ____A C:\Windows\System32\config.nt
2013-01-10 12:37 - 2012-08-08 15:57 - 00000680 ____A C:\Users\Honza\AppData\Local\d3d9caps.dat
2013-01-10 12:09 - 2008-05-08 23:24 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-01-10 12:04 - 2009-01-06 20:19 - 00000000 ____A C:\Windows\System32\LogConfigTemp.xml
2013-01-10 09:36 - 2013-01-10 09:31 - 00000000 ____D C:\Users\Honza\2013-01-10
2013-01-10 08:59 - 2012-08-25 09:56 - 00697864 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-01-10 08:59 - 2011-09-05 19:20 - 00074248 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-01-08 12:34 - 2006-11-02 11:33 - 00005552 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-07 15:01 - 2009-01-23 12:42 - 00000106 ____A C:\Users\Honza\AppData\default.pls
2012-12-30 22:43 - 2012-12-30 22:43 - 00000000 ____D C:\Users\Honza\Downloads\Rytmus-Jediny-Co-Hresi-(2012)-novy-album
2012-12-25 18:22 - 2012-12-25 18:22 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2012-12-24 21:48 - 2012-12-24 21:48 - 00001668 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-24 21:48 - 2012-12-24 21:47 - 00000000 ____D C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-24 21:48 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iTunes
2012-12-24 21:47 - 2012-12-24 21:47 - 00000000 ____D C:\Program Files\iPod
2012-12-24 21:47 - 2012-10-15 17:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2012-12-16 14:12 - 2012-12-21 15:32 - 00034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 11:50 - 2012-12-21 15:32 - 00293376 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-12-12 08:54] - [2012-08-21 12:47] - 0224640 ____A (Microsoft Corporation) 786DB5771F05EF300390399F626BF30A

==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 3000.12 MB
Available physical RAM: 1016.79 MB
Total Pagefile: 6224.47 MB
Available Pagefile: 4311.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1944.77 MB

==================== Partitions =============================

1 Drive c: (ACER) (Fixed) (Total:144.17 GB) (Free:45.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (DATA) (Fixed) (Total:144.15 GB) (Free:68.59 GB) NTFS

Disk ### Stav Velikost Voln‚ Dyn Gpt
-------- ---------- -------- ------- --- ---
Disk 0 Online 298 GB 0 B
Disk 1 Online 3824 MB 0 B

Probˇh ukonźenˇ programu DiskPart...

Partitions of Disk 0:
===============

Nynˇ je vybr n disk 0.

Oddˇl ### Typ Velikost Posunutˇ
--------- --------------- -------- --------
Oddˇl 1 OEM 10 GB 1024 KB
Oddˇl 2 Prim rnˇ 144 GB 10 GB
Oddˇl 3 Prim rnˇ 144 GB 154 GB

Probˇh ukonźenˇ programu DiskPart...

=========================================================

Partitions of Disk 1:
===============

Nynˇ je vybr n disk 1.

Oddˇl ### Typ Velikost Posunutˇ
--------- --------------- -------- --------
Oddˇl 1 Prim rnˇ 3824 MB 24 KB

Probˇh ukonźenˇ programu DiskPart...

=========================================================

Last Boot: 2013-01-13 07:26

==================== End Of Log ============================

#8 Příspěvek od **vyosek** » 13 led 2013 12:02

Nastroj od Farbara je uz nam ted na nic...

Dejte mi sem odkaz na ten blog, rad se podivam...

A pak log z RSIT

Kdyz dva lidi odstranuji malware zaroven, tak to prinasi jen komplikace, nic jineho...

Findass · #9 Příspěvek od **Findass** » 13 led 2013 12:07

toto je ten návod

http://www.viruskasino.com/2012/10/pozo ... any_6.html

RSIT je opět nějaký program který mám stáhnout?

#10 Příspěvek od **vyosek** » 13 led 2013 12:11

OK, to je blog kolegy stella, tomu se da verit...

Nahore nad tematem je takovy veeeeelky oranzovy obdelnik, mrknete do nej a zjistite co je RSIT

Findass · #11 Příspěvek od **Findass** » 13 led 2013 12:20

Tak log hotov...

Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2013-01-13 12:12:46
WIN_VISTA Service Pack 2
System drive C: has 47 GB (32%) free of 148 GB
Total RAM: 3000 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:17:39, on 13.1.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Honza\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Cyberlink\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\conime.exe
C:\Users\Honza\Downloads\RSIT.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5735
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5735
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: BS Player - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_P.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-980762809-2783604553-3642505950-1000\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 (User '?')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ladbrokes Casino - {C00EB321-967D-430E-95AE-81CC22B00EB8} - C:\Microgaming\Casino\Ladbrokes\bresume.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 15468 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ReclaimerUpdateFiles_Honza.job
C:\Windows\tasks\ReclaimerUpdateXML_Honza.job
C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Honza.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102, {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.8, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, fe_3.6@nokia.com:1.7.110.333, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://search.sweetim.com/search.asp?ba ... }&src=2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"fe_3.6@nokia.com"=C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_3.6
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732]
"Description"=6.0.12.732
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
npwachk.xpt
nsIQTScriptablePlugin.xpt
nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
npwachk.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\
{0b38152b-1b20-484d-a11f-5e04a9b0661f}
{800b5000-a755-47e1-992b-48a1c1357f07}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\
aol-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
sweetim.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-27 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-05-14 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-17 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-17 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-27 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-05-14 142896]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-17 192144]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_P.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-06 34040]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-04-10 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-04-10 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-04-18 167936]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"Skytel"=C:\Windows\Skytel.exe [2007-11-21 1826816]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-09-10 809480]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-05-14 526896]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-06-11 409600]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-12-03 2213160]
"RemoteControl8"=C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2008-10-07 75048]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-03-05 111928]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2010-01-13 37888]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-05-03 202256]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 170520]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-10-30 4297136]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-12-12 152544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2007-12-13 1688872]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-06 68856]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-01-10 1083264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\ICQ6\ICQ.exe silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2010-01-13 37888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-01-13 12:13:19 ----D---- C:\Program Files\trend micro
2013-01-13 12:12:46 ----D---- C:\rsit
2013-01-13 11:32:29 ----D---- C:\FRST
2013-01-11 16:59:45 ----A---- C:\Windows\NeroDigital.ini
2013-01-11 16:56:41 ----D---- C:\Program Files\Conduit
2013-01-11 16:56:38 ----D---- C:\Program Files\BS_Player
2013-01-11 16:56:26 ----D---- C:\Users\Honza\AppData\Roaming\BSplayer Pro
2013-01-11 16:56:26 ----D---- C:\Users\Honza\AppData\Roaming\BSplayer
2013-01-11 16:56:24 ----D---- C:\Program Files\Webteh
2013-01-10 23:13:11 ----D---- C:\Program Files\Mozilla Firefox
2013-01-10 15:04:09 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-01-10 14:59:15 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-01-10 14:59:14 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-01-10 14:58:58 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-01-10 14:42:20 ----ASH---- C:\hiberfil.sys
2013-01-10 07:39:02 ----A---- C:\Windows\system32\win32k.sys
2013-01-10 07:37:41 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-10 07:37:39 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-10 07:37:38 ----A---- C:\Windows\system32\msxml6.dll
2012-12-24 21:47:25 ----D---- C:\Program Files\iPod
2012-12-24 21:47:17 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-24 21:47:17 ----D---- C:\Program Files\iTunes
2012-12-21 15:32:15 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 15:32:15 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2013-01-13 12:13:32 ----D---- C:\Windows\Prefetch
2013-01-13 12:13:24 ----D---- C:\Windows\Temp
2013-01-13 12:13:19 ----RD---- C:\Program Files
2013-01-13 11:08:02 ----D---- C:\Windows\Tasks
2013-01-13 07:19:29 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-12 12:42:57 ----D---- C:\Windows\inf
2013-01-12 12:41:10 ----D---- C:\Windows
2013-01-11 16:56:32 ----D---- C:\Windows\System32
2013-01-11 12:33:56 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2013-01-11 12:33:06 ----D---- C:\Users\Honza\AppData\Roaming\Media Player Classic
2013-01-11 11:18:58 ----SHD---- C:\System Volume Information
2013-01-11 09:32:13 ----D---- C:\Windows\Microsoft.NET
2013-01-11 09:32:11 ----RSD---- C:\Windows\assembly
2013-01-11 00:44:53 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2013-01-11 00:44:45 ----D---- C:\Windows\Minidump
2013-01-11 00:44:45 ----D---- C:\Windows\Debug
2013-01-10 19:24:16 ----SHD---- C:\Windows\Installer
2013-01-10 19:24:06 ----D---- C:\ProgramData\Microsoft Help
2013-01-10 19:23:18 ----D---- C:\Windows\winsxs
2013-01-10 19:05:57 ----A---- C:\Windows\system32\mrt.exe
2013-01-10 15:04:09 ----D---- C:\Windows\system32\drivers
2013-01-10 15:00:56 ----D---- C:\Windows\system32\catroot
2013-01-10 14:59:14 ----D---- C:\Windows\system32\Tasks
2013-01-10 14:28:00 ----HD---- C:\ProgramData
2013-01-10 12:09:21 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-10 08:59:15 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-10 07:38:48 ----D---- C:\Windows\system32\catroot2
2013-01-08 12:34:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-12-24 21:47:24 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-10-30 199320]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-05-14 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-02-01 717296]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-31 13824]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-10-30 106560]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 20624]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-04-18 61424]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [2008-10-07 61424]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-03-21 15392]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-05-14 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-05-14 60464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-01 1202560]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-08-15 921600]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-03 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-08-25 9024512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-14 2152344]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-31 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-08-12 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2008-02-21 299008]
S3 auronkeo;auronkeo; C:\Windows\system32\drivers\auronkeo.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2009-10-22 57800]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2009-10-22 72520]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2008-01-21 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2012-03-26 18432]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-09-28 44544]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2008-01-21 654336]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys []
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys []
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2012-10-30 133912]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-05-14 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-12-03 869672]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 553440]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-12-13 447784]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-06-03 122096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-08 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-10 251400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-08 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-10 115760]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#12 Příspěvek od **vyosek** » 13 led 2013 12:24

