VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2013-07-19 21:34:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 82 GB (34%) free of 238 GB
Total RAM: 1535 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:27, on 19.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe
C:\Program Files\Expresso\ExtensionUpdaterService.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Update\NASvc.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Program Files\AVG\AVG9\avgam.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\D-Link\DWA-125 revA\AirNCFG.exe
C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Admin\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?AF=100815&ba ... 0476963389
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: TBSB02843 - {22E4A387-EBFC-442B-B46A-4E7957176FE0} - C:\Program Files\Facicons\tbcore3.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O2 - BHO: Expresso Helper - {A6629839-6636-4998-95D6-2B0F52141861} - C:\Program Files\Expresso\Extension32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Facicons - {7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - C:\Program Files\Facicons\tbcore3.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [RMAlert] "C:\Program Files\Registry Mechanic\Alert.exe" /PRODUCT=RM /R
O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirNCFG.exe
O4 - HKLM\..\Run: [D-Link DWA-125 WZCSLDR2] C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5179893265
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5179956484
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) - Wireless Service - C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe
O23 - Service: D_Link_DWA-125_WPS Service (D_Link_DWA-125_WPS) - Unknown owner - C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe
O23 - Service: Expresso Updater - Unknown owner - C:\Program Files\Expresso\ExtensionUpdaterService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
O24 - Desktop Component 0: (no name) - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 7317_n.jpg

--
End of file - 15220 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
C:\WINDOWS\tasks\RMSchedule.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default

prefs.js - "browser.startup.homepage" - "http://search.babylon.com/?AF=100815&ba ... 0476963389"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.911, avg@igeared:6.103.018.001, ffxtlbr@babylon.com:1.2.0, {A6629839-6636-4998-95D6-2B0F52141861}:2.0.0.410, {DDABDBA1-2377-4A30-A027-25697B99E254}:3.1, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, toolbar@ask.com:3.6.9.127, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.18"
prefs.js - "keyword.URL" - "http://search.babylon.com/?AF=100815&ba ... 6963389&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG9\Firefox
"avg@igeared"=C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"avg@toolbar"=C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\FireFoxExt\15.3.0.11
"{A6629839-6636-4998-95D6-2B0F52141861}"=C:\Program Files\Expresso\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
npnul32.dll
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
avg-secure-search.xml
avg_igeared.xml
babylon.xml
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\extensions\
ffxtlbr@babylon.com
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{DDABDBA1-2377-4A30-A027-25697B99E254}

C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22E4A387-EBFC-442B-B46A-4E7957176FE0}]
TBSB02843 Class - C:\Program Files\Facicons\tbcore3.dll [2010-06-18 2604032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2009-06-17 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll [2011-08-14 270960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2011-03-22 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6629839-6636-4998-95D6-2B0F52141861}]
Expresso - C:\Program Files\Expresso\Extension32.dll [2012-03-05 138240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-21 192592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-02-16 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2009-06-17 491520]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - Facicons - C:\Program Files\Facicons\tbcore3.dll [2010-06-18 2604032]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll [2011-08-14 237680]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-06-21 192592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-02-07 40960]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-10-04 28672]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"WinFast Schedule"=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [2003-12-09 159744]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2012-01-27 2077536]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-06-30 2236080]
"RMAlert"=C:\Program Files\Registry Mechanic\Alert.exe [2010-09-16 1016792]
"D-Link D-Link DWA-125"=C:\Program Files\D-Link\DWA-125 revA\AirNCFG.exe [2011-06-10 1074496]
"D-Link DWA-125 WZCSLDR2"=C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe [2010-07-12 122880]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2005-12-20 94208]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-01-01 15360]
"OEXPRESS"=C:\WINDOWS\OETRN.EXE [2009-06-17 26624]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-19 39408]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-12 136176]
"Facebook Update"=C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2013-03-29 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-03 19603048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-11-17 171464]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2010-11-16 172856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Quick Launch]
C:\Program Files\mozilla.org\Mozilla\Mozilla.exe [2006-04-14 98192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2013-06-03 19603048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-19 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-04-10 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2005-11-08 278528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"xmlprov"=3
"WZCSVC"=2
"WMPNetworkSvc"=3
"RemoteRegistry"=2
"RDSessMgr"=3
"RasMan"=3
"RasAuto"=3
"nvsvc"=2
"IDriverT"=3
"ICQ Service"=2
"gusvc"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-06-22 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG8\avgam.exe"="C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG8\avgdiag.exe"="C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe"
"C:\Program Files\AVG\AVG8\avgdiagex.exe"="C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\InterVideo\DVD7\WinDVD.exe"="C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe"="C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application"
"E:\Program Files\Workshop\wkserver.exe"="E:\Program Files\Workshop\wkserver.exe:*:Enabled:Sybase Inc. Product File"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG9\avgam.exe"="C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe"="C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe"="C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe:*:Enabled:Ufonuv fofr internet"
"D:\EasySetupAssistant\fscommand\EasySetupAssistant.exe"="D:\EasySetupAssistant\fscommand\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"
"C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\game.exe"="C:\Program Files\Valve\game.exe:*:Enabled:Game Launcher by Martin.cz"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-07-19 21:35:00 ----D---- C:\Program Files\trend micro
2013-07-19 21:34:59 ----D---- C:\rsit
2013-07-13 11:06:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-13 11:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-07-13 10:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2850851$
2013-07-13 10:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-07-12 19:02:03 ----A---- C:\PA7302.DAT
2013-07-12 18:56:46 ----N---- C:\WINDOWS\system32\Remover.ini
2013-07-12 18:56:46 ----N---- C:\WINDOWS\system32\Remove.exe
2013-07-12 18:56:45 ----A---- C:\WINDOWS\system32\drivers\PAC7302.SYS
2013-07-12 18:56:45 ----A---- C:\WINDOWS\system32\CoInst_070910.dll
2013-07-12 18:56:42 ----D---- C:\Program Files\Aecotech
2013-07-12 18:56:41 ----A---- C:\WINDOWS\system32\SP7302.ini
2013-07-12 18:56:40 ----A---- C:\WINDOWS\system32\P7302USD.dll
2013-07-12 18:56:39 ----D---- C:\WINDOWS\PixArt
2013-07-12 18:56:39 ----D---- C:\Program Files\Common Files\PAC7302
2013-07-12 18:29:35 ----D---- C:\Program Files\ArcSoft
2013-07-07 03:24:54 ----HDC---- C:\WINDOWS\ie8
2013-07-07 03:07:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2013-07-07 03:07:35 ----A---- C:\WINDOWS\imsins.BAK
2013-07-07 03:07:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2838727$
2013-07-05 15:12:48 ----D---- C:\Program Files\Valve
2013-07-05 12:54:15 ----D---- C:\Documents and Settings\Admin\Data aplikací\TeamViewer
2013-07-05 12:06:43 ----D---- C:\Program Files\Common Files\Skype
2013-06-22 06:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2839229$

