VIRY.CZ

Dobrý den prosím o kontrolu logu- pc je zasekané, dobu nez na neco zareaguje...
Log zde:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Josef at 2012-03-17 11:41:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 65 GB (47%) free of 140 GB
Total RAM: 1535 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:45:20, on 17.3.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Clownfish\Clownfish.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Josef\Downloads\RSIT(1).exe
C:\Program Files\trend micro\Josef.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll
O2 - BHO: UrlHelper Class - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll (file missing)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (file missing)
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] ~"C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Clownfish] "C:\Program Files\Clownfish\Clownfish.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KvetinkaProzeny.lnk = C:\Program Files\KvetinkaProzeny\KvetinkaProzeny\KvetinkaProzeny.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe (file missing)
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\wia6eb~1\datamngr\iebho.dll c:\progra~1\bandoo\bndhook.dll
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe

--
End of file - 10782 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\WinMaximizer-Josef-Startup.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=Canon MycameraPlugin
"Path"=C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
NpFv530.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
firmycz.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
mapycz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
zbocz.xml

C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}

C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2010-07-25 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-06-28 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [2011-03-02 88976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}]
UrlHelper Class - C:\PROGRA~1\WIA6EB~1\Datamngr\IEBHO.dll [2011-03-02 722840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2010-07-25 360448]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-06-28 1615256]
{99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\searchqudtx.dll [2011-03-02 88976]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll []
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll []
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-16 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-06-13 528384]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-06-07 111928]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-07-27 1983816]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-03-18 767312]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"DATAMNGR"=C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-03-02 1115536]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-08 39408]
"ICQ"=~C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe silent loginmode=4 []
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe /Background []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"Clownfish"=C:\Program Files\Clownfish\Clownfish.exe [2012-02-13 1055992]

C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KvetinkaProzeny.lnk - C:\Program Files\KvetinkaProzeny\KvetinkaProzeny\KvetinkaProzeny.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\wia6eb~1\datamngr\iebho.dll c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.DIVX"=divx.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-17 11:41:16 ----D---- C:\Program Files\trend micro
2012-03-17 11:41:07 ----D---- C:\rsit
2012-03-17 11:22:11 ----SHD---- C:\Config.Msi
2012-03-17 11:18:07 ----D---- C:\51e36a387bd4610eccb6
2012-03-15 20:43:16 ----N---- C:\bootsqm.dat
2012-03-11 21:48:50 ----D---- C:\Users\Josef\AppData\Roaming\gtk-2.0
2012-03-06 19:14:04 ----A---- C:\Windows\unins000.exe
2012-03-06 18:23:46 ----A---- C:\Windows\unins000.dat

======List of files/folders modified in the last 1 month======

2012-03-17 11:45:23 ----RSD---- C:\Windows\assembly
2012-03-17 11:41:19 ----SHD---- C:\Windows\Installer
2012-03-17 11:41:16 ----RD---- C:\Program Files
2012-03-17 11:41:01 ----D---- C:\Windows\Temp
2012-03-17 11:26:10 ----D---- C:\ZálData
2012-03-17 11:17:57 ----SHD---- C:\System Volume Information
2012-03-17 11:05:22 ----D---- C:\Users\Josef\AppData\Roaming\Skype
2012-03-16 19:34:33 ----D---- C:\Windows\System32
2012-03-16 19:34:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-15 21:38:59 ----A---- C:\Windows\system32\MRT.exe
2012-03-15 21:36:34 ----D---- C:\ProgramData\Microsoft Help
2012-03-15 20:46:29 ----D---- C:\Windows\Prefetch
2012-03-15 20:36:32 ----D---- C:\Windows\system32\catroot2
2012-03-15 00:19:37 ----D---- C:\Windows\winsxs
2012-03-15 00:19:25 ----D---- C:\Windows\system32\catroot
2012-03-15 00:18:07 ----D---- C:\Windows\system32\config
2012-03-07 18:28:40 ----D---- C:\Windows\system32\FxsTmp
2012-03-07 17:42:03 ----D---- C:\Windows\LiveKernelReports
2012-03-07 13:11:16 ----D---- C:\Windows
2012-03-06 18:23:46 ----D---- C:\Users\Josef\AppData\Roaming\Mozilla
2012-03-04 16:40:43 ----D---- C:\ProgramData\CanonIJPLM
2012-03-02 19:19:35 ----D---- C:\Program Files\Microsoft Office
2012-02-29 19:19:24 ----D---- C:\Windows\system32\DriverStore
2012-02-29 19:19:21 ----D---- C:\Windows\inf
2012-02-20 16:30:28 ----D---- C:\ProgramData\CanonIJ