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Search
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

Findass · #13 Příspěvek od **Findass** » 13 led 2013 12:27

hotovo

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 12:25:29
# Updated 08/01/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Honza - HONZA-PC
# Boot Mode : Normal
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option [Search]

***** [Services] *****

Found : ICQ Service

***** [Files / Folders] *****

File Found : C:\END
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin.xml
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-1.xml
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-2.xml
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-3.xml
File Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\SweetIm.xml
Folder Found : C:\Program Files\BS_Player
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\Winamp Toolbar
Folder Found : C:\ProgramData\ICQ\ICQToolbar
Folder Found : C:\ProgramData\SweetIM
Folder Found : C:\ProgramData\Winamp Toolbar
Folder Found : C:\Users\Honza\AppData\Local\Conduit
Folder Found : C:\Users\Honza\AppData\Local\Temp\CT1750559
Folder Found : C:\Users\Honza\AppData\Local\Winamp Toolbar
Folder Found : C:\Users\Honza\AppData\LocalLow\BS_Player
Folder Found : C:\Users\Honza\AppData\LocalLow\Conduit
Folder Found : C:\Users\Honza\AppData\LocalLow\SweetIM
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\SweetIMToolbarData
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\SweetPacksToolbarData
Folder Found : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\WinampToolbarData

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BS_Player
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\SweetIM
Key Found : HKCU\Software\Winamp Toolbar
Key Found : HKLM\Software\BS_Player
Key Found : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{91F3F80B-707C-4652-B1B9-FB44D446BF57}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Found : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.SWEETIE
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Found : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Found : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Found : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{691A7367-7D6F-4BDE-931A-9EE696BB0B0D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85856008-B1F0-43D0-B1C8-AF1CF903CC79}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Found : HKLM\SOFTWARE\Software
Key Found : HKLM\Software\SweetIM
Key Found : HKLM\Software\Winamp Toolbar
Key Found : HKU\S-1-5-21-980762809-2783604553-3642505950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-980762809-2783604553-3642505950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-980762809-2783604553-3642505950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v18.0 (cs)

