VIRY.CZ

Dobrý den,
pokaždé když kliknu na archív stránky v googlu, vyskoší mi následující text:

"Naše systémy zjistily, že vaše počítačová síť je zdrojem neobvyklého provozu. Zkuste prosím požadavek opakovat později. Důvod:


Adresa IP: 89.103.83.74
Čas: 2013-02-16T08:10:30Z
Adresa URL: http://webcache.googleusercontent.com/s ... ient=opera"

Hledal jsem na internetu co by se s tím dalo dělat, a odkázali mě sem. Děkuji za pomoc.

Zdravím!
Dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=105895 .

Toohle mi během procedury vyskočilo, tak jsem dal OK a něco se začalo mazat > http://img.pictureup.cz/16022013/7d5586 ... 092827.png

Jinak ten výpis z logu je tady:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Fl at 2013-02-16 16:15:39
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (16%) free of 20 GB
Total RAM: 1022 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:19:18, on 16-II-2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hotkeyp\HotkeyP.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\wincmd2\TOTALCMD.EXE
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Fl.exe
C:\WINDOWS\system32\mspaint.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 0129FD799D}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000. ... 0129FD799D}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=make&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {ce10bf86-da68-441e-91fa-38336363e3cd} - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.321.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31 tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O1 - Hosts: 207.200.66.53 liveintercom.com
O1 - Hosts: 71.96.135.20 keenspace.com
O1 - Hosts: 202.51.107.37 jetsoftware.com
O1 - Hosts: 60.251.54.208 jamba.com
O1 - Hosts: 222.161.3.133 ir.com
O1 - Hosts: 200.24.22.170 investopedia.com
O1 - Hosts: 202.149.24.216 choiceradio.com
O1 - Hosts: 91.206.23.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 141.76.45.18 chip.com
O1 - Hosts: 128.006.192.15 redv.net
O1 - Hosts: 194.42.170.124 cgi.com
O1 - Hosts: 199.26.254.66 centcomm.com
O1 - Hosts: 202.149.24.216 digitallook.com
O1 - Hosts: 60.251.19.134 domainfactory.com
O1 - Hosts: 222.161.3.133 dvdfocomm.nu
O1 - Hosts: 157.95.56.15 e-kolay.com
O1 - Hosts: 85.249.23.115 eurosport.com
O1 - Hosts: 189.104.149.61 f1cd.com
O1 - Hosts: 125.162.92.234 free6.com
O1 - Hosts: 80.81.19.20 cdmworldsoftware.com
O1 - Hosts: 117.102.101.219 grafika.com
O1 - Hosts: 85.29.23.115 adware-delete.com
O1 - Hosts: 69.89.221.135 hbv.com
O1 - Hosts: 92.48.21.39 protectorsuite.com
O1 - Hosts: 128.31.1.16 howstuffworks.com
O1 - Hosts: 85.249.23.117 hyena.com
O1 - Hosts: 219.139.158.59 binfo.com204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.321.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31 tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Enterra Icon Keeper] "C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe" ssp /s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HotkeyP] C:\Program Files\Hotkeyp\HotkeyP.exe 0
O4 - HKCU\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S145.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S1B.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_SCD.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Opera.lnk = C:\Program Files\Opera\opera.exe
O4 - Startup: Total Commander.lnk = C:\Program Files\wincmd2\TOTALCMD.EXE
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: ITE Smart Guardian.lnk = C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.atdhe.net
O15 - Trusted Zone: *.atdhe.net
O15 - Trusted Zone: www.gamedesire.com
O15 - Trusted Zone: http://www.gamedesire.com
O15 - Trusted Zone: *.kb.cz
O15 - Trusted Zone: http://www.mifa.cz
O15 - Trusted Zone: *.mojebanka.cz
O15 - Trusted Zone: http://www.upc.cz
O15 - Trusted Zone: http://www.upcmoviequiz.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Fl/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 13785 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC6_AutoCare.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003UA.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28870265-2bea-4b74-a1e1-81316a9445b6.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 69c47101-635f-46a8-9af7-b9c08f589e77.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default

prefs.js - "browser.startup.homepage" - "http://home.sweetim.com/?crg=3.1010000. ... 0129FD799D}"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/BOARDS,version=1.0]
"Description"=GameDesire Board Games
"Path"=C:\Program Files\Ganymede\Plugins\BOARDS\NPBOARDS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
Ganymede.class
NPBOARDS.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
babylon.xml
bing.xml
eBay.xml
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
twitter.xml
wikipedia-cz.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\
4fba5e1855864@4fba5e1855893.info
ascsurfingprotection@iobit.com
ffxtlbr@babylon.com
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{40f5f417-32bb-4296-9446-c1e0094e7d82}
{800b5000-a755-47e1-992b-48a1c1357f07}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin.xml
qip-search.xml
startsear.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2012-11-26 50800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2011-04-01 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetPacks Browser Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetPacks Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2012-12-06 1308504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartGuardian"=C:\Program Files\ITE\Smart Guardian\ITESmart.exe [2003-09-30 180224]
"iKeyWorks"=C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [2007-06-25 65536]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Enterra Icon Keeper"=C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe [2006-08-18 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2012-10-04 115032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"HotkeyP"=C:\Program Files\Hotkeyp\HotkeyP.exe [2008-07-15 65536]
"EPSON S22 Series (kopie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"EPSON S22 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevWebAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\masy]
C:\Program Files\Opera\masy.exe [2013-02-16 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-10-04 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator]
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [2012-08-15 231768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-11-27 1000848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=3
"W32Time"=2
"UPS"=3
"Spooler"=2
"RemoteAccess"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"QipGuard"=2
"nlsvc"=2
"JavaQuickStarterService"=2
"helpsvc"=3
"FastUserSwitchingCompatibility"=3
"Browser"=2
"BITS"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
ITE Smart Guardian.lnk - C:\Program Files\ITE\Smart Guardian\ITESmart.exe

C:\Documents and Settings\Fl\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Opera.lnk - C:\Program Files\Opera\opera.exe
Total Commander.lnk - C:\Program Files\wincmd2\TOTALCMD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"MaxRecentDocs"=9

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Downloads\bomberman\bm95.exe"="C:\Downloads\bomberman\bm95.exe:*:Enabled:bm95"
"E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe"="E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\qip.exe"="C:\Program Files\QIP Infium\qip.exe:*:Enabled:QIP 2012"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2013-02-16 16:15:39 ----D---- C:\rsit
2013-02-16 16:10:17 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-16 09:15:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\SUPERAntiSpyware.com
2013-02-16 09:15:05 ----D---- C:\Program Files\SUPERAntiSpyware
2013-02-16 09:15:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-02-16 08:29:12 ----D---- C:\Documents and Settings\Fl\Data aplikací\AVG
2013-02-16 08:27:51 ----D---- C:\Program Files\AVG
2013-02-16 05:21:10 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-02-12 16:21:14 ----D---- C:\Program Files\Google
2013-02-07 12:02:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\BANDISOFT
2013-02-07 12:02:15 ----D---- C:\Program Files\Bandicam
2013-02-07 12:02:13 ----D---- C:\Program Files\BandiMPEG1
2013-01-31 23:54:27 ----D---- C:\Program Files\dPilot
2013-01-27 17:13:46 ----D---- C:\Program Files\Keysnitch
2013-01-26 14:55:45 ----A---- C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-01-26 14:06:52 ----D---- C:\ks
2013-01-26 14:02:53 ----D---- C:\Program Files\WideStep Software
2013-01-26 14:00:54 ----D---- C:\Program Files\SweetIM
2013-01-26 14:00:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2013-01-26 13:07:58 ----A---- C:\WINDOWS\system32\IJL_11.DLL
2013-01-26 12:47:38 ----D---- C:\Program Files\Emsa Save My Work
2013-01-25 17:45:12 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-01-20 12:02:43 ----D---- C:\Program Files\HooTech SWF FLV to MP3 Converter
2013-01-19 08:30:29 ----A---- C:\WINDOWS\AviSplitter.INI
2013-01-17 19:21:21 ----RD---- C:\Program Files\Skype
2013-01-17 19:21:21 ----D---- C:\Program Files\Common Files\Skype