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys [2007-06-19 13864]
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys [2007-06-19 107304]
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys [2007-06-19 99112]
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys [2007-06-19 21928]
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys [2007-06-19 97320]
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys [2007-06-19 97704]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2011-03-06 1617296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-08 136176]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-08 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-08 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-26 1343400]

-----------------EOF-----------------

Zdravim a pekny den preji

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

OTL Extras logfile created on: 17.3.2012 13:46:07 - Run 1
OTL by OldTimer - Version 3.2.39.0 Folder = C:\Users\Josef\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 55,70% Memory free
3,00 Gb Paging File | 2,01 Gb Available in Paging File | 66,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,62 Gb Total Space | 63,28 Gb Free Space | 46,31% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 1,81 Gb Free Space | 14,65% Space Free | Partition Type: NTFS

Computer Name: DOMA72-PC | User Name: Josef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{08ED8855-4C2E-429B-A878-F129E1F624FA}" = SweetIM for Messenger 3.2
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}" = The Sims™ 2 Double Deluxe
"{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.0
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client CS-CZ Language Pack
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37}" = ICQ7.4
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{A4D1B4D8-0B1A-2ED8-7AA2-DB45E9C5B04A}" = KvetinkaProzeny
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.0 - Czech
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1" = FlatOut2
"{D59AC9E9-FFAE-471B-B1FF-4B311D23417A}" = Sony Ericsson PC Suite
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{D6D5CB84-0E6E-4E69-B300-C690B6911029}" = Nero 8
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Clownfish" = Clownfish for Skype
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Flatcast Viewer 5.3_is1" = Flatcast Viewer Plugin 5.3.0.752
"ICQToolbar" = ICQ Toolbar
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.2 (Full)
"KvetinkaProzeny.66568306CF4F46C61062ED2BE7BCA71A0993D624.1" = KvetinkaProzeny
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 10.0.2 (x86 cs)" = Mozilla Firefox 10.0.2 (x86 cs)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"MyCamera" = Canon Utilities MyCamera
"PhotoFiltre" = PhotoFiltre
"PhotoStitch" = Canon Utilities PhotoStitch
"Registrace uživatele zařízení Canon MP250 series" = Registrace uživatele zařízení Canon MP250 series
"ScreenShots" = ScreenShots (pouze odebrat)
"Searchqu 101 MediaBar" = Windows Searchqu Toolbar
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.16.2.6
"StepMania" = StepMania 3.9 (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Web Translator" = Web Translator
"WinGTK-2_is1" = GTK+ 2.6.7 runtime environment
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31.8.2011 6:24:45 | Computer Name = Doma72-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.

Error - 31.8.2011 12:57:59 | Computer Name = Doma72-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 1.9.2011 12:00:16 | Computer Name = Doma72-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 2.9.2011 12:05:57 | Computer Name = Doma72-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 5.9.2011 12:10:47 | Computer Name = Doma72-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 5.9.2011 14:31:03 | Computer Name = Doma72-PC | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 570 Čas spuštění: 01cc6be0b13b15ac Čas ukončení: 640 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: 2eed3a4e-d7ed-11e0-bfdb-001617d70c47

Error - 6.9.2011 0:29:48 | Computer Name = Doma72-PC | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 56c Čas spuštění: 01cc6c4cbf884096 Čas ukončení: 469 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: d37ed3d6-d840-11e0-8418-001617d70c47

Error - 8.9.2011 12:25:21 | Computer Name = Doma72-PC | Source = SideBySide | ID = 16842824
Description = Generování kontextu aktivace pro c:\program files\microsoft security
client\MSESysprep.dll se nezdařilo. Chyba v souboru manifestu nebo zásady c:\program
files\microsoft security client\MSESysprep.dll na řádku 10. Prvek imaging je zřejmě
podřízeným prvku urn:schemas-microsoft-com:asm.v1^assembly, což tato verze systému
Windows nepodporuje.

Error - 8.9.2011 13:16:44 | Computer Name = Doma72-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 6.0.1.4259 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
ce0 Čas spuštění: 01cc6e45f2c7696c Čas ukončení: 58 Cesta k aplikaci: C:\Program Files\Mozilla
Firefox\firefox.exe ID hlášení: 4d225176-da3e-11e0-ac33-001617d70c47

Error - 10.9.2011 4:53:01 | Computer Name = Doma72-PC | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 574 Čas spuštění: 01cc6f9635ba0424 Čas ukončení: 78 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: 43296d17-db8a-11e0-b7ac-001617d70c47

[ OSession Events ]
Error - 5.10.2010 15:09:52 | Computer Name = Doma72-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 10198
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 17.3.2012 10:31:06 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:06 | Computer Name = Doma72-PC | Source = Service Control Manager | ID = 7023
Description = Služba Instalační služba modulů systému Windows byla ukončena s následující
chybou: %%1016