File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\prefs.js

Found : user_pref("CT1750559.autoDisableScopes", -1);
Found : user_pref("aol_toolbar.surf.date", "240");
Found : user_pref("aol_toolbar.surf.lastDate", "13");
Found : user_pref("aol_toolbar.surf.lastMonth", "0");
Found : user_pref("aol_toolbar.surf.lastYear", "2013");
Found : user_pref("aol_toolbar.surf.month", "5216");
Found : user_pref("aol_toolbar.surf.prevMonth", "6278");
Found : user_pref("aol_toolbar.surf.total", "19266");
Found : user_pref("aol_toolbar.surf.week", "240");
Found : user_pref("aol_toolbar.surf.year", "5216");
Found : user_pref("browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&i[...]
Found : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={DE0A6B50-22EA-11DE-BDC0-001D72[...]
Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1357556791122");
Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.newtab.created", "false");
Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{DE0A6B50-22EA-11DE-BDC0-001D72C9EDC4}");
Found : user_pref("sweetim.toolbar.version", "1.9.0.0");
Found : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Found : user_pref("winamp_toolbar.cookie.homepage", "");
Found : user_pref("winamp_toolbar.cookie.search", "");
Found : user_pref("winamp_toolbar.curtain.congrats", "none");
Found : user_pref("winamp_toolbar.default.homepage.check", false);
Found : user_pref("winamp_toolbar.default.search.check", false);
Found : user_pref("winamp_toolbar.default.search.label", "AOL Search");
Found : user_pref("winamp_toolbar.default.search.url", "hxxp://search.winamp.com/search/search?query={search[...]
Found : user_pref("winamp_toolbar.firsttime.showwindow", false);
Found : user_pref("winamp_toolbar.guid", "{E15D8499-6CCB-7A62-D67E-C5CECC8103C3}");
Found : user_pref("winamp_toolbar.install.distroid", "");
Found : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.20.9143");
Found : user_pref("winamp_toolbar.install.lid", "");
Found : user_pref("winamp_toolbar.install.mtmhp", "");
Found : user_pref("winamp_toolbar.install.ncid", "");
Found : user_pref("winamp_toolbar.metrics.activestampdate", "13");
Found : user_pref("winamp_toolbar.metrics.activestampmonth", "0");
Found : user_pref("winamp_toolbar.metrics.activestampyear", "2013");
Found : user_pref("winamp_toolbar.metrics.log", false);
Found : user_pref("winamp_toolbar.metrics.originalDate", "28");
Found : user_pref("winamp_toolbar.metrics.originalHours", "28");
Found : user_pref("winamp_toolbar.metrics.originalMinutes", "42");
Found : user_pref("winamp_toolbar.metrics.originalMonth", "2");
Found : user_pref("winamp_toolbar.metrics.originalSeconds", "34");
Found : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Found : user_pref("winamp_toolbar.relatednews.enabled", false);
Found : user_pref("winamp_toolbar.remote..xml", "1358073724243");
Found : user_pref("winamp_toolbar.remote.publish.xml", "1358073724242");
Found : user_pref("winamp_toolbar.search.button", true);
Found : user_pref("winamp_toolbar.search.cid", "10-01-2013");
Found : user_pref("winamp_toolbar.search.instd", "2012111453250352");
Found : user_pref("winamp_toolbar.search.oid", "28-02-2010");
Found : user_pref("winamp_toolbar.search.placement", "left");
Found : user_pref("winamp_toolbar.search.populateoncomplete", false);
Found : user_pref("winamp_toolbar.search.savehistory", false);
Found : user_pref("winamp_toolbar.search.searchtype", "web");
Found : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Found : user_pref("winamp_toolbar.skin.custom", true);
Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Found : user_pref("winamp_toolbar.upgrade.showwindow", false);
Found : user_pref("winamp_toolbar.weather.degc", "7");
Found : user_pref("winamp_toolbar.weather.degf", "45");
Found : user_pref("winamp_toolbar.weather.image", "chrome://winamptoolbar/skin/weather/20_n.png");
Found : user_pref("winamp_toolbar.weather.locationid", "USNY0996");
Found : user_pref("winamp_toolbar.weather.metric", true);
Found : user_pref("winamp_toolbar.weather.tooltip", "New York , NY : Fog");
Found : user_pref("winamp_toolbar.weather.update", "1358073724244");
Found : user_pref("winamp_toolbar.winamp.appversion", "1");
Found : user_pref("winamp_toolbar.winamp.artist", "");
Found : user_pref("winamp_toolbar.winamp.button.focus", true);
Found : user_pref("winamp_toolbar.winamp.button.forward", true);
Found : user_pref("winamp_toolbar.winamp.button.open", true);
Found : user_pref("winamp_toolbar.winamp.button.pause", true);
Found : user_pref("winamp_toolbar.winamp.button.play", true);
Found : user_pref("winamp_toolbar.winamp.button.rewind", true);
Found : user_pref("winamp_toolbar.winamp.button.stop", false);
Found : user_pref("winamp_toolbar.winamp.button.volume", true);
Found : user_pref("winamp_toolbar.winamp.ticker.show", true);
Found : user_pref("winamp_toolbar.winamp.title", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Found : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Found : user_pref("winamp_toolbar.winamp.volume", "47");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [25119 octets] - [13/01/2013 12:25:29]