======List of files/folders modified in the last 1 month======

2013-02-16 16:18:53 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-16 16:18:52 ----D---- C:\Program Files\trend micro
2013-02-16 16:18:02 ----D---- C:\WINDOWS\temp
2013-02-16 16:13:24 ----AC---- C:\WINDOWS\wincmd.ini
2013-02-16 16:11:48 ----D---- C:\Program Files
2013-02-16 16:10:17 ----D---- C:\WINDOWS
2013-02-16 16:09:16 ----D---- C:\Documents and Settings\Fl\Data aplikací\uTorrent
2013-02-16 16:05:45 ----D---- C:\Documents and Settings\Fl\Data aplikací\Skype
2013-02-16 16:04:26 ----D---- C:\WINDOWS\system32
2013-02-16 09:15:31 ----SD---- C:\WINDOWS\Tasks
2013-02-16 09:14:14 ----D---- C:\Program Files\The KMPlayer
2013-02-16 08:56:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-16 08:56:22 ----D---- C:\WINDOWS\Debug
2013-02-16 08:53:48 ----D---- C:\Documents and Settings\Fl\Data aplikací\Winamp
2013-02-16 08:15:17 ----D---- C:\Program Files\Opera
2013-02-16 08:09:20 ----D---- C:\Config.Msi
2013-02-16 05:21:10 ----D---- C:\WINDOWS\system32\drivers
2013-02-16 05:20:50 ----SHD---- C:\WINDOWS\Installer
2013-02-16 05:20:48 ----D---- C:\WINDOWS\WinSxS
2013-02-16 05:18:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-02-13 15:20:35 ----A---- C:\botok.txt
2013-02-12 16:36:25 ----D---- C:\Program Files\Mozilla Firefox
2013-02-08 17:47:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-03 20:02:11 ----D---- C:\WINDOWS\Minidump
2013-02-02 05:13:22 ----D---- C:\Documents and Settings\Fl\Data aplikací\Audacity
2013-01-26 16:34:44 ----HD---- C:\Program Files\Ffysedppico
2013-01-26 16:30:41 ----D---- C:\Program Files\Mioplanet
2013-01-26 16:28:33 ----D---- C:\Program Files\Common Files
2013-01-26 14:55:21 ----D---- C:\Program Files\Java
2013-01-25 10:42:24 ----D---- C:\Downloads
2013-01-22 19:40:42 ----D---- C:\ a
2013-01-22 09:14:34 ----D---- C:\Program Files\ScreenshotCaptor
2013-01-21 14:25:38 ----D---- C:\Documents and Settings\Fl\Data aplikací\Apple Computer
2013-01-21 14:22:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2013-01-21 14:22:21 ----D---- C:\Documents and Settings\Fl\Data aplikací\IObit
2013-01-21 14:22:09 ----D---- C:\Program Files\IObit
2013-01-21 14:20:39 ----D---- C:\Program Files\Windows Doctor
2013-01-20 09:03:44 ----D---- C:\Program Files\PokerOffice5
2013-01-17 19:21:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-08-18 93568]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-14 639224]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2010-09-22 39424]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2011-09-14 4484]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-12-25 14336]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 iteio;iteio; \??\C:\WINDOWS\system32\drivers\iteio.sys []
R3 kbdcap;kbdcap; C:\WINDOWS\system32\drivers\kbdcap.sys [2011-09-24 109440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2011-06-13 2944]
S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBRE.sys []
S2 SCRCAMHRDRV;ScreenCamera HR; C:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S3 ajgazwup;ajgazwup; C:\WINDOWS\system32\drivers\ajgazwup.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
S3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2012-03-15 353096]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpnmouse;cpnmouse; C:\WINDOWS\system32\DRIVERS\cpnmouse.sys [2003-11-28 5162]
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 glavcam;BW Microscope; C:\WINDOWS\system32\DRIVERS\glavcam.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2012-10-20 42512]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-09-18 12984]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2011-11-21 340624]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 wip0202;Wippien Network Adapter; C:\WINDOWS\system32\DRIVERS\wip0202.sys [2007-06-27 23904]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

To, co vám běží v PC je jedním slovem humus. Nejprve spusťte tuto utilitu:

Stáhněte AdwCleaner http://stahnu.cz/tag/adw-cleaner-free-download
Uložte na plochu
Ukončete všechny programy
Klikněte na Search
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v2.109 - Logfile created 02/16/2013 at 20:20:03
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Fl
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\adwcleaner_2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\BrowserMngr_extensions.sqlite
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\browsermngr_prefs.js
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\Conduit.xml
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\icqplugin.xml
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\icqplugin-1.xml
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\qip-search.xml
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\Startsear.xml
File Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\searchplugins\SweetIm.xml
File Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
File Found : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrch.xml
File Found : C:\user.js
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Ask
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Found : C:\Documents and Settings\All Users\Data aplikací\InstallMate
Folder Found : C:\Documents and Settings\All Users\Data aplikací\SweetIM
Folder Found : C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar
Folder Found : C:\Documents and Settings\All Users\Data aplikací\wxDfast
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Babylon
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\ConduitCommon
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\CT2828561
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\{40f5f417-32bb-4296-9446-c1e0094e7d82}
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\ffxtlbr@babylon.com
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\SweetPacksToolbarData
Folder Found : C:\Documents and Settings\Fl\Data aplikací\OpenCandy
Folder Found : C:\Documents and Settings\Fl\Data aplikací\Toolbar4
Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\APN
Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Conduit
Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\ConduitEngine
Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Movier-media
Folder Found : C:\Documents and Settings\fl2\Local Settings\Data aplikací\ConduitEngine
Folder Found : C:\Documents and Settings\Jirka\Local Settings\Data aplikací\ConduitEngine
Folder Found : C:\Program Files\ConduitEngine
Folder Found : C:\Program Files\ICQ6Toolbar
Folder Found : C:\Program Files\Movier-media
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\Program Files\Winamp Toolbar
Folder Found : C:\WINDOWS\assembly\GAC_MSIL\QuickStoresToolbar
Folder Found : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Folder Found : C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AutocompleteProBHO
Key Found : HKCU\Software\BrowserMngr
Key Found : HKCU\Software\conduitEngine
Key Found : HKCU\Software\conduitEngine
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE10BF86-DA68-441E-91FA-38336363E3CD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\StartSearch
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BrowserMngr
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0579B4B1-0293-4D73-B02D-5EBB0BA0F0A2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Found : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Found : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\sim-packages
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Found : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\conduitEngine
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{673CA802-0DDD-42C9-B92B-C1A2AAD6ED4D}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7C311A0-0A82-43AD-A44D-C43EC8A3E2FA}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB7E58A1-5186-44D2-8830-C1855F97E9F4}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\Software\Movier-media
Key Found : HKLM\Software\PIP
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-842925246-1177238915-725345543-1003\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CE10BF86-DA68-441E-91FA-38336363E3CD}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Page] = hxxp://google.icq.com
[HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Bar] = hxxp://google.icq.com/search/search_frame.php
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://qip.ru
[HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.qip.ru/ie
[HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.babylon.com/?affID=111789&tt=140812_bandext_3312_5&babsrc=HP_ss&mntrId=74a6bf56000000000000000129fd799d
[HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=make&s={searchTerms}&f=4
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}

-\\ Mozilla Firefox v9.0.1 (en-US)

File : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\prefs.js

Found : user_pref("CT2828561..clientLogIsEnabled", false);
Found : user_pref("CT2828561..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2828561..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2828561.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT2828561.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2828561.AppTrackingLastCheckTime", "Sun Sep 18 2011 06:42:15 GMT+0200");
Found : user_pref("CT2828561.BrowserCompStateIsOpen_129597967945709017", true);
Found : user_pref("CT2828561.BrowserCompStateIsOpen_129627257815001869", true);
Found : user_pref("CT2828561.BrowserCompStateIsOpen_129678101623061510", true);
Found : user_pref("CT2828561.BrowserCompStateIsOpen_129682606239976617", true);
Found : user_pref("CT2828561.BrowserCompStateIsOpen_129687623050740282", true);
Found : user_pref("CT2828561.CTID", "ct2828561");
Found : user_pref("CT2828561.CurrentServerDate", "12-2-2013");
Found : user_pref("CT2828561.DialogsAlignMode", "LTR");
Found : user_pref("CT2828561.DialogsGetterLastCheckTime", "Tue Feb 12 2013 16:36:33 GMT+0100");
Found : user_pref("CT2828561.DownloadReferralCookieData", "");
Found : user_pref("CT2828561.EMailNotifierPollDate", "Sun Oct 28 2012 03:53:30 GMT+0100");
Found : user_pref("CT2828561.FeedPollDate129329930679575033", "Tue Feb 12 2013 16:36:31 GMT+0100");
Found : user_pref("CT2828561.FirstServerDate", "18-9-2011");
Found : user_pref("CT2828561.FirstTime", true);
Found : user_pref("CT2828561.FirstTimeFF3", true);
Found : user_pref("CT2828561.FixPageNotFoundErrors", true);
Found : user_pref("CT2828561.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2828561.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2828561.HasUserGlobalKeys", true);
Found : user_pref("CT2828561.Initialize", true);
Found : user_pref("CT2828561.InitializeCommonPrefs", true);
Found : user_pref("CT2828561.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2828561.InstallationType", "ConduitIntegration");
Found : user_pref("CT2828561.InstalledDate", "Sun Sep 18 2011 06:41:56 GMT+0200");
Found : user_pref("CT2828561.InvalidateCache", false);
Found : user_pref("CT2828561.IsAlertDBUpdated", true);
Found : user_pref("CT2828561.IsGrouping", false);
Found : user_pref("CT2828561.IsInitSetupIni", true);
Found : user_pref("CT2828561.IsMulticommunity", false);
Found : user_pref("CT2828561.IsOpenThankYouPage", false);
Found : user_pref("CT2828561.IsOpenUninstallPage", true);
Found : user_pref("CT2828561.LanguagePackLastCheckTime", "Sun Sep 18 2011 06:42:09 GMT+0200");
Found : user_pref("CT2828561.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2828561.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2828561.LastLogin_3.10.0.1", "Wed Jul 04 2012 12:06:20 GMT+0200");
Found : user_pref("CT2828561.LastLogin_3.13.0.6", "Tue Aug 14 2012 03:58:48 GMT+0200");
Found : user_pref("CT2828561.LastLogin_3.14.1.0", "Tue Oct 09 2012 03:24:38 GMT+0200");
Found : user_pref("CT2828561.LastLogin_3.15.1.0", "Tue Feb 12 2013 16:36:32 GMT+0100");
Found : user_pref("CT2828561.LastLogin_3.6.0.10", "Tue Nov 15 2011 03:17:14 GMT+0100");
Found : user_pref("CT2828561.LatestVersion", "3.18.0.7");
Found : user_pref("CT2828561.Locale", "en");
Found : user_pref("CT2828561.MCDetectTooltipHeight", "83");
Found : user_pref("CT2828561.MCDetectTooltipShow", false);
Found : user_pref("CT2828561.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2828561.MCDetectTooltipWidth", "295");
Found : user_pref("CT2828561.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT2828561.OriginalFirstVersion", "3.6.0.10");
Found : user_pref("CT2828561.RadioIsPodcast", false);
Found : user_pref("CT2828561.RadioLastCheckTime", "Sun Sep 18 2011 06:42:07 GMT+0200");
Found : user_pref("CT2828561.RadioLastUpdateIPServer", "0");
Found : user_pref("CT2828561.RadioMediaID", "9962");
Found : user_pref("CT2828561.RadioMediaType", "Media Player");
Found : user_pref("CT2828561.RadioMenuSelectedID", "EBRadioMenu_CT28285619962");
Found : user_pref("CT2828561.RadioShrinkedFromSetup", false);
Found : user_pref("CT2828561.RadioStationName", "California%20Rock");
Found : user_pref("CT2828561.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2828561.SavedHomepage", "google.cz");
Found : user_pref("CT2828561.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2828561.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT282[...]
Found : user_pref("CT2828561.SearchInNewTabEnabled", true);
Found : user_pref("CT2828561.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2828561.SearchInNewTabLastCheckTime", "Sun Sep 18 2011 06:42:07 GMT+0200");
Found : user_pref("CT2828561.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2828561.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Found : user_pref("CT2828561.ServiceMapLastCheckTime", "Tue Feb 12 2013 16:36:29 GMT+0100");
Found : user_pref("CT2828561.SettingsLastCheckTime", "Sun Sep 18 2011 06:41:49 GMT+0200");
Found : user_pref("CT2828561.SettingsLastUpdate", "1316099660");
Found : user_pref("CT2828561.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2828561.ThirdPartyComponentsLastCheck", "Sun Sep 18 2011 06:41:48 GMT+0200");
Found : user_pref("CT2828561.ThirdPartyComponentsLastUpdate", "1312887586");
Found : user_pref("CT2828561.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT2828561.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2828561");
Found : user_pref("CT2828561.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT2828561.UserID", "UN96759833433415273");
Found : user_pref("CT2828561.ValidationData_Toolbar", 2);
Found : user_pref("CT2828561.alertChannelId", "1220629");
Found : user_pref("CT2828561.approveUntrustedApps", false);
Found : user_pref("CT2828561.backendstorage./9b+7e+x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e,x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e-x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e.x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e/x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e06cg5el8:", "6E6D70696A6D72766E6F");
Found : user_pref("CT2828561.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A7473766F7073787C7475242F4B4947[...]
Found : user_pref("CT2828561.backendstorage./9b+7e0x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e1x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e2x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e3x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e4x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e5x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e6x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e7x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e8x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e9x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e:x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e;x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e<x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e=x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e>x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e?x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7e@x305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7eax305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Found : user_pref("CT2828561.backendstorage./9b+7ebx305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7ecx305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7edx305", "2423");
Found : user_pref("CT2828561.backendstorage./9b+7etx305", "2423");
Found : user_pref("CT2828561.backendstorage./9b-0?3g>d", "6E6F68693F3F71447A7279477320484B777E2551517B7C2A26[...]
Found : user_pref("CT2828561.backendstorage./9b-0?3g@6:5;", "");
Found : user_pref("CT2828561.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332[...]
Found : user_pref("CT2828561.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
Found : user_pref("CT2828561.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D464[...]
Found : user_pref("CT2828561.backendstorage./9b5ba==9cjag", "6B6870726E6F43457A77434578467C4C4B774C4E23");
Found : user_pref("CT2828561.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6B726D6C72727674717373");
Found : user_pref("CT2828561.backendstorage./9b9643g3/9e", "6A");
Found : user_pref("CT2828561.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
Found : user_pref("CT2828561.backendstorage./9b<:222h64<", "393F352F3E");
Found : user_pref("CT2828561.backendstorage./9b=+03eh8h8j?:", "4443");
Found : user_pref("CT2828561.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Found : user_pref("CT2828561.backendstorage./9b?b0d:8aj62<h", "6D");
Found : user_pref("CT2828561.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Found : user_pref("CT2828561.backendstorage.activationstep", "31");
Found : user_pref("CT2828561.backendstorage.autocompletepro_enable", "31");
Found : user_pref("CT2828561.backendstorage.autocompletepro_enable_auto", "31");
Found : user_pref("CT2828561.backendstorage.cbcountry_001", "435A");
Found : user_pref("CT2828561.backendstorage.cbfirsttime", "547565204D617920323220323031322030323A33323A32362[...]
Found : user_pref("CT2828561.backendstorage.cbopenmamsettings", "30");
Found : user_pref("CT2828561.backendstorage.firstrun", "31333136333230393730343837");
Found : user_pref("CT2828561.backendstorage.loadtimes", "31");
Found : user_pref("CT2828561.backendstorage.pg_enable", "74727565");
Found : user_pref("CT2828561.backendstorage.printitgreenstatus", "74727565");
Found : user_pref("CT2828561.backendstorage.shoppingapp.gk.exipres", "53756E204F637420313420323031322030333A[...]
Found : user_pref("CT2828561.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Found : user_pref("CT2828561.components.1000034", false);
Found : user_pref("CT2828561.components.1000082", false);
Found : user_pref("CT2828561.components.129329930679731285", false);
Found : user_pref("CT2828561.ct2828561.AppTrackingLastCheckTime", "Tue May 22 2012 02:32:00 GMT+0200");
Found : user_pref("CT2828561.ct2828561.DialogsAlignMode", "LTR");
Found : user_pref("CT2828561.ct2828561.FeedLastCount129329930679575033", 50);
Found : user_pref("CT2828561.ct2828561.InvalidateCache", false);
Found : user_pref("CT2828561.ct2828561.LanguagePackLastCheckTime", "Tue Feb 12 2013 16:36:33 GMT+0100");
Found : user_pref("CT2828561.ct2828561.Locale", "en");
Found : user_pref("CT2828561.ct2828561.RadioLastCheckTime", "Sun Oct 28 2012 02:22:03 GMT+0200");
Found : user_pref("CT2828561.ct2828561.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2828561.ct2828561.RadioLastUpdateServer", "3");
Found : user_pref("CT2828561.ct2828561.SearchInNewTabLastCheckTime", "Tue Feb 12 2013 16:36:31 GMT+0100");
Found : user_pref("CT2828561.ct2828561.SettingsLastCheckTime", "Tue Feb 12 2013 16:36:31 GMT+0100");
Found : user_pref("CT2828561.ct2828561.SettingsLastUpdate", "1360678346");
Found : user_pref("CT2828561.ct2828561.ThirdPartyComponentsLastCheck", "Tue Feb 12 2013 16:36:30 GMT+0100");
Found : user_pref("CT2828561.ct2828561.ThirdPartyComponentsLastUpdate", "1331805997");
Found : user_pref("CT2828561.ct2828561.globalFirstTimeInfoLastCheckTime", "Thu Feb 07 2013 12:04:19 GMT+0100[...]
Found : user_pref("CT2828561.ct2828561.toolbarAppMetaDataLastCheckTime", "Tue Feb 12 2013 16:36:33 GMT+0100"[...]
Found : user_pref("CT2828561.ct2828561.toolbarContextMenuLastCheckTime", "Thu Feb 07 2013 12:04:19 GMT+0100"[...]
Found : user_pref("CT2828561.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT2828561.globalFirstTimeInfoLastCheckTime", "Sun Sep 18 2011 06:41:57 GMT+0200");
Found : user_pref("CT2828561.homepageProtectorEnableByLogin", true);
Found : user_pref("CT2828561.initDone", true);
Found : user_pref("CT2828561.isAppTrackingManagerOn", false);
Found : user_pref("CT2828561.isFirstRadioInstallation", false);
Found : user_pref("CT2828561.myStuffEnabled", true);
Found : user_pref("CT2828561.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2828561.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2828561.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2828561.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2828561.oldAppsList", "129329930678325020,129329930679106278,111,129329930679262529,129[...]
Found : user_pref("CT2828561.revertSettingsEnabled", true);
Found : user_pref("CT2828561.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT2828561.searchProtectorEnableByLogin", true);
Found : user_pref("CT2828561.testingCtid", "");
Found : user_pref("CT2828561.toolbarAppMetaDataLastCheckTime", "Sun Sep 18 2011 06:41:55 GMT+0200");
Found : user_pref("CT2828561.toolbarContextMenuLastCheckTime", "Sun Sep 18 2011 06:42:09 GMT+0200");
Found : user_pref("CT2828561.undefined", "Sun Sep 18 2011 06:42:09 GMT+0200");
Found : user_pref("CT2828561.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2828561&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Uptodown EN Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/ct2828561/CT2828561[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2828561", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2828561", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2828561",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2828561&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2828561&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/idel.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/minimize.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/play.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/stop.gif", "[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Tapuz/vol.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"0f0[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Fl\\Data aplikací\[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2828561");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2828561");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2828561");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Oct 28 2012 02:22:02 GMT+0200");
Found : user_pref("CommunityToolbar.globalUserId", "b9072ec5-91dd-458f-9f5a-9d18f036bbb0");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2828561");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Feb 07 2013 12:04:1[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Feb 12 2013 16:36:30 GMT+0100");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "a8257146-e9f6-42a1-b4cb-72b4d68fc818");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={6CE034D4-67B8-11E2-9723-0001[...]
Found : user_pref("browser.search.defaultengine", "Web Search");
Found : user_pref("browser.search.defaultenginename", "SweetIM Search");
Found : user_pref("browser.search.defaultthis.engineName", "Uptodown EN Customized Web Search");
Found : user_pref("browser.search.order.1", "Web Search");
Found : user_pref("browser.search.selectedEngine", "SweetIM Search");
Found : user_pref("browser.startup.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-[...]
Found : user_pref("extensions.4fba5e185590a.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Found : user_pref("extensions.BabylonToolbar.admin", false);
Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar.bbDpng", 30);
Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Found : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Found : user_pref("extensions.BabylonToolbar.excTlbr", false);
Found : user_pref("extensions.BabylonToolbar.hmpg", true);
Found : user_pref("extensions.BabylonToolbar.id", "74a6bf56000000000000000129fd799d");
Found : user_pref("extensions.BabylonToolbar.instlDay", "15568");
Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_&q={searchTe[...]
Found : user_pref("extensions.BabylonToolbar.lastDP", 30);
Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.107:35:14");
Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0");
Found : user_pref("extensions.BabylonToolbar.newTab", true);
Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar.propectorlck", 58533137);
Found : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Found : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.4.6");
Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.107:35:14");
Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.4.6");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111789&tt=140812_bandext_3312_1");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "74a6bf56000000000000000129fd799d");
Found : user_pref("extensions.BabylonToolbar_i.id", "74a6bf56000000000000000129fd799d");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15482");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=111789&tt=14081[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.610:08:11");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=make&f=5");
Found : user_pref("extensions.facemoods.aflt", "_#make");
Found : user_pref("extensions.facemoods.dfltSrch", true);
Found : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Found : user_pref("extensions.facemoods.dnsErr", true);
Found : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.first_time", false);
Found : user_pref("extensions.facemoods.hmpg", true);
Found : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=make");
Found : user_pref("extensions.facemoods.id", "_#74a6bf56000000000000000129fd799d");
Found : user_pref("extensions.facemoods.instlDay", "_#15341");
Found : user_pref("extensions.facemoods.mntz", "");
Found : user_pref("extensions.facemoods.newTab", true);
Found : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=make&f=2");
Found : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Found : user_pref("extensions.facemoods.searchProviderAdded", true);
Found : user_pref("extensions.facemoods.sid", "_#56a30c50363445c1a2b9517a61a71881");
Found : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=make&f=3");
Found : user_pref("extensions.facemoods.update", "_#v1.4.0");
Found : user_pref("extensions.facemoods.vrsn", "_#1.4.17.11");
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2828561&SearchSource=2&q=[...]
Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1360683423749");
Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Found : user_pref("sweetim.toolbar.cargo", "3.1010000.10014");
Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Found : user_pref("sweetim.toolbar.cda.returnValue", "hide");
Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Found : user_pref("sweetim.toolbar.mode.debug", "false");
Found : user_pref("sweetim.toolbar.newtab.created", "true");
Found : user_pref("sweetim.toolbar.newtab.enable", "true");
Found : user_pref("sweetim.toolbar.previous.browser.newtab.url", "hxxp://search.babylon.com/?affID=111789&tt[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "QIP Search");
Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsEx[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "QIP Search");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "google.cz");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolba ... on=$ITEM_V[...]
Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(http://www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(http://www.|apps.)?facebook\\.com.*");
Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Found : user_pref("sweetim.toolbar.simapp_id", "{6CE034D4-67B8-11E2-9723-000129FD799D}");
Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE0[...]
Found : user_pref("sweetim.toolbar.version", "1.9.0.0");