Error - 17.3.2012 10:31:17 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:19 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:21 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:23 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:25 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:27 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:29 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 17.3.2012 10:31:31 | Computer Name = Doma72-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

< End of report >

Log OTL.Txt obsahuje mnoho znaků, jak ho sem mám dát??

rozdelte jej do vice prispevku

část 1:
OTL logfile created on: 17.3.2012 13:46:07 - Run 1
OTL by OldTimer - Version 3.2.39.0 Folder = C:\Users\Josef\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,84 Gb Available Physical Memory | 55,70% Memory free
3,00 Gb Paging File | 2,01 Gb Available in Paging File | 66,89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,62 Gb Total Space | 63,28 Gb Free Space | 46,31% Space Free | Partition Type: NTFS
Drive D: | 12,33 Gb Total Space | 1,81 Gb Free Space | 14,65% Space Free | Partition Type: NTFS

Computer Name: DOMA72-PC | User Name: Josef | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.03.17 13:39:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Josef\Desktop\OTL.exe
PRC - [2012.02.17 20:58:44 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.02.13 11:16:24 | 001,055,992 | ---- | M] () -- C:\Program Files\Clownfish\Clownfish.exe
PRC - [2011.06.15 14:16:48 | 000,997,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
PRC - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
PRC - [2011.03.06 17:04:04 | 001,617,296 | ---- | M] (Bandoo Media Inc.) -- C:\Program Files\Bandoo\Bandoo.exe
PRC - [2011.03.02 15:15:13 | 001,115,536 | ---- | M] (Discordia, LTD) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.06.07 14:32:12 | 000,111,928 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2009.07.27 03:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.14 06:43:42 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
PRC - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2007.07.11 14:57:42 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007.06.13 07:16:02 | 000,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007.03.16 02:23:20 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.17 20:58:43 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.02.13 11:16:24 | 001,055,992 | ---- | M] () -- C:\Program Files\Clownfish\Clownfish.exe
MOD - [2011.09.25 14:51:40 | 006,277,280 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2007.06.13 07:16:02 | 000,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
MOD - [2007.05.23 07:23:34 | 004,591,616 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll
MOD - [2007.05.22 15:09:20 | 000,025,088 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll
MOD - [2006.03.09 17:45:36 | 000,081,920 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.04.27 14:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 14:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.03.06 17:04:04 | 001,617,296 | ---- | M] (Bandoo Media Inc.) [Auto | Running] -- C:\Program Files\Bandoo\Bandoo.exe -- (Bandoo Coordinator)
SRV - [2010.07.26 13:51:04 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.21 16:47:04 | 000,246,584 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)

========== Driver Services (SafeList) ==========

DRV - [2011.04.27 14:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 12:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.03.15 10:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010.03.15 10:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM)
DRV - [2010.03.15 10:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM)
DRV - [2010.03.15 10:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010.03.15 10:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus) Sony Ericsson Device 1039 driver (WDM)
DRV - [2010.03.15 10:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS)
DRV - [2010.03.15 10:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.18 18:45:02 | 004,172,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2009.06.10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007.06.19 08:51:20 | 000,107,304 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mdm.sys -- (s816mdm)
DRV - [2007.06.19 08:51:18 | 000,099,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.19 08:51:18 | 000,097,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)
DRV - [2007.06.19 08:51:18 | 000,097,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816obex.sys -- (s816obex)
DRV - [2007.06.19 08:51:18 | 000,021,928 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)
DRV - [2007.06.19 08:51:18 | 000,013,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816mdfl.sys -- (s816mdfl)
DRV - [2007.06.19 08:51:16 | 000,081,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&sys ... earchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1750559
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A B4 35 1B EE 2B CB 01 [binary data]
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\InprocServer32 File not found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.ph ... }&ch_id=sm
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... 1I7SKPT_cs
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&sys ... earchTerms}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT1750559
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?sr ... earchTerms}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/sm"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: firefox@bandoo.com:5.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.1.0.01
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&systemid=101&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Users\Josef\AppData\Roaming\Mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 20:58:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.06 19:15:56 | 000,000,000 | ---D | M]