########## EOF - C:\AdwCleaner[R1].txt - [25180 octets] ##########

#14 Příspěvek od **vyosek** » 13 led 2013 12:30

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Delete
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

Findass · #15 Příspěvek od **Findass** » 13 led 2013 12:38

hotovo...

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 12:32:11
# Updated 08/01/2013 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : Honza - HONZA-PC
# Boot Mode : Normal
# Running from : C:\Users\Honza\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : ICQ Service

***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin.xml
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\searchplugins\SweetIm.xml
Folder Deleted : C:\Program Files\BS_Player
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\Program Files\Winamp Toolbar
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\Users\Honza\AppData\Local\Conduit
Folder Deleted : C:\Users\Honza\AppData\Local\Temp\CT1750559
Folder Deleted : C:\Users\Honza\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\Honza\AppData\LocalLow\BS_Player
Folder Deleted : C:\Users\Honza\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Honza\AppData\LocalLow\SweetIM
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\SweetIMToolbarData
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\SweetPacksToolbarData
Folder Deleted : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\WinampToolbarData

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKLM\Software\BS_Player
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{91F3F80B-707C-4652-B1B9-FB44D446BF57}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.SWEETIE
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{691A7367-7D6F-4BDE-931A-9EE696BB0B0D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85856008-B1F0-43D0-B1C8-AF1CF903CC79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{055DD326-956C-4827-9467-A172509E81B3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\SweetIM
Key Deleted : HKLM\Software\Winamp Toolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]

***** [Internet Browsers] *****

-\\ Internet Explorer v7.0.6002.18005

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0 (cs)

File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\prefs.js

C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\4xcectsa.default\user.js ... Deleted !