======List of files/folders modified in the last 1 month======

2013-07-19 21:35:00 ----RD---- C:\Program Files
2013-07-19 21:34:57 ----D---- C:\WINDOWS\Prefetch
2013-07-19 21:34:44 ----D---- C:\WINDOWS\Temp
2013-07-19 21:16:09 ----D---- C:\Documents and Settings\Admin\Data aplikací\Skype
2013-07-19 19:44:18 ----D---- C:\WINDOWS\system32\drivers\Avg
2013-07-19 19:41:15 ----A---- C:\WINDOWS\NeroDigital.ini
2013-07-19 19:24:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-07-19 19:14:32 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-07-19 17:24:02 ----SHD---- C:\WINDOWS\Installer
2013-07-19 16:55:34 ----HD---- C:\Program Files\InstallShield Installation Information
2013-07-14 21:57:16 ----D---- C:\Program Files\Mozilla Firefox
2013-07-14 19:27:25 ----A---- C:\WINDOWS\win.ini
2013-07-14 19:25:36 ----HD---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
2013-07-13 12:34:07 ----D---- C:\WINDOWS
2013-07-13 12:31:13 ----D---- C:\WINDOWS\system32
2013-07-13 12:31:13 ----D---- C:\Program Files\Microsoft Silverlight
2013-07-13 11:49:13 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-13 11:49:09 ----RSD---- C:\WINDOWS\assembly
2013-07-13 11:06:59 ----HD---- C:\WINDOWS\inf
2013-07-13 11:00:49 ----D---- C:\WINDOWS\WinSxS
2013-07-13 10:54:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-07-13 10:40:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-13 10:26:59 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-13 10:22:26 ----D---- C:\Program Files\Internet Explorer
2013-07-13 10:22:15 ----D---- C:\WINDOWS\ie8updates
2013-07-13 10:16:12 ----D---- C:\WINDOWS\system32\CatRoot
2013-07-13 10:15:11 ----D---- C:\WINDOWS\system32\XPSViewer
2013-07-13 10:11:25 ----D---- C:\WINDOWS\system32\CatRoot2
2013-07-12 18:57:55 ----D---- C:\WINDOWS\system32\drivers
2013-07-12 18:56:41 ----D---- C:\WINDOWS\twain_32
2013-07-12 18:56:39 ----D---- C:\Program Files\Common Files
2013-07-12 18:29:34 ----D---- C:\Program Files\Common Files\ArcSoft
2013-07-07 03:48:27 ----D---- C:\WINDOWS\system32\cs-cz
2013-07-07 03:48:26 ----D---- C:\WINDOWS\Help
2013-07-07 03:28:14 ----HD---- C:\WINDOWS\$hf_mig$
2013-07-07 03:26:38 ----D---- C:\WINDOWS\WBEM
2013-07-07 03:26:24 ----D---- C:\WINDOWS\Media
2013-07-07 03:17:52 ----D---- C:\WINDOWS\Debug
2013-07-06 14:02:03 ----SHD---- C:\System Volume Information
2013-07-06 12:51:16 ----D---- C:\Program Files\UberSoldier
2013-07-05 14:04:11 ----D---- C:\WINDOWS\system32\wbem
2013-07-05 13:36:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2013-07-05 13:36:31 ----SD---- C:\WINDOWS\Tasks
2013-07-05 13:36:31 ----D---- C:\Program Files\Common Files\Symantec Shared
2013-07-05 13:33:04 ----D---- C:\Program Files\InterVideo
2013-07-05 13:30:51 ----D---- C:\WINDOWS\system32\appmgmt
2013-07-05 13:25:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2013-07-05 13:24:46 ----D---- C:\Program Files\DivX
2013-07-05 13:22:58 ----D---- C:\Program Files\Burn
2013-07-05 12:08:33 ----RD---- C:\Program Files\Skype
2013-07-05 12:08:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-06-30 13:44:50 ----D---- C:\WINDOWS\system32\cache
2013-06-30 13:44:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2013-06-30 13:44:03 ----D---- C:\Program Files\AVG Secure Search
2013-06-23 11:38:03 ----D---- C:\WINDOWS\Minidump
2013-06-23 09:29:47 ----D---- C:\Documents and Settings\Admin\Data aplikací\ArcSoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-04-19 52872]
R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2002-09-06 13568]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-17 685816]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-01-01 41600]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2013-02-16 226016]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-09-12 29712]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-05-05 243152]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2000-02-03 24608]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 ANPD;ANPD Service; \??\C:\WINDOWS\system32\ANPD.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-01-01 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-01-01 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-01-01 55936]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\WINDOWS\system32\drivers\wf88vcap.sys [2003-09-17 197908]
R2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\WINDOWS\system32\drivers\WF88XBAR.sys [2003-09-17 10405]
R2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\WINDOWS\system32\drivers\WF88TUNE.sys [2003-09-17 34422]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-03-22 114944]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-03-22 835636]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-03-22 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-03-22 211724]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-03-22 156604]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-03-22 991656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2013-02-08 12648960]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-01-01 163584]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-03-22 195432]
R3 PAC7302;PC VGA Camer@ Plus; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-09-10 457984]
R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Drt2870.sys [2011-04-25 1174976]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-01-01 12288]
R3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S2 CX23880;WinFast CX2388x WDM Video Capture.; C:\WINDOWS\system32\drivers\cx88vid.sys [2006-10-18 162944]
S2 CXAVXBAR;WinFast CX2388x WDM Crossbar.; C:\WINDOWS\system32\drivers\cxavxbar.sys [2006-10-18 9728]
S2 CXTUNE;WinFast CX2388x WDM TVTuner.; C:\WINDOWS\system32\drivers\CX88TUNE.sys [2006-10-18 50816]
S3 ai9drl3g;ai9drl3g; C:\WINDOWS\system32\drivers\ai9drl3g.sys []
S3 Axtmvflt;Axesstel USB Filter Service; C:\WINDOWS\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\WINDOWS\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\WINDOWS\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 DCamUSBSTK02H;STK02H Camera; C:\WINDOWS\system32\DRIVERS\STK02HW2.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-09-23 80896]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-01-01 5888]
S3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-12-08 8718848]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-01-01 14336]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-22 308136]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2000-06-29 52224]
R2 D_Link_DWA-125_WPS;D_Link_DWA-125_WPS Service; C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe [2010-07-12 53248]
R2 Expresso Updater;Expresso Updater; C:\Program Files\Expresso\ExtensionUpdaterService.exe [2012-03-05 183296]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-01-01 14336]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-10-01 632792]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-06-30 1598128]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-01-01 14336]
S2 D_Link_DWA-125;D_Link_DWA-125 Service; C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe [2010-07-12 126976]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Microsoft Windows XP x86
Ran by Admin on p  19.07.2013 at 22:08:45,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] icq service
Successfully deleted: [Service] icq service