[2011.03.06 19:06:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Extensions
[2011.04.03 15:19:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions
[2011.04.03 15:19:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.06 19:06:45 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.03.06 19:06:26 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\firefox@bandoo.com
[2011.04.03 15:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\5xy450mr.default\extensions
[2011.04.03 15:19:27 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\5xy450mr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.03 15:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\fct3fk6i.default\extensions
[2011.04.03 15:19:29 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\fct3fk6i.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.03 15:19:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ib5634st.default\extensions
[2011.04.03 15:19:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ib5634st.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.03.06 18:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions
[2012.01.04 21:32:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.03.01 17:56:20 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.03.06 18:27:18 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.03.20 20:17:56 | 000,000,950 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\icqplugin-1.xml
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\icqplugin.xml
[2010.09.02 09:09:41 | 000,005,529 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\SearchquWebSearch.xml
[2011.12.03 23:37:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.03 23:37:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.03.21 20:47:09 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.02.17 20:58:44 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.13 19:00:52 | 001,480,192 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\mozilla firefox\plugins\NpFv530.dll
[2010.04.13 20:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
[2011.10.19 18:58:02 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.19 18:58:02 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.28 18:39:12 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2010.04.13 20:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
[2011.10.19 18:58:02 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.19 18:58:02 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.19 18:58:02 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml
[2010.04.13 20:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zbocz.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WEBIE.DLL ()
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll File not found
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WEBIE.DLL ()
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000..\Run: [Clownfish] C:\Program Files\Clownfish\Clownfish.exe ()
O4 - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000..\Run: [ICQ] ~"C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe" silent loginmode=4 File not found
O4 - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KvetinkaProzeny.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WEBIE.DLL ()
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80E3D683-8463-49DF-850E-ABDFFA8D889D}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~1\wia6eb~1\datamngr\datamngr.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\wia6eb~1\datamngr\iebho.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{9553afc9-e52e-11e0-aca3-001617d70c47}\Shell - "" = AutoRun
O33 - MountPoints2\{9553afc9-e52e-11e0-aca3-001617d70c47}\Shell\AutoRun\command - "" = F:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.03.17 13:45:51 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.17 13:38:12 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\Josef\Desktop\OTL.exe
[2012.03.17 11:41:16 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.03.17 11:41:07 | 000,000,000 | ---D | C] -- C:\rsit
[2012.03.14 21:33:38 | 000,000,000 | ---D | C] -- C:\Users\Josef\Desktop\Nová složka (2)
[2012.03.11 21:48:50 | 000,000,000 | ---D | C] -- C:\Users\Josef\AppData\Roaming\gtk-2.0
[2012.03.11 21:48:43 | 000,000,000 | ---D | C] -- C:\Users\Josef\.thumbnails
[2012.03.11 21:41:24 | 000,000,000 | ---D | C] -- C:\Users\Josef\Desktop\Nová složka
[2012.03.11 21:30:20 | 000,000,000 | ---D | C] -- C:\Users\Josef\.gimp-2.6
[2012.03.11 21:30:18 | 000,000,000 | ---D | C] -- C:\Users\Josef\Documents\gegl-0.0
[2011.03.21 20:14:50 | 009,458,923 | ---- | C] (Mozilla) -- C:\Program Files\seznam-firefox-win32-cs-3.6.13.exe

========== Files - Modified Within 7 Days ==========

[2012.03.17 13:58:21 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.03.17 13:45:48 | 000,001,224 | ---- | M] () -- C:\Windows\TRNCOM.INI
[2012.03.17 13:39:07 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\Josef\Desktop\OTL.exe
[2012.03.17 13:17:07 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.17 11:12:46 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 11:12:46 | 000,014,240 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 11:06:05 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.17 11:05:21 | 000,000,308 | ---- | M] () -- C:\Windows\tasks\WinMaximizer-Josef-Startup.job
[2012.03.17 11:03:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.17 11:03:54 | 1207,508,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.16 19:34:34 | 000,761,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.16 19:34:34 | 000,479,176 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.16 19:34:33 | 006,208,400 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2012.03.16 19:34:33 | 002,004,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2012.03.15 20:43:16 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012.03.11 21:48:50 | 000,000,844 | ---- | M] () -- C:\Users\Josef\.recently-used.xbel

========== Files Created - No Company Name ==========

[2012.03.17 13:58:15 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.03.15 20:43:16 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012.03.11 21:48:50 | 000,000,844 | ---- | C] () -- C:\Users\Josef\.recently-used.xbel
[2012.03.06 19:14:04 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2012.03.06 18:23:46 | 000,007,837 | ---- | C] () -- C:\Windows\unins000.dat
[2011.03.06 19:06:15 | 001,524,112 | ---- | C] () -- C:\Windows\System32\bandoolmx.dll
[2010.10.08 14:36:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.25 14:31:52 | 000,000,033 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2010.07.25 14:31:14 | 000,000,226 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2010.07.25 14:31:13 | 000,001,224 | ---- | C] () -- C:\Windows\TRNCOM.INI
[2010.07.25 14:31:04 | 000,004,193 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2010.07.25 14:31:04 | 000,001,777 | ---- | C] () -- C:\Windows\WDICT32.INI
[2010.07.25 14:06:45 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.07.25 14:06:44 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.07.25 14:06:40 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.07.25 14:06:40 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.07.25 14:06:39 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2010.07.25 14:06:37 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