File : C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\i4110uih.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\fl2\Data aplikací\Mozilla\Firefox\Profiles\5oi6l9j1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Found [l.11] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}",
Found [l.15] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}" ]
Found [l.1815] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}",
Found [l.2184] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={6CE034D4-67B8-11E2-9723-000129FD799D}" ]

-\\ Opera v12.14.1738.0

File : C:\Documents and Settings\Fl\Data aplikací\Opera\Opera\operaprefs.ini

Found : HostName Web Lookup Address=hxxp://search.icq.com/search/afe_results.php?q=%s&ch_id=osd&icid=opera

File : C:\Documents and Settings\Jirka\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [61216 octets] - [16/02/2013 20:20:03]

########## EOF - C:\AdwCleaner[R1].txt - [61277 octets] ##########

Spusťte znovu ADWCleaner a klikněte na >Delete<. Vložte nový log.

# AdwCleaner v2.109 - Logfile created 02/16/2013 at 23:18:43
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Fl
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\adwcleaner_2.110.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v9.0.1 (en-US)

File : C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\i4110uih.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\fl2\Data aplikací\Mozilla\Firefox\Profiles\5oi6l9j1.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.14.1738.0

File : C:\Documents and Settings\Fl\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

File : C:\Documents and Settings\Jirka\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [61347 octets] - [16/02/2013 20:20:03]
AdwCleaner[R2].txt - [1621 octets] - [16/02/2013 23:18:43]
AdwCleaner[S1].txt - [384 octets] - [16/02/2013 21:13:53]
AdwCleaner[S2].txt - [61504 octets] - [16/02/2013 23:12:37]