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value]

HKEY_USERS\S-1-5-21-1060284298-1972579041-1606980848-1003\Software\Microsoft\Internet

Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\icq service.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\viprotocol.dll
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{09c554c3-109b-483c-a06b-f14172f1a947}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{1fdff5a2-7bb1-48e1-8081-7236812b12b2}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{35c1605e-438b-4d64-aab1-8885f097a9b1}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{b12e99ed-69bd-437c-86be-c862b9e5444d}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{bb711cb0-c70b-482e-9852-ec05ebd71dbb}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{bdb69379-802f-4eaf-b541-f8de92dd98db}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\appid\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{291bccc1-6890-484a-89d3-318c928dac1b}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{3ca2f312-6f6e-4b53-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{933b95e2-e7b7-4ad9-b952-7ac336682ae3}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{97f2ff5b-260c-4ccf-834a-2dda4e29e39e}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{98889811-442d-49dd-99d7-dc866be87dbc}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{b658800c-f66e-4ef3-ab85-6c0c227862a9}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{b8276a94-891d-453c-9ff3-715c042a2575}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{cc5ad34c-6f10-4cb3-b74a-c2dd4d5060a3}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{de9028d0-5ffa-4e69-94e3-89ee8741f468}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{f25af245-4a81-40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\clsid\{ffb9adcb-8c79-4c29-81d3-74d46a93d370}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\escort.escortiepane.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.babylonesrvc.1
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{01221fcc-4bfb-461c-b08c-f6d2df309921}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{03e2a1f3-4402-4121-8b35-733216d61217}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{44c3c1db-2127-433c-98ec-4c9412b5fc3a}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{4d5132dd-bb2b-4249-b5e0-d145a8c982e1}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{4e92db5f-aad9-49d3-8eab-b40cbe5b1ff7}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{706d4a4b-184a-4434-b331-296b07493d2d}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{8be10f21-185f-4ca0-b789-9921674c3993}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{94c0b25d-3359-4b10-b227-f96a77db773f}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{9e3b11f6-4179-4603-a71b-a55f4bcb0bec}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{b0b75fba-7288-4fd3-a9eb-7ee27fa65599}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{b173667f-8395-4317-8dd6-45ad1fe00047}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{b32672b3-f656-46e0-b584-fe61c0bb6037}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{bfe569f7-646c-4512-969b-9be3e580d393}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{c2434722-5c85-4ca0-ba69-1b67e7ab3d68}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{c2996524-2187-441f-a398-cd6cb6b3d020}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{c401d2ce-dc27-45c7-bc0c-8e6ea7f085d6}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{e047e227-5342-4d94-80f7-cfb154bf55bd}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{e3f79be9-24d4-4f4d-8c13-df2c9899f82e}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\interface\{e77eef95-3e83-4bb8-9c0d-4a5163774997}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{4e1e9d45-8bf9-4139-915c-9f83cc3d5921}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{6e8bf012-2c85-4834-b10a-1b31af173d70}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{74fb6afd-dd77-4ceb-83bd-ab2b63e63c93}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{9c049ba6-ea47-4ac3-aed6-a66d8dc9e1d8}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{c2ac8a0e-e48e-484b-a71c-c7a937faab94}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\typelib\{d7ee8177-d51e-4f89-92b6-83ea2ec40800}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{2eecd738-5844-4a99

-b4b6-146bf802613b}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{3ca2f312-6f6e-4b53

-a66e-4e65e497c8c0}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{95b7759c-8c7f-4bf1

-b163-73684a933233}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\settings\{98889811-442d-49dd

-99d7-dc866be87dbc}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{2eecd738-5844-4a99-b4

b6-146bf802613b}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{3ca2f312-6f6e-4b53-a6

6e-4e65e497c8c0}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{95b7759c-8c7f-4bf1-b1

63-73684a933233}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{98889811-442d-49dd-99

d7-dc866be87dbc}
Successfully deleted: [Registry Key]

HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\stats\{f25af245-4a81-40dc-92

f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\b
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\babylon.dskbnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylnapp.appcore.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\escort.escrtbtn.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\icqtoolbar.iehook.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{c6fdd0c3-266a-

4dc3-b459-28c697c44cdc}
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Microsoft\windows\currentversion\ext\preapproved\{f25af245-4a81-

40dc-92f9-e9021f207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02843.IEToolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02843.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02843.TBSB02843
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TBSB02843.TBSB02843.3
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB02843
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Toolbar3.TBSB02843.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB02843.IEToolbar
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\classes\TBSB02843.IEToolbar.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\TBSB02843.TBSB02843
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\classes\TBSB02843.TBSB02843.3
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar3.TBSB02843
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\classes\Toolbar3.TBSB02843.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet

Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet

Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Successfully deleted: [Registry Key]

HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key]

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper

Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\asktoolbarinfo"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\asktoolbar"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\classes\interface\{ac71b60e-94c9-4ede-ba46-e146747bb67e}"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\0e12f736682067fde4d1158d5940a82e"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\1a24b5bb8521b03e0c8d908f5abc0ae6"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\261f213d1f55267499b1f87d0cc3bcf7"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\2b0d56c4f4c46d844a57ffed6f0d2852"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\49d4375fe41653242aea4c969e4e65e0"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\6aa0923513360135b272e8289c5f13fa"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\6f7467af8f29c134cbbab394eccfde96"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\741b4adf27276464790022c965ab6da8"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\7de196b10195f5647a2b21b761f3de01"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\922525dcc5199162f8935747ca3d8e59"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\9d4f5849367142e4685ed8c25e44c5ed"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\a5875b04372c19545beb90d4d606c472"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\a876d9e80b896ec44a8620248cc79296"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\b66ffab725b92594c986de826a867888"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\bcda179d619b91648538e3394cac94cc"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\d677b1a9671d4d4004f6f2a4469e86ea"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\dd1402a9dd4215a43abde169a41afa0e"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\e36e114a0ead2ad46b381d23ad69cddf"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\co

mponents\ef8e618db3aedfbb384561b5c548f65e"
Successfully deleted: [Registry Key]