========== LOP Check ==========

[2011.03.07 12:35:06 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Bandoo
[2011.07.08 21:00:04 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\BSplayer
[2011.07.08 20:56:15 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\BSplayer Pro
[2011.10.02 15:58:51 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Canon
[2010.07.25 12:47:04 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\GHISLER
[2012.03.11 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\gtk-2.0
[2011.07.22 21:28:02 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\ICQ
[2011.01.10 17:37:50 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\KvetinkaProzeny.66568306CF4F46C61062ED2BE7BCA71A0993D624.1
[2010.07.30 08:32:41 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Teleca
[2012.02.17 16:11:30 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.17 11:05:21 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Josef-Startup.job

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

část 2:
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2010.04.09 08:16:33 | 001,289,096 | ---- | M] (Microsoft Corporation) MD5=5D6A83E928F22AF5AC9868B162FFAD0D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_b38009a0e0d5a32d\tcpip.sys
[2010.04.09 08:24:54 | 001,285,000 | ---- | M] (Microsoft Corporation) MD5=63170B9EE1D0EF0032F0408605671D1A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_b30e0d41c7a5fe2f\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[27 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.10 17:36:30 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Adobe
[2011.03.07 12:35:06 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Bandoo
[2011.07.08 21:00:04 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\BSplayer
[2011.07.08 20:56:15 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\BSplayer Pro
[2011.10.02 15:58:51 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Canon
[2010.07.25 12:47:04 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\GHISLER
[2010.10.11 17:18:43 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Google
[2012.03.11 21:48:50 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\gtk-2.0
[2011.07.22 21:28:02 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\ICQ
[2010.10.11 17:20:27 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Identities
[2011.01.10 17:37:50 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\KvetinkaProzeny.66568306CF4F46C61062ED2BE7BCA71A0993D624.1
[2010.07.25 15:28:06 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Macromedia
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Media Center Programs
[2010.10.22 21:27:16 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Media Player Classic
[2012.01.18 17:35:52 | 000,000,000 | --SD | M] -- C:\Users\Josef\AppData\Roaming\Microsoft
[2012.03.06 18:23:46 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Mozilla
[2010.07.25 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Nero
[2012.03.17 11:05:22 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Skype
[2011.12.03 22:04:54 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\skypePM
[2010.07.30 08:26:57 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Sony Ericsson
[2010.07.30 08:32:41 | 000,000,000 | ---D | M] -- C:\Users\Josef\AppData\Roaming\Teleca

< %APPDATA%\*.exe /s >
[2009.08.11 20:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 20:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 13:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2010.02.23 16:01:52 | 001,185,871 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 09:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 09:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 09:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 14:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2011.01.10 17:36:18 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Josef\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.03.17 11:06:05 | 000,000,934 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.17 14:17:16 | 000,000,938 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.03.17 11:05:21 | 000,000,308 | ---- | M] () -- C:\Windows\Tasks\WinMaximizer-Josef-Startup.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.03.17 11:12:46 | 000,014,240 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.17 11:12:46 | 000,014,240 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.15 21:38:59 | 054,215,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2012.03.16 19:34:33 | 002,004,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2012.03.16 19:34:34 | 000,479,176 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012.03.16 19:34:33 | 006,208,400 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2012.03.16 19:34:34 | 000,761,142 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012.03.16 19:34:33 | 000,005,622 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" = "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 -- [2008.02.28 16:07:58 | 001,828,136 | ---- | M] (Nero AG)
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.10.08 14:35:35 | 000,039,408 | ---- | M] (Google Inc.)
"ICQ" = ~"C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe" silent loginmode=4
"Sony Ericsson PC Companion" = "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 09:27:14 | 017,351,304 | R--- | M] (Skype Technologies S.A.)
"Clownfish" = "C:\Program Files\Clownfish\Clownfish.exe" -- [2012.02.13 11:16:24 | 001,055,992 | ---- | M] ()

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.02.17 20:58:44 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=5AC757AE411CBC603C33C85F81F8657D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2011.06.07 19:53:53 | 000,748,336 | ---- | M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.03.17 13:58:21 | 000,000,512 | ---- | M] () MD5=7FF3448305235D55BD544EB01549E440 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2011.06.12 17:35:29 | 000,002,564 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Content.IE5\0Z1J6I0X\IA4_Scrat_Continental_Crack[1].wmv
[2012.02.23 19:15:55 | 013,501,515 | ---- | M] () -- \GAMES\The Sims 2 Double Deluxe\SP4\TSBin\THE-SIMS2-CRACK-15MB.rar
[2012.02.17 18:38:32 | 000,000,622 | ---- | M] () -- \Users\Josef\AppData\Roaming\Microsoft\Windows\Recent\cracky-the-sims-2-atd.lnk
[2012.02.23 18:45:27 | 000,000,684 | ---- | M] () -- \Users\Josef\AppData\Roaming\Microsoft\Windows\Recent\The Sims 3 Pets-crack.lnk
[2012.02.23 18:52:30 | 000,000,659 | ---- | M] () -- \Users\Josef\AppData\Roaming\Microsoft\Windows\Recent\The-Sims-2-crack.lnk
[2012.02.23 19:15:56 | 000,000,679 | ---- | M] () -- \Users\Josef\AppData\Roaming\Microsoft\Windows\Recent\THE-SIMS2-CRACK-15MB.lnk