########## EOF - C:\AdwCleaner[R2].txt - [1801 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Fl at 2013-02-17 15:40:03
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (16%) free of 20 GB
Total RAM: 1022 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:40:14, on 17-II-2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hotkeyp\HotkeyP.exe
C:\Program Files\Opera\masy.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\wincmd2\TOTALCMD.EXE
C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe
c:\ a\Tor Browser\App\polipo.exe
c:\ a\Tor Browser\App\polipo.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\The KMPlayer\KMPlayer.exe
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Downloads\bomberman\bm95chat.exe
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Fl.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.321.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31 tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O1 - Hosts: 207.200.66.53 liveintercom.com
O1 - Hosts: 71.96.135.20 keenspace.com
O1 - Hosts: 202.51.107.37 jetsoftware.com
O1 - Hosts: 60.251.54.208 jamba.com
O1 - Hosts: 222.161.3.133 ir.com
O1 - Hosts: 200.24.22.170 investopedia.com
O1 - Hosts: 202.149.24.216 choiceradio.com
O1 - Hosts: 91.206.23.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 141.76.45.18 chip.com
O1 - Hosts: 128.006.192.15 redv.net
O1 - Hosts: 194.42.170.124 cgi.com
O1 - Hosts: 199.26.254.66 centcomm.com
O1 - Hosts: 202.149.24.216 digitallook.com
O1 - Hosts: 60.251.19.134 domainfactory.com
O1 - Hosts: 222.161.3.133 dvdfocomm.nu
O1 - Hosts: 157.95.56.15 e-kolay.com
O1 - Hosts: 85.249.23.115 eurosport.com
O1 - Hosts: 189.104.149.61 f1cd.com
O1 - Hosts: 125.162.92.234 free6.com
O1 - Hosts: 80.81.19.20 cdmworldsoftware.com
O1 - Hosts: 117.102.101.219 grafika.com
O1 - Hosts: 85.29.23.115 adware-delete.com
O1 - Hosts: 69.89.221.135 hbv.com
O1 - Hosts: 92.48.21.39 protectorsuite.com
O1 - Hosts: 128.31.1.16 howstuffworks.com
O1 - Hosts: 85.249.23.117 hyena.com
O1 - Hosts: 219.139.158.59 binfo.com204.9.178.11 typepad.com
O1 - Hosts: 74.113.152.32 istockphoto.com
O1 - Hosts: 208.94.0.38 yfrog.com
O1 - Hosts: 63.309.5.102 virustotal.com
O1 - Hosts: 123.125.50.22 126.com
O1 - Hosts: 174.36.28.11 SlideShare.com
O1 - Hosts: 213.238.60.190 xing.com
O1 - Hosts: 59.106.98.139 seesaa.net
O1 - Hosts: 184.72.253.170 hootsuite.com
O1 - Hosts: 211.151.146.16 soku.com
O1 - Hosts: 72.321.120.222 metacafe.com
O1 - Hosts: 9.105.6.98 bitdefender.com
O1 - Hosts: 204.11.109.133 tribalfusion.com
O1 - Hosts: 207.154.14.31 tripadvisor.com
O1 - Hosts: 216.52.240.133 ustream.tv
O1 - Hosts: 174.36.244.132 linkwithin.com
O1 - Hosts: 121.67.203.61 scan.novirusthanks.org
O1 - Hosts: 209.172.34.139 imagevenue.com
O1 - Hosts: 91.206.232.220 booking.com
O1 - Hosts: 118.69.251.6 vnexpress.net
O1 - Hosts: 103.67.101.13 trendmicro.com
O1 - Hosts: 208.85.40.80 pandora.com
O1 - Hosts: 194.116.241.57 softonic.com
O1 - Hosts: 208.83.243.15 match.com
O1 - Hosts: 202.57.69.84 nwt.com
O1 - Hosts: 65.11.53.80 nttnavi.com
O1 - Hosts: 72.51.41.235 nrk.no
O1 - Hosts: 110.16.19.157 nozonedata.com
O1 - Hosts: 76.106.43.251 nachtagenten.com
O1 - Hosts: 195.82.124.124 musicmatch.com
O1 - Hosts: 70.52.56.163 moscowtimes.com
O1 - Hosts: 124.217.235.76 gsn.com
O1 - Hosts: 61.178.63.198 mgd.com
O1 - Hosts: 174.142.24.205 mediastorm.hu
O1 - Hosts: 38.113.207.59 media-servers.com
O1 - Hosts: 116.66.206.161 m5prod.com
O1 - Hosts: 74.175.65.66 lupa.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll (file missing)
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Enterra Icon Keeper] "C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe" ssp /s
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HotkeyP] C:\Program Files\Hotkeyp\HotkeyP.exe 0
O4 - HKCU\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S145.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S1B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [masy] "C:\Program Files\Opera\masy.exe"
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_SCD.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Opera.lnk = C:\Program Files\Opera\opera.exe
O4 - Startup: Total Commander.lnk = C:\Program Files\wincmd2\TOTALCMD.EXE
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: ITE Smart Guardian.lnk = C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.atdhe.net
O15 - Trusted Zone: *.atdhe.net
O15 - Trusted Zone: www.gamedesire.com
O15 - Trusted Zone: http://www.gamedesire.com
O15 - Trusted Zone: *.kb.cz
O15 - Trusted Zone: http://www.mifa.cz
O15 - Trusted Zone: *.mojebanka.cz
O15 - Trusted Zone: http://www.upc.cz
O15 - Trusted Zone: http://www.upcmoviequiz.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Fl/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 12516 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC6_AutoCare.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003UA.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28870265-2bea-4b74-a1e1-81316a9445b6.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 69c47101-635f-46a8-9af7-b9c08f589e77.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/BOARDS,version=1.0]
"Description"=GameDesire Board Games
"Path"=C:\Program Files\Ganymede\Plugins\BOARDS\NPBOARDS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
Ganymede.class
NPBOARDS.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
twitter.xml
wikipedia-cz.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\
4fba5e1855864@4fba5e1855893.info
ascsurfingprotection@iobit.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2012-11-26 50800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartGuardian"=C:\Program Files\ITE\Smart Guardian\ITESmart.exe [2003-09-30 180224]
"iKeyWorks"=C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [2007-06-25 65536]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Enterra Icon Keeper"=C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe [2006-08-18 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"HotkeyP"=C:\Program Files\Hotkeyp\HotkeyP.exe [2008-07-15 65536]
"EPSON S22 Series (kopie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"EPSON S22 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"masy"=C:\Program Files\Opera\masy.exe [2013-02-16 274432]
"MSMSGS"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevWebAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-10-04 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-11-27 1000848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=3
"W32Time"=2
"UPS"=3
"Spooler"=2
"RemoteAccess"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"QipGuard"=2
"nlsvc"=2
"JavaQuickStarterService"=2
"helpsvc"=3
"FastUserSwitchingCompatibility"=3
"Browser"=2
"BITS"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
ITE Smart Guardian.lnk - C:\Program Files\ITE\Smart Guardian\ITESmart.exe

C:\Documents and Settings\Fl\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Opera.lnk - C:\Program Files\Opera\opera.exe
Total Commander.lnk - C:\Program Files\wincmd2\TOTALCMD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"MaxRecentDocs"=9

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Downloads\bomberman\bm95.exe"="C:\Downloads\bomberman\bm95.exe:*:Enabled:bm95"
"E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe"="E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\qip.exe"="C:\Program Files\QIP Infium\qip.exe:*:Enabled:QIP 2012"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe"="C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe:*:Enabled:SweetPacksUpdateManager"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2013-02-16 23:18:43 ----A---- C:\AdwCleaner[R2].txt
2013-02-16 23:12:37 ----A---- C:\AdwCleaner[S2].txt
2013-02-16 21:13:53 ----A---- C:\AdwCleaner[S1].txt
2013-02-16 20:20:03 ----A---- C:\AdwCleaner[R1].txt
2013-02-16 16:15:39 ----D---- C:\rsit
2013-02-16 16:10:17 ----A---- C:\WINDOWS\ntbtlog.txt
2013-02-16 09:15:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\SUPERAntiSpyware.com
2013-02-16 09:15:05 ----D---- C:\Program Files\SUPERAntiSpyware
2013-02-16 09:15:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-02-16 08:29:12 ----D---- C:\Documents and Settings\Fl\Data aplikací\AVG
2013-02-16 08:27:51 ----D---- C:\Program Files\AVG
2013-02-16 05:21:10 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-02-12 16:21:14 ----D---- C:\Program Files\Google
2013-02-07 12:02:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\BANDISOFT
2013-02-07 12:02:15 ----D---- C:\Program Files\Bandicam
2013-02-07 12:02:13 ----D---- C:\Program Files\BandiMPEG1
2013-01-31 23:54:27 ----D---- C:\Program Files\dPilot
2013-01-27 17:13:46 ----D---- C:\Program Files\Keysnitch
2013-01-26 14:55:45 ----A---- C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-01-26 14:06:52 ----D---- C:\ks
2013-01-26 14:02:53 ----D---- C:\Program Files\WideStep Software
2013-01-26 13:07:58 ----A---- C:\WINDOWS\system32\IJL_11.DLL
2013-01-26 12:47:38 ----D---- C:\Program Files\Emsa Save My Work
2013-01-25 17:45:12 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-01-20 12:02:43 ----D---- C:\Program Files\HooTech SWF FLV to MP3 Converter
2013-01-19 08:30:29 ----A---- C:\WINDOWS\AviSplitter.INI