"hkey_local_machine\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\pr

oducts\a28b4d68debaa244eb686953b7074fef"



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\conduitengine.tmp"
Successfully deleted: [File] "C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data

aplikacˇ\babylontoolbar"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\registry

mechanic"
Successfully deleted: [Folder] "C:\Documents and Settings\Admin\Data aplikacˇ\toolbar4"
Successfully deleted: [Folder] "C:\Program Files\babylontoolbar"
Successfully deleted: [Folder] "C:\Program Files\icq6toolbar"
Successfully deleted: [Folder] "C:\Program Files\registry mechanic"
Successfully deleted: [Folder] "C:\Program Files\ask.com"
Successfully deleted: [Folder] "C:\WINDOWS\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files\Mozilla

Firefox\searchplugins\avg_igeared.xml"
Successfully deleted: [File] "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Documents and Settings\Admin\Data

aplikacˇ\mozilla\firefox\profiles\363bct70.default\user.js
Successfully deleted: [File] C:\Documents and Settings\Admin\Data

aplikacˇ\mozilla\firefox\profiles\363bct70.default\searchplugins\conduit.xml
Successfully deleted: [Folder] C:\Documents and Settings\Admin\Data

aplikacˇ\mozilla\firefox\profiles\363bct70.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Documents and Settings\Admin\Data

aplikacˇ\mozilla\firefox\profiles\363bct70.default\extensions\toolbar@ask.com
Successfully deleted the following from C:\Documents and Settings\Admin\Data

aplikacˇ\mozilla\firefox\profiles\363bct70.default\prefs.js

user_pref("CT1750559..clientLogIsEnabled", false);
user_pref("CT1750559..clientLogServiceUrl",

"hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT1750559..uninstallLogServiceUrl",

"hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT1750559.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT1750559.CurrentServerDate", "5-7-2013");
user_pref("CT1750559.DialogsAlignMode", "LTR");
user_pref("CT1750559.DownloadReferralCookieData", "");
user_pref("CT1750559.FirstServerDate", "10-6-2013");
user_pref("CT1750559.FirstTimeFF3", true);
user_pref("CT1750559.GroupingServerCheckInterval", 1440);
user_pref("CT1750559.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT1750559.HasUserGlobalKeys", true);
user_pref("CT1750559.Initialize", true);
user_pref("CT1750559.InitializeCommonPrefs", true);
user_pref("CT1750559.InstallationAndCookieDataSentCount", 3);
user_pref("CT1750559.InstallationType", "UnknownIntegration");
user_pref("CT1750559.InstalledDate", "Thu Jul 04 2013 17:49:35 GMT+0200");
user_pref("CT1750559.InvalidateCache", false);
user_pref("CT1750559.IsGrouping", false);
user_pref("CT1750559.IsMulticommunity", false);
user_pref("CT1750559.IsOpenThankYouPage", true);
user_pref("CT1750559.IsOpenUninstallPage", true);
user_pref("CT1750559.LanguagePackLastCheckTime", "Thu Jul 04 2013 17:49:35 GMT+0200");
user_pref("CT1750559.LanguagePackReloadIntervalMM", 1440);
user_pref("CT1750559.LanguagePackServiceUrl",

"hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT1750559.LastLogin_3.2.5.2", "Fri Jul 05 2013 13:20:42 GMT+0200");
user_pref("CT1750559.LatestVersion", "3.18.0.7");
user_pref("CT1750559.Locale", "en-us");
user_pref("CT1750559.MCDetectTooltipHeight", "83");
user_pref("CT1750559.MCDetectTooltipUrl",

"hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT1750559.MCDetectTooltipWidth", "295");
user_pref("CT1750559.RadioIsPodcast", false);
user_pref("CT1750559.RadioLastCheckTime", "Thu Jul 04 2013 17:50:32 GMT+0200");
user_pref("CT1750559.RadioLastUpdateIPServer", "3");
user_pref("CT1750559.RadioLastUpdateServer", "128929877726170000");
user_pref("CT1750559.RadioMediaID", "11237206");
user_pref("CT1750559.RadioMediaType", "Media Player");
user_pref("CT1750559.RadioMenuSelectedID", "EBRadioMenu_CT175055911237206");
user_pref("CT1750559.RadioStationName", "1.FM%20Dance");
user_pref("CT1750559.RadioStationURL", "hxxp://dance.1.fm/energydance128k?MSWMExt=.asf");
user_pref("CT1750559.SearchFromAddressBarIsInit", true);
user_pref("CT1750559.SearchInNewTabEnabled", true);
user_pref("CT1750559.SearchInNewTabIntervalMM", 1440);
user_pref("CT1750559.SearchInNewTabLastCheckTime", "Thu Jul 04 2013 17:49:32 GMT+0200");
user_pref("CT1750559.SearchInNewTabServiceUrl",

"hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT1750559.SearchInNewTabUsageUrl",

"hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT1750559.ServiceMapLastCheckTime", "Thu Jul 04 2013 17:49:32 GMT+0200");
user_pref("CT1750559.SettingsLastCheckTime", "Fri Jul 05 2013 13:20:30 GMT+0200");
user_pref("CT1750559.SettingsLastUpdate", "1373011875");
user_pref("CT1750559.ThirdPartyComponentsInterval", 504);
user_pref("CT1750559.ThirdPartyComponentsLastCheck", "Thu Jul 04 2013 17:49:31 GMT+0200");
user_pref("CT1750559.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT1750559.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT1750559.UserID", "UN01815642633750625");
user_pref("CT1750559.WeatherNetwork", "");
user_pref("CT1750559.WeatherPollDate", "Thu Jul 04 2013 19:03:44 GMT+0200");
user_pref("CT1750559.WeatherUnit", "C");
user_pref("CT1750559.alertChannelId", "31130");
user_pref("CT1750559.backendstorage.appbuttondisablenull", "30");
user_pref("CT1750559.backendstorage.twitter_v1.8.0_twitter_app_open_t_f", "66616C7365");
user_pref("CT1750559.myStuffEnabled", true);
user_pref("CT1750559.myStuffPublihserMinWidth", 400);
user_pref("CT1750559.myStuffSearchUrl",

"hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid

=EB_ORIGINAL_CTID");
user_pref("CT1750559.myStuffServiceIntervalMM", 1440);
user_pref("CT1750559.myStuffServiceUrl",

"hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GU

ID&lut=EB_MY_STUFF_LUT");
user_pref("CT1750559.testingCtid", "");
user_pref("CT1750559.toolbarAppMetaDataLastCheckTime", "Thu Jul 04 2013 17:49:35 GMT+0200");
user_pref("CT1750559.toolbarContextMenuLastCheckTime", "Mon Jun 10 2013 17:22:25 GMT+0200");
user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1750559/C

T1750559", "\"710b6fc55d2d2c690757b81cabbe02193\"");
user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT17

50559", "\"1357730213\"");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Gotte

nApps&locale=EB_LOCALE", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Gotte

nApps&locale=en-us&ctid=CT1750559", "G9mW7heT/8xIX1frcduu0A==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Other

Apps&locale=EB_LOCALE", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Other

Apps&locale=en-us&ctid=CT1750559", "2E1/v7EfCEDbv3VaBQMELg==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Share

dApps&locale=EB_LOCALE", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Share

dApps&locale=en-us&ctid=CT1750559", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolb

ar&locale=EB_LOCALE", "4BgM4MhF/sOgPsDNmIs3Yw==");
user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolb

ar&locale=en-us&ctid=CT1750559", "4BgM4MhF/sOgPsDNmIs3Yw==");
user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/",

"\"dbe4460d95840339477519b3f77dc11a\"");
user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-

us", "\"37cae905d6c911507a93cb3c3c88c87f\"");
user_pref("CommunityToolbar.EngineOwner", "CT1750559");
user_pref("CommunityToolbar.EngineOwnerGuid", "{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "bs_player");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT1750559");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid",

"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bs_player");
user_pref("CommunityToolbar.ToolbarsList", "CT1750559");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jul 04 2013 17:49:31

GMT+0200");
user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jul 04 2013 17:49:31 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "67478e29-9ecf-46f5-ac20-a6b9e70ae3f5");
user_pref("browser.startup.homepage",

"hxxp://search.babylon.com/?AF=100815&babsrc=HP_ss&mntrId=6ca0d730000000000000000476963389")

;
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=100815");
user_pref("extensions.BabylonToolbar.bbDpng", 14);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "6ca0d730000000000000000476963389");
user_pref("extensions.BabylonToolbar.instlDay", "15610");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl",

"hxxp://search.babylon.com/?AF=100815&babsrc=adbartrp&mntrId=6ca0d73000000000000000047696338

9&q=");
user_pref("extensions.BabylonToolbar.lastDP", 14);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1720:31:23");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.0");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 112391888);
user_pref("extensions.BabylonToolbar.prtkHmpg", 1);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1720:31:23");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100815");
user_pref("extensions.BabylonToolbar_i.hardId", "6ca0d730000000000000000476963389");
user_pref("extensions.BabylonToolbar_i.id", "6ca0d730000000000000000476963389");
user_pref("extensions.BabylonToolbar_i.instlDay", "15610");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:31:23");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.asktb.nero.userName", "");
user_pref("keyword.URL",

"hxxp://search.babylon.com/?AF=100815&babsrc=adbartrp&mntrId=6ca0d73000000000000000047696338

9&q=");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  19.07.2013 at 22:13:09,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ted jeste AdwCleaner

# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 10:36:15
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Admin - ASUS-AMD2600
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Admin\Dokumenty\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Admin\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\Admin\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\Conduit
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AVG Security Toolbar
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\All Users\Nabídka Start\Programy\registry mechanic
Složka Nalezeno : C:\Program Files\AVG Secure Search
Složka Nalezeno : C:\Program Files\Common Files\AVG Secure Search
Soubor Nalezeno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\.autoreg
Soubor Nalezeno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\AVG Security Toolbar
Klíe Nalezeno : HKCU\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Nalezeno : HKCU\Software\TBSB02843
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\SOFTWARE\Software
Klíe Nalezeno : HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Mozilla Firefox v3.0.18 (cs)

Soubor : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.43] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Nalezeno [l.46] : keyword = "babylon.com",
Nalezeno [l.50] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&AF=100815&babsrc=SP_ss&mntrId=6ca0d730000000000000000476963389",

*************************

AdwCleaner[R1].txt - [11080 octets] - [20/07/2013 10:36:15]

########## EOF - C:\AdwCleaner[R1].txt - [11141 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 10:49:21
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Admin - ASUS-AMD2600
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Admin\Dokumenty\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Admin\Data aplikací\AskToolbar
Složka Vymazáno : C:\Documents and Settings\Admin\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\Conduit
Složka Vymazáno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AskToolbar
Složka Vymazáno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\AVG Security Toolbar
Složka Vymazáno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\Babylon
Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\All Users\Nabídka Start\Programy\registry mechanic
Složka Vymazáno : C:\Program Files\AVG Secure Search
Soubor Vymazáno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin-1.xml
Soubor Vymazáno : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\searchplugins\icqplugin-2.xml
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\.autoreg
Soubor Vymazáno : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Vymazáno poi restartu : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Vymazáno poi restartu : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\AVG Security Toolbar
Klíe Vymazáno : HKCU\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Klíe Vymazáno : HKCU\Software\TBSB02843
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Klíe Vymazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\SOFTWARE\Software

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v3.0.18 (cs)

Soubor : C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.43] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Vymazáno [l.46] : keyword = "babylon.com",
Vymazáno [l.50] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&AF=100815&babsrc=SP_ss&mntrId=6ca0d7[...]