< *keygen* /s >

< *loader* /s >
[2011.10.17 17:50:25 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\0Y9UQA18\ajax-preloader-bg[1].gif
[2011.11.17 16:45:16 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\0Y9UQA18\ajax-preloader-bg[2].gif
[2011.11.17 16:45:30 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\BS5OSBNQ\ajax-preloader-bg[1].gif
[2012.01.06 13:14:58 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\BS5OSBNQ\ajax-preloader-bg[2].gif
[2012.01.06 13:15:13 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\BS5OSBNQ\ajax-preloader-bg[3].gif
[2011.10.17 17:50:40 | 000,000,694 | ---- | M] () -- \found.000\dir0001.chk\Low\Temporary Internet Files\Content.IE5\TTVI7D81\ajax-preloader-bg[1].gif
[2011.04.03 15:25:03 | 000,002,931 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Content.IE5\0Z1J6I0X\preloader[1].swf
[2011.12.24 12:23:30 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[1].gif
[2011.12.30 14:47:04 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[2].gif
[2012.01.01 19:32:52 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[3].gif
[2012.01.02 18:06:17 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[4].gif
[2012.01.02 18:06:30 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[5].gif
[2012.01.04 17:04:16 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[6].gif
[2012.01.04 17:51:17 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[7].gif
[2012.01.12 19:47:27 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\044GYOI2\ajax-preloader-bg[8].gif
[2011.11.28 16:07:03 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[1].gif
[2011.12.03 14:32:17 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[2].gif
[2011.12.18 14:59:08 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[3].gif
[2011.12.18 14:59:24 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[4].gif
[2011.12.20 17:44:53 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[5].gif
[2011.12.24 12:23:46 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[6].gif
[2011.12.29 14:38:10 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[7].gif
[2011.12.29 14:38:26 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\AJ0OZH9U\ajax-preloader-bg[8].gif
[2011.11.29 14:53:08 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[1].gif
[2011.12.10 12:11:04 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[2].gif
[2011.12.26 10:15:23 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[3].gif
[2011.12.26 10:15:38 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[4].gif
[2011.12.30 14:47:20 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[5].gif
[2012.01.04 17:04:33 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[6].gif
[2012.01.09 18:10:18 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[7].gif
[2012.01.09 18:10:33 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[8].gif
[2012.01.12 19:47:13 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\FGEBYOS2\ajax-preloader-bg[9].gif
[2012.01.01 19:33:10 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[10].gif
[2012.01.04 17:51:02 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[11].gif
[2011.11.28 16:07:25 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[1].gif
[2011.11.29 14:52:54 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[2].gif
[2011.11.29 19:32:24 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[3].gif
[2011.11.29 19:32:43 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[4].gif
[2011.12.03 14:32:32 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[5].gif
[2011.12.10 12:11:56 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[6].gif
[2011.12.12 22:00:14 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[7].gif
[2011.12.12 22:00:30 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[8].gif
[2011.12.20 17:44:36 | 000,000,694 | ---- | M] () -- \found.001\dir0000.chk\Windows\Temporary Internet Files\Low\Content.IE5\YYT7QJIY\ajax-preloader-bg[9].gif
[2009.08.31 13:44:10 | 000,015,605 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\MovieUploaderForYouTube.chm
[2009.11.06 11:37:24 | 000,893,440 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\MovieUploaderForYouTube.exe
[2009.10.26 15:41:48 | 000,011,776 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\ReadMe(MovieUploaderForYouTube).rtf
[2009.11.06 12:37:24 | 000,010,240 | ---- | M] () -- \Program Files\Canon\CameraWindow\Movie Uploader for YouTube\en\MovieUploaderForYouTube.resources.dll
[2005.03.01 22:20:12 | 000,002,781 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2005.04.17 17:39:04 | 000,029,918 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-ani.dll
[2005.04.17 17:39:16 | 000,027,490 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-bmp.dll
[2005.04.17 17:39:00 | 000,042,497 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-gif.dll
[2005.04.17 17:39:02 | 000,028,122 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-ico.dll
[2005.04.17 17:38:58 | 000,032,304 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-jpeg.dll
[2005.04.17 17:39:24 | 000,022,665 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-pcx.dll
[2005.04.17 17:38:56 | 000,035,770 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-png.dll
[2005.04.17 17:39:14 | 000,026,057 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-pnm.dll
[2005.04.17 17:39:06 | 000,020,161 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-ras.dll
[2005.04.17 17:39:22 | 000,025,605 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-tga.dll
[2005.04.17 17:39:10 | 000,025,366 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-tiff.dll
[2005.04.17 17:39:18 | 000,019,015 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-wbmp.dll
[2005.04.17 17:39:20 | 000,024,537 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-xbm.dll
[2005.04.17 17:39:08 | 000,045,210 | ---- | M] () -- \Program Files\Common Files\GTK\2.0\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-xpm.dll
[2006.10.26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2008.02.28 12:26:06 | 000,111,912 | ---- | M] () -- \Program Files\Common Files\Nero\Shared\NSCLoader.dll