======List of files/folders modified in the last 1 month======

2013-02-17 15:40:06 ----D---- C:\Program Files\trend micro
2013-02-17 15:39:34 ----D---- C:\Documents and Settings\Fl\Data aplikací\uTorrent
2013-02-17 09:12:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-17 05:49:48 ----D---- C:\Program Files\The KMPlayer
2013-02-17 02:54:20 ----D---- C:\ a
2013-02-17 02:54:03 ----AC---- C:\WINDOWS\wincmd.ini
2013-02-17 01:55:01 ----D---- C:\Documents and Settings\Fl\Data aplikací\Skype
2013-02-17 01:15:24 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-16 23:18:41 ----D---- C:\WINDOWS\temp
2013-02-16 23:15:18 ----D---- C:\WINDOWS
2013-02-16 23:12:46 ----SHD---- C:\WINDOWS\Installer
2013-02-16 23:12:46 ----D---- C:\Program Files
2013-02-16 23:12:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-02-16 16:04:26 ----D---- C:\WINDOWS\system32
2013-02-16 09:15:31 ----SD---- C:\WINDOWS\Tasks
2013-02-16 08:56:22 ----D---- C:\WINDOWS\Debug
2013-02-16 08:53:48 ----D---- C:\Documents and Settings\Fl\Data aplikací\Winamp
2013-02-16 08:15:17 ----D---- C:\Program Files\Opera
2013-02-16 08:09:20 ----D---- C:\Config.Msi
2013-02-16 05:21:10 ----D---- C:\WINDOWS\system32\drivers
2013-02-16 05:20:48 ----D---- C:\WINDOWS\WinSxS
2013-02-16 05:18:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-02-13 15:20:35 ----A---- C:\botok.txt
2013-02-12 16:36:25 ----D---- C:\Program Files\Mozilla Firefox
2013-02-08 17:47:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-03 20:02:11 ----D---- C:\WINDOWS\Minidump
2013-02-02 05:13:22 ----D---- C:\Documents and Settings\Fl\Data aplikací\Audacity
2013-01-26 16:34:44 ----HD---- C:\Program Files\Ffysedppico
2013-01-26 16:30:41 ----D---- C:\Program Files\Mioplanet
2013-01-26 16:28:33 ----D---- C:\Program Files\Common Files
2013-01-26 14:55:21 ----D---- C:\Program Files\Java
2013-01-25 10:42:24 ----D---- C:\Downloads
2013-01-22 09:14:34 ----D---- C:\Program Files\ScreenshotCaptor
2013-01-21 14:25:38 ----D---- C:\Documents and Settings\Fl\Data aplikací\Apple Computer
2013-01-21 14:22:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2013-01-21 14:22:21 ----D---- C:\Documents and Settings\Fl\Data aplikací\IObit
2013-01-21 14:22:09 ----D---- C:\Program Files\IObit
2013-01-21 14:20:39 ----D---- C:\Program Files\Windows Doctor
2013-01-20 09:03:44 ----D---- C:\Program Files\PokerOffice5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-08-18 93568]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-14 639224]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2010-09-22 39424]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2011-09-14 4484]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-12-25 14336]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 iteio;iteio; \??\C:\WINDOWS\system32\drivers\iteio.sys []
R3 kbdcap;kbdcap; C:\WINDOWS\system32\drivers\kbdcap.sys [2011-09-24 109440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2011-06-13 2944]
S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBRE.sys []
S2 SCRCAMHRDRV;ScreenCamera HR; C:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S3 aga7rcm2;aga7rcm2; C:\WINDOWS\system32\drivers\aga7rcm2.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
S3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2012-03-15 353096]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpnmouse;cpnmouse; C:\WINDOWS\system32\DRIVERS\cpnmouse.sys [2003-11-28 5162]
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 glavcam;BW Microscope; C:\WINDOWS\system32\DRIVERS\glavcam.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2012-10-20 42512]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-09-18 12984]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2011-11-21 340624]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 wip0202;Wippien Network Adapter; C:\WINDOWS\system32\DRIVERS\wip0202.sys [2007-06-27 23904]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
C:\Documents and Settings\Fl\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
C:\Program Files\Google\Google Toolbar
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1177238915-725345543-1003UA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Fl at 2013-02-17 20:20:19
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (18%) free of 20 GB
Total RAM: 1022 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:22:40, on 17-II-2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hotkeyp\HotkeyP.exe
C:\Program Files\Opera\masy.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\wincmd2\TOTALCMD.EXE
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Updater\Updater.exe
C:\Program Files\trend micro\Fl.exe
C:\Program Files\IObit\Advanced SystemCare 6\DelayLoad.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Enterra Icon Keeper] "C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe" ssp /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HotkeyP] C:\Program Files\Hotkeyp\HotkeyP.exe 0
O4 - HKCU\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S145.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S1B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [masy] "C:\Program Files\Opera\masy.exe"
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_SCD.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Opera.lnk = C:\Program Files\Opera\opera.exe
O4 - Startup: Total Commander.lnk = C:\Program Files\wincmd2\TOTALCMD.EXE
O4 - Global Startup: AutorunsDisabled
O4 - Global Startup: ITE Smart Guardian.lnk = C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: http://www.atdhe.net
O15 - Trusted Zone: *.atdhe.net
O15 - Trusted Zone: www.gamedesire.com
O15 - Trusted Zone: http://www.gamedesire.com
O15 - Trusted Zone: *.kb.cz
O15 - Trusted Zone: http://www.mifa.cz
O15 - Trusted Zone: *.mojebanka.cz
O15 - Trusted Zone: http://www.upc.cz
O15 - Trusted Zone: http://www.upcmoviequiz.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Fl/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 7855 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC6_AutoCare.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28870265-2bea-4b74-a1e1-81316a9445b6.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 69c47101-635f-46a8-9af7-b9c08f589e77.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/BOARDS,version=1.0]
"Description"=GameDesire Board Games
"Path"=C:\Program Files\Ganymede\Plugins\BOARDS\NPBOARDS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
Ganymede.class
NPBOARDS.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
twitter.xml
wikipedia-cz.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\
4fba5e1855864@4fba5e1855893.info
ascsurfingprotection@iobit.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartGuardian"=C:\Program Files\ITE\Smart Guardian\ITESmart.exe [2003-09-30 180224]
"iKeyWorks"=C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [2007-06-25 65536]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Enterra Icon Keeper"=C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe [2006-08-18 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"HotkeyP"=C:\Program Files\Hotkeyp\HotkeyP.exe [2008-07-15 65536]
"EPSON S22 Series (kopie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"EPSON S22 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"masy"=C:\Program Files\Opera\masy.exe [2013-02-16 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast]
C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevWebAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-10-04 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-11-27 1000848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=3
"W32Time"=2
"UPS"=3
"Spooler"=2
"RemoteAccess"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"QipGuard"=2
"nlsvc"=2
"JavaQuickStarterService"=2
"helpsvc"=3
"FastUserSwitchingCompatibility"=3
"Browser"=2
"BITS"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
ITE Smart Guardian.lnk - C:\Program Files\ITE\Smart Guardian\ITESmart.exe

C:\Documents and Settings\Fl\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Opera.lnk - C:\Program Files\Opera\opera.exe
Total Commander.lnk - C:\Program Files\wincmd2\TOTALCMD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"MaxRecentDocs"=9

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Downloads\bomberman\bm95.exe"="C:\Downloads\bomberman\bm95.exe:*:Enabled:bm95"
"E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe"="E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\qip.exe"="C:\Program Files\QIP Infium\qip.exe:*:Enabled:QIP 2012"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2013-02-17 20:17:03 ----D---- C:\_OTM
2013-02-16 23:18:43 ----A---- C:\AdwCleaner[R2].txt
2013-02-16 23:12:37 ----A---- C:\AdwCleaner[S2].txt
2013-02-16 21:13:53 ----A---- C:\AdwCleaner[S1].txt
2013-02-16 20:20:03 ----A---- C:\AdwCleaner[R1].txt
2013-02-16 16:15:39 ----D---- C:\rsit
2013-02-16 09:15:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\SUPERAntiSpyware.com
2013-02-16 09:15:05 ----D---- C:\Program Files\SUPERAntiSpyware
2013-02-16 09:15:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-02-16 08:29:12 ----D---- C:\Documents and Settings\Fl\Data aplikací\AVG
2013-02-16 08:27:51 ----D---- C:\Program Files\AVG
2013-02-16 05:21:10 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-02-12 16:21:14 ----D---- C:\Program Files\Google
2013-02-07 12:02:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\BANDISOFT
2013-02-07 12:02:15 ----D---- C:\Program Files\Bandicam
2013-02-07 12:02:13 ----D---- C:\Program Files\BandiMPEG1
2013-01-31 23:54:27 ----D---- C:\Program Files\dPilot
2013-01-27 17:13:46 ----D---- C:\Program Files\Keysnitch
2013-01-26 14:55:45 ----A---- C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-01-26 14:06:52 ----D---- C:\ks
2013-01-26 14:02:53 ----D---- C:\Program Files\WideStep Software
2013-01-26 13:07:58 ----A---- C:\WINDOWS\system32\IJL_11.DLL
2013-01-26 12:47:38 ----D---- C:\Program Files\Emsa Save My Work
2013-01-25 17:45:12 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-01-20 12:02:43 ----D---- C:\Program Files\HooTech SWF FLV to MP3 Converter
2013-01-19 08:30:29 ----A---- C:\WINDOWS\AviSplitter.INI