*************************

AdwCleaner[R1].txt - [11211 octets] - [20/07/2013 10:36:15]
AdwCleaner[S1].txt - [11008 octets] - [20/07/2013 10:49:21]

########## EOF - C:\AdwCleaner[S1].txt - [11069 octets] ##########

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
• Zaskrtnete okenko Pro vsechny uzivatele
• Zaskrtnete okenko Kontrola na havet "LOP"
• Zaskrtnete okenko Kontrola na havet "Purity"
• Stari souboru zmente z 30 dnu na 7 dnu
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  CREATERESTOREPOINT
  
  netsvcs
  drivers32
  savembr:0
  
  /md5start
  atapi.sys
  autochk.exe
  cdrom.sys
  explorer.exe
  hal.dll
  scecli.dll
  services.exe
  svchost.exe
  tcpip.sys
  userinit.exe
  winlogon.exe
  /md5stop
  
  %systemroot%*.* /U /s
  %SYSTEMDRIVE%\*.exe
  %ALLUSERSPROFILE%\Application Data\*.
  %ALLUSERSPROFILE%\Application Data\*.exe /s
  %APPDATA%\*.
  %APPDATA%\*.exe /s
  %systemroot%\*. /mp /s
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\Tasks\*.job
  %systemroot%\system32\drivers\*.sys /lockedfiles
  %systemroot%\System32\config\*.sav
  %systemroot%\system32\*.dll /lockedfiles
  %systemroot%\system32\drivers\*.sys /3
  %systemroot%\system32\*.* /3
  %SYSTEMDRIVE%\*.exe
  
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
  
  %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
  %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
  %PROGRAMFILES%\Opera\opera.exe /md5
  %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
  
  %SystemDrive%\PhysicalMBR.bin /md5 
  
  *crack* /s
  *keygen* /s
  *loader* /s

• Kliknete na tlacitko Prohledat
• Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
• Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

extras

OTL Extras logfile created on: 20.7.2013 11:05:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 41,36% Memory free
2,11 Gb Paging File | 1,11 Gb Available in Paging File | 52,66% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 79,93 Gb Free Space | 34,32% Space Free | Partition Type: NTFS
Drive E: | 37,26 Gb Total Space | 30,06 Gb Free Space | 80,69% Space Free | Partition Type: NTFS

Computer Name: ASUS-AMD2600 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = MozillaHTML] -- C:\Program Files\mozilla.org\Mozilla\mozilla.exe (Mozilla Foundation)

[HKEY_USERS\S-1-5-21-1060284298-1972579041-1606980848-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"1740:UDP" = 1740:UDP:*:Enabled:Windows Media Format SDK (chrome.exe)
"1741:UDP" = 1741:UDP:*:Enabled:Windows Media Format SDK (chrome.exe)
"1743:UDP" = 1743:UDP:*:Enabled:Windows Media Format SDK (chrome.exe)

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG8\avgam.exe" = C:\Program Files\AVG\AVG8\avgam.exe:*:Enabled:avgam.exe
"C:\Program Files\AVG\AVG8\avgdiag.exe" = C:\Program Files\AVG\AVG8\avgdiag.exe:*:Enabled:avgdiag.exe
"C:\Program Files\AVG\AVG8\avgdiagex.exe" = C:\Program Files\AVG\AVG8\avgdiagex.exe:*:Enabled:avgdiagex.exe
"C:\Program Files\AVG\AVG8\avgnsx.exe" = C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe
"C:\Program Files\AVG\AVG8\avgemc.exe" = C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe
"C:\Program Files\AVG\AVG8\avgupd.exe" = C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe
"C:\Program Files\InterVideo\DVD7\WinDVD.exe" = C:\Program Files\InterVideo\DVD7\WinDVD.exe:*:Enabled:WinDVD -- (InterVideo Inc.)
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe" = C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application
"E:\Program Files\Workshop\wkserver.exe" = E:\Program Files\Workshop\wkserver.exe:*:Enabled:Sybase Inc. Product File
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\AVG\AVG9\avgam.exe" = C:\Program Files\AVG\AVG9\avgam.exe:*:Enabled:avgam.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgdiagex.exe" = C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MP.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe" = C:\Program Files\Activision\Wolfenstein\MP\Wolf2MPLite.exe:*:Enabled:Wolfenstein(TM) -- (Activision)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe" = C:\Program Files\Axesstel\Axesstel Manager\AxessManager.exe:*:Enabled:Ufonuv fofr internet -- ()
"D:\EasySetupAssistant\fscommand\EasySetupAssistant.exe" = D:\EasySetupAssistant\fscommand\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant
"C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin -- (Skype Limited)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\Valve\hl.exe" = C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Valve\game.exe" = C:\Program Files\Valve\game.exe:*:Enabled:Game Launcher by Martin.cz


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03EB63EB-EA39-438F-A639-DEB5244257CC}" = InfoMapa 14
"{10627FCE-B1C9-4E78-AFCA-5AAE11774442}" = Anglický překladový slovník Lingea pro MS Office 2003
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{546C143E-68DC-314D-97BC-1E454E3BA429}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5E65E94D-69F2-4850-9E93-6459C53A0F50}" = Microsoft .NET Framework 1.1 Czech Language Pack
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7155CD53-9C57-4178-B7F3-77E18336DF14}" = Axesstel RF Status Monitor
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80682344-770B-46CB-B0FF-6A7620B37CBA}" = XP Repair Pro 2006
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2C1E44-7685-4D05-8342-B0DC6422FA47}" = Ulead Disc-Direct SDK
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90885A82-9673-49EA-AB39-AF776639C67C}" = InterVideo WinDVD 7
"{9115E7DB-3B29-445A-802D-11E0AA945B7F}" = Sound Blaster Live!
"{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"{95392E65-0900-0001-3030-1EEC2624019E}" = InterVideo Promotion Agent
"{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"{A182077A-8D6B-4194-B48A-B4DC37C69907}" = RealSpeak Solo for UK English Emily
"{A2C9CD1B-2551-3AED-B244-6698FB929FA6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A59AB961-BE82-41E0-B0FB-648DFA6DDEA4}" = PC VGA Camer@ Plus
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A6629839-6636-4998-95D6-2B0F52141861}_is1" = Expresso 2.0.0.410
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{B3236C7B-455E-4CDB-B3E1-7A2190B054BC}" = ArcSoft WebCam Companion 3
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{BE4AA694-815A-4045-BD49-C94F2BED7458}" = WinFast Entertainment Center(WDM Driver)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C82185E8-C27B-4EF4-2007-3333BC2C2B6D}" = Microsoft AutoRoute 2007
"{C882DE6B-1482-42D6-A7C2-A9F946EDBAF6}" = WinFast PVR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D52FF3E5-C0D1-4504-80DA-5FE188507083}" = PhoenixRC
"{D98C9637-93DA-44DB-B73A-B11A1192AB26}" = GameShadow
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E45CACFE-0576-4375-A84F-C34B99A7B652}" = D-Link DWA-125
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = MSI Star Cam 370i
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AVG9Uninstall" = AVG 9.0
"CCleaner" = CCleaner (remove only)
"Easy CD-DA Extractor 10" = Easy CD-DA Extractor 10
"Easy DVD Shrink" = Easy DVD Shrink
"Facicons" = Facicons
"ie8" = Windows Internet Explorer 8
"InstallShield_{91C514E8-C92E-48E4-BDEE-DE3407837194}" = Wolfenstein(TM) 1.2 Patch
"InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}" = Silent Hunter III
"InstallShield_{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}" = Wolfenstein(TM) 1.1 Patch
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"InterActual Player" = InterActual Player
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.6
"klvideoconvert_is1" = K-Lite Video Conversion Pack 1.4.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla (1.7.13)" = Mozilla (1.7.13)
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"Mpeg2Decoder_is1" = Mpeg2Decoder 1.3
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"NVIDIAnForce" = NVIDIA Ovladače nForce pro Windows 2000/XP
"PC Translator" = PC Translator
"Red Ocean_is1" = Red Ocean
"Registry Mechanic_is1" = Registry Mechanic 10.0
"Sin Episodes: Emerg." = Sin Episodes: Emerg. CZ
"Totalcmd" = Total Commander (Remove or Repair)
"UberSoldier" = UberSoldier
"Universum AZ" = Universum A-Z
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WorkshopCD" = WorkshopCD
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1060284298-1972579041-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6.7.2013 20:30:47 | Computer Name = ASUS-AMD2600 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 6.7.2013 20:30:47 | Computer Name = ASUS-AMD2600 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 6.7.2013 20:35:16 | Computer Name = ASUS-AMD2600 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{7B849a69-220F-451E-B3FE-2CB811AF94AE} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 6.7.2013 20:35:16 | Computer Name = ASUS-AMD2600 | Source = Userenv | ID = 1041
Description = Systém Windows se nemůže dotazovat na položku registru DllName pro
{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} a nebude načtena. Příčinou je zřejmě chybná
registrace.