[2011.04.03 15:16:33 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.04.03 15:16:34 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.04.03 15:16:32 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.4\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.04.11 13:45:06 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\icq_profile\preloader.html
[2011.04.03 15:17:16 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_forms\preloader.html
[2011.04.03 15:17:16 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.4\Xtraz\icq\content\profile_lightboxs\preloader.html
[2007.07.23 12:22:04 | 000,450,560 | R--- | M] () -- \Program Files\Sony Ericsson\Mobile2\Sync Manager\NotesPimAdaptorLoader.dll
[2011.03.02 14:32:50 | 000,004,176 | ---- | M] () -- \Program Files\Windows Searchqu Toolbar\ToolBar\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
[2010.12.25 21:07:32 | 000,001,505 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube Readme.lnk
[2010.12.25 21:07:32 | 000,001,389 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube Uninstall.lnk
[2010.12.25 21:07:32 | 000,001,465 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube.lnk
[2008.02.04 10:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.12.25 21:07:32 | 000,001,505 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube Readme.lnk
[2010.12.25 21:07:32 | 000,001,389 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube Uninstall.lnk
[2010.12.25 21:07:32 | 000,001,465 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Canon Utilities\CameraWindow\Movie Uploader for YouTube\Movie Uploader for YouTube.lnk
[2008.02.04 10:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.01.29 14:24:42 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\47V4XW1C\ajax-preloader-bg[1].gif
[2012.02.06 17:17:01 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\47V4XW1C\ajax-preloader-bg[2].gif
[2012.02.06 17:17:16 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\47V4XW1C\ajax-preloader-bg[3].gif
[2012.03.08 17:08:37 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\47V4XW1C\ajax-preloader-bg[4].gif
[2012.01.31 15:50:45 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTAMA59W\ajax-preloader-bg[1].gif
[2012.02.02 16:56:44 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTAMA59W\ajax-preloader-bg[2].gif
[2012.02.15 17:20:43 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTAMA59W\ajax-preloader-bg[3].gif
[2012.02.16 15:21:59 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTAMA59W\ajax-preloader-bg[4].gif
[2012.03.12 19:38:44 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JTAMA59W\ajax-preloader-bg[5].gif
[2012.03.01 19:10:47 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[10].gif
[2012.01.18 13:38:55 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[1].gif
[2012.01.18 13:39:11 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[2].gif
[2012.01.25 19:17:34 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[3].gif
[2012.02.09 19:12:25 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[4].gif
[2012.02.09 19:12:44 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[5].gif
[2012.02.15 17:20:28 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[6].gif
[2012.02.22 18:53:45 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[7].gif
[2012.02.22 19:14:15 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[8].gif
[2012.03.01 19:10:01 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S35GQU2J\ajax-preloader-bg[9].gif
[2012.03.12 19:38:27 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bgCA9H088C.gif
[2012.03.04 16:35:40 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[10].gif
[2012.03.08 17:08:53 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[11].gif
[2012.01.25 19:17:49 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[1].gif
[2012.01.29 14:24:26 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[2].gif
[2012.01.31 15:51:04 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[3].gif
[2012.02.02 16:57:04 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[4].gif
[2012.02.10 16:13:11 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[5].gif
[2012.02.10 16:13:29 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[6].gif
[2012.02.16 15:21:45 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[7].gif
[2012.02.22 18:54:01 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[8].gif
[2012.03.04 16:35:25 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UC4A1GHA\ajax-preloader-bg[9].gif
[2012.01.31 15:37:15 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\817MYWJN\ajax-preloader-bg[1].gif
[2012.01.31 15:37:30 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\DVPTAKUJ\ajax-preloader-bg[1].gif
[2012.03.10 13:08:42 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\DVPTAKUJ\ajax-preloader-bg[2].gif
[2012.01.20 15:56:38 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SJKHKSUM\ajax-preloader-bg[1].gif
[2012.01.20 15:56:53 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SJKHKSUM\ajax-preloader-bg[2].gif
[2012.02.22 18:55:58 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SJKHKSUM\ajax-preloader-bg[3].gif
[2012.02.22 18:55:41 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UB73GUL1\ajax-preloader-bg[1].gif
[2012.03.10 13:08:21 | 000,000,694 | ---- | M] () -- \Users\Josef\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\UB73GUL1\ajax-preloader-bg[2].gif
[2011.03.02 14:32:50 | 000,004,176 | ---- | M] () -- \Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.Coupons_v2\images\loader.gif
[2011.06.20 13:09:22 | 000,009,767 | ---- | M] () -- \Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\conduitCommon\modules\3.5.0.12\ExternalLibraryLoader.jsm
[2012.03.06 18:04:22 | 000,010,145 | ---- | M] () -- \Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\modules\ExternalLibraryLoader.jsm
[2010.07.25 13:52:01 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2009.07.14 13:25:34 | 002,202,645 | R--- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.06.07 20:30:47 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.06.07 20:30:47 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.06.07 20:30:48 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Cetl jste prosim pravidla fora zde http://forum.viry.cz/viewtopic.php?f=12&t=5601 a zde http://forum.viry.cz/viewtopic.php?f=12&t=115512