======List of files/folders modified in the last 1 month======

2013-02-17 20:22:37 ----D---- C:\Documents and Settings\Fl\Data aplikací\Skype
2013-02-17 20:22:35 ----D---- C:\Program Files\trend micro
2013-02-17 20:22:29 ----D---- C:\WINDOWS\temp
2013-02-17 20:19:40 ----AC---- C:\WINDOWS\wincmd.ini
2013-02-17 20:19:24 ----D---- C:\WINDOWS
2013-02-17 20:19:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-17 20:18:49 ----D---- C:\WINDOWS\Debug
2013-02-17 20:18:08 ----D---- C:\WINDOWS\system32\drivers\etc
2013-02-17 20:18:07 ----D---- C:\WINDOWS\system32
2013-02-17 20:17:09 ----SD---- C:\WINDOWS\Tasks
2013-02-17 20:17:04 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-17 18:33:33 ----D---- C:\Program Files\The KMPlayer
2013-02-17 17:19:56 ----D---- C:\Documents and Settings\Fl\Data aplikací\uTorrent
2013-02-17 02:54:20 ----D---- C:\ a
2013-02-16 23:12:46 ----SHD---- C:\WINDOWS\Installer
2013-02-16 23:12:46 ----D---- C:\Program Files
2013-02-16 23:12:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-02-16 08:53:48 ----D---- C:\Documents and Settings\Fl\Data aplikací\Winamp
2013-02-16 08:15:17 ----D---- C:\Program Files\Opera
2013-02-16 08:09:20 ----D---- C:\Config.Msi
2013-02-16 05:21:10 ----D---- C:\WINDOWS\system32\drivers
2013-02-16 05:20:48 ----D---- C:\WINDOWS\WinSxS
2013-02-16 05:18:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-02-13 15:20:35 ----A---- C:\botok.txt
2013-02-12 16:36:25 ----D---- C:\Program Files\Mozilla Firefox
2013-02-08 17:47:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-03 20:02:11 ----D---- C:\WINDOWS\Minidump
2013-02-02 05:13:22 ----D---- C:\Documents and Settings\Fl\Data aplikací\Audacity
2013-01-26 16:34:44 ----HD---- C:\Program Files\Ffysedppico
2013-01-26 16:30:41 ----D---- C:\Program Files\Mioplanet
2013-01-26 16:28:33 ----D---- C:\Program Files\Common Files
2013-01-26 14:55:21 ----D---- C:\Program Files\Java
2013-01-25 10:42:24 ----D---- C:\Downloads
2013-01-22 09:14:34 ----D---- C:\Program Files\ScreenshotCaptor
2013-01-21 14:25:38 ----D---- C:\Documents and Settings\Fl\Data aplikací\Apple Computer
2013-01-21 14:22:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2013-01-21 14:22:21 ----D---- C:\Documents and Settings\Fl\Data aplikací\IObit
2013-01-21 14:22:09 ----D---- C:\Program Files\IObit
2013-01-21 14:20:39 ----D---- C:\Program Files\Windows Doctor
2013-01-20 09:03:44 ----D---- C:\Program Files\PokerOffice5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-08-18 93568]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-14 639224]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2010-09-22 39424]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2011-09-14 4484]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-12-25 14336]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 iteio;iteio; \??\C:\WINDOWS\system32\drivers\iteio.sys []
R3 kbdcap;kbdcap; C:\WINDOWS\system32\drivers\kbdcap.sys [2011-09-24 109440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2011-06-13 2944]
S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBRE.sys []
S2 SCRCAMHRDRV;ScreenCamera HR; C:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
S3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys []
S3 asd8ql4g;asd8ql4g; C:\WINDOWS\system32\drivers\asd8ql4g.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2012-03-15 353096]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpnmouse;cpnmouse; C:\WINDOWS\system32\DRIVERS\cpnmouse.sys [2003-11-28 5162]
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 glavcam;BW Microscope; C:\WINDOWS\system32\DRIVERS\glavcam.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2012-10-20 42512]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-09-18 12984]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2011-11-21 340624]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 wip0202;Wippien Network Adapter; C:\WINDOWS\system32\DRIVERS\wip0202.sys [2007-06-27 23904]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Dvouklikem na soubor C:\Program Files\trend micro\Fl.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R3 - URLSearchHook: (no name) - {95289393-33EA-4F8D-B952-483415B9C955} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O15 - Trusted Zone: http://www.atdhe.net
O15 - Trusted Zone: *.atdhe.net
O15 - Trusted Zone: www.gamedesire.com
O15 - Trusted Zone: http://www.gamedesire.com
O15 - Trusted Zone: *.kb.cz
O15 - Trusted Zone: http://www.mifa.cz
O15 - Trusted Zone: *.mojebanka.cz
O15 - Trusted Zone: http://www.upc.cz
O15 - Trusted Zone: http://www.upcmoviequiz.com

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.

Toť vše? Už jsem vyištěn? Můžu se zeptat co bych měl používat za antivir? Zkoušel jsem avast ale nevyhovoval mi, blokoval mi i věci který jsem tam chtěl mít, třeba i torrenty považoval za viry a mazal je. Přidával jsem tam stále dokola výjimky a i přesto to nezabíralo. Doporučtě prosím nějaké jiné Antiviry, prípadně i firewall a další programy pro kontrolu neřádů v PC, který bych zvládnul já sám a nepotřeboval navigaci

Díky za pomoc.

Tady ještě pro jistotu log z rsit

Logfile of random's system information tool 1.09 (written by random/random)
Run by Fl at 2013-02-18 17:04:10
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (18%) free of 20 GB
Total RAM: 1022 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:04:14, on 18-II-2013
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ITE\Smart Guardian\ITESmart.exe
C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hotkeyp\HotkeyP.exe
C:\Program Files\Opera\masy.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\wincmd2\TOTALCMD.EXE
C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Opera\Opera\temporary_downloads\RSIT.exe
C:\Program Files\trend micro\Fl.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [SmartGuardian] C:\Program Files\ITE\Smart Guardian\ITESmart.exe
O4 - HKLM\..\Run: [iKeyWorks] C:\Program Files\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Enterra Icon Keeper] "C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe" ssp /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [HotkeyP] C:\Program Files\Hotkeyp\HotkeyP.exe 0
O4 - HKCU\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S145.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\DOCUME~1\Fl\LOCALS~1\Temp\E_S1B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [masy] "C:\Program Files\Opera\masy.exe"
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [EPSON S22 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_SCD.tmp" /EF "HKCU" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EPSON S22 Series (kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE /FU "C:\WINDOWS\TEMP\E_S13D.tmp" /EF "HKCU" (User 'Default user')
O4 - Startup: AutorunsDisabled
O4 - Startup: Opera.lnk = C:\Program Files\Opera\opera.exe
O4 - Startup: Total Commander.lnk = C:\Program Files\wincmd2\TOTALCMD.EXE
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/Fl/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 7095 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ASC6_AutoCare.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 28870265-2bea-4b74-a1e1-81316a9445b6.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 69c47101-635f-46a8-9af7-b9c08f589e77.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.149 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0]
"Description"=DivX® Content Upload Plugin
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/BOARDS,version=1.0]
"Description"=GameDesire Board Games
"Path"=C:\Program Files\Ganymede\Plugins\BOARDS\NPBOARDS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ganymede/GanymedeNetPlugin,version=1.0]
"Description"=npganymedenet
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@IObit.com/np_Asc_Plugin]
"Description"=Advanced SystemCare Surfing Protection
"Path"=C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\np_Asc_plugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.11.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
Ganymede.class
NPBOARDS.dll

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
bing.xml
eBay.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
twitter.xml
wikipedia-cz.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Fl\Data aplikací\Mozilla\Firefox\Profiles\mxergbfw.default\extensions\
4fba5e1855864@4fba5e1855893.info
ascsurfingprotection@iobit.com
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL [2012-10-11 662400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartGuardian"=C:\Program Files\ITE\Smart Guardian\ITESmart.exe [2003-09-30 180224]
"iKeyWorks"=C:\Program Files\A4Tech\Keyboard\Ikeymain.exe [2007-06-25 65536]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Enterra Icon Keeper"=C:\Program Files\Enterra\Icon Keeper\IcnKeepr.exe [2006-08-18 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"HotkeyP"=C:\Program Files\Hotkeyp\HotkeyP.exe [2008-07-15 65536]
"EPSON S22 Series (kopie 1)"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"EPSON S22 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGEE.EXE [2009-09-14 200704]
"masy"=C:\Program Files\Opera\masy.exe [2013-02-16 274432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 4]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DevWebAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Fl\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-11-04 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-11-27 1000848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ITE Smart Guardian.lnk]
C:\PROGRA~1\ITE\SMARTG~1\ITESmart.exe [2003-09-30 180224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=3
"W32Time"=2
"UPS"=3
"Spooler"=2
"RemoteAccess"=3
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"QipGuard"=2
"nlsvc"=2
"JavaQuickStarterService"=2
"helpsvc"=3
"FastUserSwitchingCompatibility"=3
"Browser"=2
"BITS"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled

C:\Documents and Settings\Fl\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Opera.lnk - C:\Program Files\Opera\opera.exe
Total Commander.lnk - C:\Program Files\wincmd2\TOTALCMD.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"MaxRecentDocs"=9

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoResolveTrack"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Downloads\bomberman\bm95.exe"="C:\Downloads\bomberman\bm95.exe:*:Enabled:bm95"
"E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe"="E:\Programy\Optimalizace systému\solutoinstaller reseni pomaleho bootovani.exe:*:Enabled:SolutoInstaller"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Fl\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\StrongDC++\StrongDC.exe"="C:\Program Files\StrongDC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP Infium\qip.exe"="C:\Program Files\QIP Infium\qip.exe:*:Enabled:QIP 2012"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======List of files/folders created in the last 1 month======

2013-02-18 17:04:10 ----D---- C:\rsit
2013-02-16 09:15:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\SUPERAntiSpyware.com
2013-02-16 09:15:05 ----D---- C:\Program Files\SUPERAntiSpyware
2013-02-16 09:15:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-02-16 08:29:12 ----D---- C:\Documents and Settings\Fl\Data aplikací\AVG
2013-02-16 08:27:51 ----D---- C:\Program Files\AVG
2013-02-16 05:21:10 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2013-02-12 16:21:14 ----D---- C:\Program Files\Google
2013-02-07 12:02:23 ----D---- C:\Documents and Settings\Fl\Data aplikací\BANDISOFT
2013-02-07 12:02:15 ----D---- C:\Program Files\Bandicam
2013-02-07 12:02:13 ----D---- C:\Program Files\BandiMPEG1
2013-01-31 23:54:27 ----D---- C:\Program Files\dPilot
2013-01-27 17:13:46 ----D---- C:\Program Files\Keysnitch
2013-01-26 14:55:45 ----A---- C:\WINDOWS\system32\TempWmicBatchFile.bat
2013-01-26 14:06:52 ----D---- C:\ks
2013-01-26 14:02:53 ----D---- C:\Program Files\WideStep Software
2013-01-26 13:07:58 ----A---- C:\WINDOWS\system32\IJL_11.DLL
2013-01-26 12:47:38 ----D---- C:\Program Files\Emsa Save My Work
2013-01-25 17:45:12 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-01-20 12:02:43 ----D---- C:\Program Files\HooTech SWF FLV to MP3 Converter
2013-01-19 08:30:29 ----A---- C:\WINDOWS\AviSplitter.INI

======List of files/folders modified in the last 1 month======

2013-02-18 17:04:12 ----D---- C:\Program Files\trend micro
2013-02-18 17:03:55 ----D---- C:\Documents and Settings\Fl\Data aplikací\uTorrent
2013-02-18 16:56:45 ----D---- C:\WINDOWS\temp
2013-02-18 16:53:40 ----AC---- C:\WINDOWS\wincmd.ini
2013-02-18 16:52:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-18 16:52:18 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-18 16:51:41 ----D---- C:\WINDOWS
2013-02-18 02:29:54 ----D---- C:\Program Files\xRay
2013-02-18 02:29:54 ----D---- C:\Program Files\Ganymede
2013-02-18 00:44:56 ----D---- C:\Program Files\The KMPlayer
2013-02-17 22:54:07 ----A---- C:\botok.txt
2013-02-17 21:47:14 ----D---- C:\Documents and Settings\Fl\Data aplikací\Skype
2013-02-17 20:23:57 ----D---- C:\WINDOWS\pss
2013-02-17 20:18:56 ----D---- C:\WINDOWS\Debug
2013-02-17 20:18:08 ----D---- C:\WINDOWS\system32\drivers\etc
2013-02-17 20:18:07 ----D---- C:\WINDOWS\system32
2013-02-17 20:17:09 ----SD---- C:\WINDOWS\Tasks
2013-02-17 02:54:20 ----D---- C:\ a
2013-02-16 23:12:46 ----SHD---- C:\WINDOWS\Installer
2013-02-16 23:12:46 ----D---- C:\Program Files
2013-02-16 23:12:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-02-16 08:53:48 ----D---- C:\Documents and Settings\Fl\Data aplikací\Winamp
2013-02-16 08:15:17 ----D---- C:\Program Files\Opera
2013-02-16 08:09:20 ----D---- C:\Config.Msi
2013-02-16 05:21:10 ----D---- C:\WINDOWS\system32\drivers
2013-02-16 05:20:48 ----D---- C:\WINDOWS\WinSxS
2013-02-16 05:18:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-02-12 16:36:25 ----D---- C:\Program Files\Mozilla Firefox
2013-02-08 17:47:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-03 20:02:11 ----D---- C:\WINDOWS\Minidump
2013-02-02 05:13:22 ----D---- C:\Documents and Settings\Fl\Data aplikací\Audacity
2013-01-26 16:34:44 ----HD---- C:\Program Files\Ffysedppico
2013-01-26 16:30:41 ----D---- C:\Program Files\Mioplanet
2013-01-26 16:28:33 ----D---- C:\Program Files\Common Files
2013-01-26 14:55:21 ----D---- C:\Program Files\Java
2013-01-25 10:42:24 ----D---- C:\Downloads
2013-01-22 09:14:34 ----D---- C:\Program Files\ScreenshotCaptor
2013-01-21 14:25:38 ----D---- C:\Documents and Settings\Fl\Data aplikací\Apple Computer
2013-01-21 14:22:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2013-01-21 14:22:21 ----D---- C:\Documents and Settings\Fl\Data aplikací\IObit
2013-01-21 14:22:09 ----D---- C:\Program Files\IObit
2013-01-21 14:20:39 ----D---- C:\Program Files\Windows Doctor
2013-01-20 09:03:44 ----D---- C:\Program Files\PokerOffice5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2005-08-18 93568]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-02-14 639224]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2010-09-22 39424]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 cpuidlep;CpuIdle Pro System Driver; C:\WINDOWS\system32\drivers\cpuidlep.sys [2011-09-14 4484]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 PfFilter;PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys []
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-12-25 14336]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 iteio;iteio; \??\C:\WINDOWS\system32\drivers\iteio.sys []
R3 kbdcap;kbdcap; C:\WINDOWS\system32\drivers\kbdcap.sys [2011-09-24 109440]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-09-30 13056]
R3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2004-08-17 12416]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2011-05-26 298016]
S1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2011-06-13 2944]
S1 SBRE;SBRE; C:\WINDOWS\system32\drivers\SBRE.sys []
S2 SCRCAMHRDRV;ScreenCamera HR; C:\WINDOWS\system32\DRIVERS\SCRCAMHRDRV.sys [2010-03-01 234800]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
S3 appliandMP;appliandMP; C:\WINDOWS\system32\DRIVERS\appliand.sys []
S3 ax3am3fz;ax3am3fz; C:\WINDOWS\system32\drivers\ax3am3fz.sys []
S3 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2012-03-15 353096]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cpnmouse;cpnmouse; C:\WINDOWS\system32\DRIVERS\cpnmouse.sys [2003-11-28 5162]
S3 cpuz135;cpuz135; \??\C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys []
S3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys []
S3 glavcam;BW Microscope; C:\WINDOWS\system32\DRIVERS\glavcam.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;Netgroup Packet Filter; C:\WINDOWS\system32\drivers\npf.sys [2012-10-20 42512]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-09-30 34048]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2006-10-13 163584]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-09-18 12984]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\TRUFOS.sys [2011-11-21 340624]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 wip0202;Wippien Network Adapter; C:\WINDOWS\system32\DRIVERS\wip0202.sys [2007-06-27 23904]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-31 464256]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 OODefragAgent;O&O Defrag Agent; C:\Program Files\OO Software\Defrag\oodag.exe [2010-09-10 2320712]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 IMFservice;IMF Service; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-06-01 821080]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-01 1526080]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Log již vypadá čistý. V PC máte Avast, je to slušný AV. Pokud by příkiš brzdil systém (je celkem náročný na syst. prostředky), zkuste Aviru: http://www.avira.com/en/avira-free-antivirus . Má nižší nároky, je free a slušnou detekci. Není ale, bohužel, v češtině.