Error - 12.7.2013 12:59:55 | Computer Name = ASUS-AMD2600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AMCap.exe, verze 9.0.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2013 12:59:55 | Computer Name = ASUS-AMD2600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AMCap.exe, verze 9.0.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2013 12:59:56 | Computer Name = ASUS-AMD2600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AMCap.exe, verze 9.0.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2013 12:59:56 | Computer Name = ASUS-AMD2600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AMCap.exe, verze 9.0.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2013 12:59:58 | Computer Name = ASUS-AMD2600 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace AMCap.exe, verze 9.0.0.1, zablokovaný modul hungapp,
verze 0.0.0.0, adresa bloku 0x00000000.

Error - 12.7.2013 13:00:01 | Computer Name = ASUS-AMD2600 | Source = Application Error | ID = 1000
Description = Chybující aplikace amcap.exe, verze 9.0.0.1, chybující modul quartz.dll,
verze 6.5.2600.6333, adresa chyby 0x00084300.

[ System Events ]
Error - 19.7.2013 16:09:04 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7034
Description = Služba ICQ Service byla neočekávaně ukončena. Tento stav nastal již
1krát.

Error - 19.7.2013 16:09:10 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7034
Description = Služba Expresso Updater byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 20.7.2013 2:10:07 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%1058

Error - 20.7.2013 2:10:07 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.7.2013 2:10:07 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.7.2013 2:06:55 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7024
Description = Služba Směrování a vzdálený přístup ukončena s chybou 711 (0x2C7),
specifickou pro službu.

Error - 20.7.2013 4:52:00 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Video Capture. neuspěla při spuštění v
důsledku následující chyby: %%1058

Error - 20.7.2013 4:52:00 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM Crossbar. neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.7.2013 4:52:00 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7000
Description = Služba WinFast CX2388x WDM TVTuner. neuspěla při spuštění v důsledku
následující chyby: %%1058

Error - 20.7.2013 4:53:44 | Computer Name = ASUS-AMD2600 | Source = Service Control Manager | ID = 7024
Description = Služba Směrování a vzdálený přístup ukončena s chybou 711 (0x2C7),
specifickou pro službu.


< End of report >

OTL logfile created on: 20.7.2013 11:05:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,50 Gb Total Physical Memory | 0,62 Gb Available Physical Memory | 41,36% Memory free
2,11 Gb Paging File | 1,11 Gb Available in Paging File | 52,66% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 79,93 Gb Free Space | 34,32% Space Free | Partition Type: NTFS
Drive E: | 37,26 Gb Total Space | 30,06 Gb Free Space | 80,69% Space Free | Partition Type: NTFS

Computer Name: ASUS-AMD2600 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.07.20 11:03:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Dokumenty\Downloads\OTL.exe
PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2013.07.12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013.06.30 13:43:53 | 001,598,128 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
PRC - [2012.03.05 14:15:46 | 000,183,296 | ---- | M] () -- C:\Program Files\Expresso\ExtensionUpdaterService.exe
PRC - [2012.01.27 12:55:32 | 002,077,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2011.06.10 11:36:30 | 001,074,496 | ---- | M] (D-Link Corp.) -- C:\Program Files\D-Link\DWA-125 revA\AirNCFG.exe
PRC - [2010.11.25 10:27:26 | 000,725,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010.10.27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010.10.01 14:27:22 | 000,632,792 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2010.09.21 09:37:04 | 000,621,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010.07.12 15:39:24 | 000,122,880 | ---- | M] (Wireless Service) -- C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe
PRC - [2010.07.12 15:39:24 | 000,053,248 | ---- | M] () -- C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe
PRC - [2010.06.22 09:28:56 | 000,515,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010.06.22 09:28:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010.06.22 09:28:45 | 001,101,152 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010.06.22 09:28:41 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgam.exe
PRC - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Update\NASvc.exe
PRC - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.06.17 08:58:49 | 000,026,624 | ---- | M] () -- C:\WINDOWS\OETRN.EXE
PRC - [2008.01.01 01:01:01 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\PixArt\PAC7302\Monitor.exe
PRC - [2005.12.20 14:39:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
PRC - [2005.11.08 02:31:48 | 000,278,528 | ---- | M] (InterVideo Inc.) -- C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
PRC - [2005.09.05 15:55:08 | 000,339,968 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe
PRC - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2003.12.09 17:21:56 | 000,159,744 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
PRC - [2002.02.07 20:01:24 | 000,040,960 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTHELPER.EXE
PRC - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) -- C:\WINDOWS\system32\Crypserv.exe