četl proč?? něco se děje??

co treba legalnost vasich windows

No mám je od známého, ale to neni duvod aby se mi to sekalo ne??

mozna ano, mozna ne...ale porusujete pravidla fora v smyslu zadosti o pomoc s nelegalnim OS, nehlede na licencni podminky, autorsky zakon atd, ze

aha tak dekuju no

Jste tu novy, tak to napoprve a vyjimecne poresime, priste bude ale pomoc odmitnuta

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
SRV - [2010.06.21 16:47:04 | 000,246,584 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Bar = http://google.icq.com/search/search_frame.php
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A B4 35 1B EE 2B CB 01 [binary data]
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\InprocServer32 File not found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - SOFTWARE\Classes\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\InprocServer32 File not found
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=sm
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_cs
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&systemid=101&q={searchTerms}
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
IE - HKU\S-1-5-21-1088203957-1814470328-2416018973-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = http://search.sweetim.com/search.asp?src=6&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/sm"
FF - user.js - File not found
[2011.04.03 15:19:26 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.06 19:06:45 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.03.06 19:06:26 | 000,000,000 | ---D | M] (Bandoo for Firefox) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\extensions\firefox@bandoo.com
[2011.04.03 15:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\5xy450mr.default\extensions
[2011.04.03 15:19:27 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\5xy450mr.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.03 15:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\fct3fk6i.default\extensions
[2011.04.03 15:19:29 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\fct3fk6i.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.04.03 15:19:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ib5634st.default\extensions
[2011.04.03 15:19:31 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\ib5634st.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.03.06 18:27:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions
[2012.01.04 21:32:00 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.03.06 18:27:18 | 000,000,000 | ---D | M] (BS Player Community Toolbar) -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\v96q416m.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2011.03.20 20:17:56 | 000,000,950 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\icqplugin-1.xml
[2010.05.12 16:40:48 | 000,001,042 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\icqplugin.xml
[2010.09.02 09:09:41 | 000,005,529 | ---- | M] () -- C:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\3szr921a.default\searchplugins\SearchquWebSearch.xml
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()
O2 - BHO: (UrlHelper Class) - {A40DC6C5-79D0-4ca8-A185-8FF989AF1115} - C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll File not found
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Users\Josef\Desktop\ICQ7.4\ICQ.exe File not found
O13 - gopher Prefix: missing
O20 - AppInit_DLLs: (c:\progra~1\wia6eb~1\datamngr\datamngr.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\wia6eb~1\datamngr\iebho.dll) - c:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Discordia, LTD)
O20 - AppInit_DLLs: (c:\progra~1\bandoo\bndhook.dll) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{9553afc9-e52e-11e0-aca3-001617d70c47}\Shell - "" = AutoRun
[17 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:services
Nero BackItUp Scheduler 3
gupdate
gupdatem
NMIndexingService

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"=-
"NBKeyScan"=-
"Sony Ericsson PC Suite"=-
"SweetIM"=-
"DATAMNGR"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"swg"=-
"ICQ"=-
"Sony Ericsson PC Companion"=-
"Skype"=-

:files
c:\GAMES\The Sims 2 Double Deluxe\SP4\TSBin\THE-SIMS2-CRACK-15MB.rar
c:\Windows\Setup\SCRIPTS\Windows7Loader.exe /d
C:\Program Files\Windows Searchqu Toolbar
C:\Program Files\SweetIM
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\WinMaximizer-Josef-Startup.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

Prosím o kontrolu LOGU

Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU

Re: Prosím o kontrolu LOGU