Deleted : user_pref("CT1750559.autoDisableScopes", -1);
Deleted : user_pref("aol_toolbar.surf.date", "266");
Deleted : user_pref("aol_toolbar.surf.lastDate", "13");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "0");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
Deleted : user_pref("aol_toolbar.surf.month", "5242");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "6278");
Deleted : user_pref("aol_toolbar.surf.total", "19292");
Deleted : user_pref("aol_toolbar.surf.week", "266");
Deleted : user_pref("aol_toolbar.surf.year", "5242");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&i[...]
Deleted : user_pref("keyword.URL", "hxxp://search.sweetim.com/search.asp?barid={DE0A6B50-22EA-11DE-BDC0-001D72[...]
Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1357556791122");
Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Deleted : user_pref("sweetim.toolbar.newtab.enable", "true");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Deleted : user_pref("sweetim.toolbar.simapp_id", "{DE0A6B50-22EA-11DE-BDC0-001D72C9EDC4}");
Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0");
Deleted : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Deleted : user_pref("winamp_toolbar.cookie.homepage", "");
Deleted : user_pref("winamp_toolbar.cookie.search", "");
Deleted : user_pref("winamp_toolbar.curtain.congrats", "none");
Deleted : user_pref("winamp_toolbar.default.homepage.check", false);
Deleted : user_pref("winamp_toolbar.default.search.check", false);
Deleted : user_pref("winamp_toolbar.default.search.label", "AOL Search");
Deleted : user_pref("winamp_toolbar.default.search.url", "hxxp://search.winamp.com/search/search?query={search[...]
Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Deleted : user_pref("winamp_toolbar.guid", "{E15D8499-6CCB-7A62-D67E-C5CECC8103C3}");
Deleted : user_pref("winamp_toolbar.install.distroid", "");
Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.20.9143");
Deleted : user_pref("winamp_toolbar.install.lid", "");
Deleted : user_pref("winamp_toolbar.install.mtmhp", "");
Deleted : user_pref("winamp_toolbar.install.ncid", "");
Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "13");
Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "0");
Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2013");
Deleted : user_pref("winamp_toolbar.metrics.log", false);
Deleted : user_pref("winamp_toolbar.metrics.originalDate", "28");
Deleted : user_pref("winamp_toolbar.metrics.originalHours", "28");
Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "42");
Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "2");
Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "34");
Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Deleted : user_pref("winamp_toolbar.relatednews.enabled", false);
Deleted : user_pref("winamp_toolbar.remote..xml", "1358076490109");
Deleted : user_pref("winamp_toolbar.remote.publish.xml", "1358076490108");
Deleted : user_pref("winamp_toolbar.search.button", true);
Deleted : user_pref("winamp_toolbar.search.cid", "10-01-2013");
Deleted : user_pref("winamp_toolbar.search.instd", "2012111453250352");
Deleted : user_pref("winamp_toolbar.search.oid", "28-02-2010");
Deleted : user_pref("winamp_toolbar.search.placement", "left");
Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Deleted : user_pref("winamp_toolbar.search.savehistory", false);
Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Deleted : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Deleted : user_pref("winamp_toolbar.skin.custom", true);
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Deleted : user_pref("winamp_toolbar.weather.degc", "7");
Deleted : user_pref("winamp_toolbar.weather.degf", "45");
Deleted : user_pref("winamp_toolbar.weather.image", "chrome://winamptoolbar/skin/weather/20_n.png");
Deleted : user_pref("winamp_toolbar.weather.locationid", "USNY0996");
Deleted : user_pref("winamp_toolbar.weather.metric", true);
Deleted : user_pref("winamp_toolbar.weather.tooltip", "New York , NY : Fog");
Deleted : user_pref("winamp_toolbar.weather.update", "1358076490110");
Deleted : user_pref("winamp_toolbar.winamp.appversion", "1");
Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Deleted : user_pref("winamp_toolbar.winamp.button.focus", true);
Deleted : user_pref("winamp_toolbar.winamp.button.forward", true);
Deleted : user_pref("winamp_toolbar.winamp.button.open", true);
Deleted : user_pref("winamp_toolbar.winamp.button.pause", true);
Deleted : user_pref("winamp_toolbar.winamp.button.play", true);
Deleted : user_pref("winamp_toolbar.winamp.button.rewind", true);
Deleted : user_pref("winamp_toolbar.winamp.button.stop", false);
Deleted : user_pref("winamp_toolbar.winamp.button.volume", true);
Deleted : user_pref("winamp_toolbar.winamp.ticker.show", true);
Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Deleted : user_pref("winamp_toolbar.winamp.volume", "47");

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [25250 octets] - [13/01/2013 12:25:29]
AdwCleaner[R2].txt - [25311 octets] - [13/01/2013 12:26:00]
AdwCleaner[S1].txt - [25581 octets] - [13/01/2013 12:32:11]

########## EOF - C:\AdwCleaner[S1].txt - [25642 octets] ##########

VIRY.CZ

Policejni vir - Findass

Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass

Re: Policejni vir - Findass