========== Modules (No Company Name) ==========

MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013.07.12 20:49:43 | 013,599,184 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013.07.12 20:48:52 | 000,601,552 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\libglesv2.dll
MOD - [2013.07.12 20:48:51 | 000,123,344 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\libegl.dll
MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013.02.16 20:39:34 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANPDApi.dll
MOD - [2012.03.05 14:15:46 | 000,183,296 | ---- | M] () -- C:\Program Files\Expresso\ExtensionUpdaterService.exe
MOD - [2010.07.12 15:39:24 | 000,053,248 | ---- | M] () -- C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe
MOD - [2010.05.13 11:58:00 | 000,294,912 | ---- | M] () -- C:\Program Files\D-Link\DWA-125 revA\wlanapp.dll
MOD - [2009.06.17 08:58:49 | 000,200,704 | ---- | M] () -- C:\WINDOWS\TRNOET.DLL
MOD - [2009.06.17 08:58:49 | 000,045,056 | ---- | M] () -- C:\WINDOWS\TRNOEH.DLL
MOD - [2009.06.17 08:58:49 | 000,026,624 | ---- | M] () -- C:\WINDOWS\OETRN.EXE
MOD - [2008.01.01 01:01:01 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.12.20 14:39:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe
MOD - [2005.09.05 15:55:08 | 000,339,968 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.07.12 14:37:18 | 003,289,472 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013.06.30 13:43:53 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
SRV - [2013.06.03 16:21:54 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.05 14:15:46 | 000,183,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Expresso\ExtensionUpdaterService.exe -- (Expresso Updater)
SRV - [2011.11.10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.10.01 14:27:22 | 000,632,792 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010.07.12 15:39:24 | 000,126,976 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe -- (D_Link_DWA-125)
SRV - [2010.07.12 15:39:24 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Program Files\D-Link\DWA-125 revA\ANIWConnService.exe -- (D_Link_DWA-125_WPS)
SRV - [2010.06.22 09:28:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.05.04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2004.12.13 04:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2000.06.29 10:45:10 | 000,052,224 | ---- | M] (Kenonic Controls Ltd.) [Auto | Running] -- C:\WINDOWS\System32\Crypserv.exe -- (Crypkey License)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\STK02HW2.sys -- (DCamUSBSTK02H)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (as46oixc)
DRV - [2013.06.30 13:43:56 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013.02.16 21:54:27 | 000,226,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2013.02.16 20:39:34 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANPD.SYS -- (ANPD)
DRV - [2011.09.12 21:18:04 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2011.05.05 16:26:08 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2011.04.25 11:31:12 | 001,174,976 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Drt2870.sys -- (rt2870)
DRV - [2010.04.19 13:55:52 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009.06.17 09:31:08 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.01.01 01:01:01 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.01.01 01:01:01 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.01.01 01:01:01 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2007.09.10 08:50:56 | 000,457,984 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007.03.26 08:25:50 | 000,038,784 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvprt.sys -- (Axtmvprt)
DRV - [2007.03.26 08:25:30 | 000,040,064 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvmdm.sys -- (Axtmvmdm)
DRV - [2007.03.22 10:36:38 | 000,003,456 | ---- | M] (Axesstel) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\axtmvflt.sys -- (Axtmvflt)
DRV - [2006.10.18 11:38:38 | 000,009,728 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cxavxbar.sys -- (CXAVXBAR)
DRV - [2006.10.18 11:37:56 | 000,050,816 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cx88tune.sys -- (CXTUNE)
DRV - [2006.10.18 11:37:26 | 000,162,944 | ---- | M] (Leadtek Research Inc.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\cx88vid.sys -- (CX23880)
DRV - [2005.12.08 11:09:32 | 008,718,848 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3)
DRV - [2003.09.17 11:01:00 | 000,010,405 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\WF88XBAR.sys -- (WF88XBAR)
DRV - [2003.09.17 11:00:58 | 000,197,908 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf88vcap.sys -- (WF23880)
DRV - [2003.09.17 11:00:54 | 000,034,422 | ---- | M] (Copyright @2000-2006 Leadtek Research Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\wf88tune.sys -- (WFTUNE)
DRV - [2003.09.10 09:53:08 | 000,009,510 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\WinFast\WFTVFM\WFIOCTL.sys -- (WFIOCTL)
DRV - [2002.09.23 10:37:00 | 000,080,896 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NVENET.sys -- (NVENET)
DRV - [2002.09.06 11:24:00 | 000,013,568 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2002.03.22 14:10:58 | 000,991,656 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2002.03.22 14:10:20 | 000,156,604 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\EMUPIA2K.SYS -- (emupia)
DRV - [2002.03.22 14:10:10 | 000,211,724 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTSFM2K.SYS -- (ctsfm2k)
DRV - [2002.03.22 14:09:54 | 000,011,068 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTPRXY2K.SYS -- (ctprxy2k)
DRV - [2002.03.22 14:09:52 | 000,195,432 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2002.03.22 14:09:40 | 000,835,636 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k)
DRV - [2002.03.22 14:08:12 | 000,114,944 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CTAC32K.SYS -- (ctac32k)
DRV - [2001.08.17 20:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman)
DRV - [2001.08.17 20:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1)
DRV - [2001.08.17 20:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k)
DRV - [2001.08.17 20:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001.08.17 20:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
DRV - [2000.02.03 21:53:12 | 000,024,608 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX)
DRV - [1999.12.17 03:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [1999.09.10 13:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{C4F23BD0-D337-4565-AEE6-69378B701FEA}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011.09.12 21:18:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2011.05.09 19:36:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A6629839-6636-4998-95D6-2B0F52141861}: C:\Program Files\Expresso\Firefox [2012.06.07 19:33:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2013.07.05 13:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2013.07.12 18:23:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.07.05 13:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.12 18:23:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Components: C:\Program Files\mozilla.org\Mozilla\Components [2013.07.05 13:39:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla 1.7.13\Extensions\\Plugins: C:\Program Files\mozilla.org\Mozilla\Plugins [2013.07.12 18:23:50 | 000,000,000 | ---D | M]

[2009.10.11 11:45:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Extensions
[2013.07.19 22:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\extensions
[2009.11.07 15:34:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.06 09:10:54 | 000,000,000 | ---D | M] (Facicons) -- C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\363bct70.default\extensions\{DDABDBA1-2377-4A30-A027-25697B99E254}
[2013.07.05 13:19:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.22 20:34:16 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013.07.20 04:53:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.07.05 12:08:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.07.20 04:53:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\{DDABDBA1-2377-4A30-A027-25697B99E254}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
[2011.09.12 21:18:11 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
[2011.05.09 19:36:20 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
[2012.06.07 19:33:12 | 000,000,000 | ---D | M] (Expresso) -- C:\PROGRAM FILES\EXPRESSO\FIREFOX
[2009.06.17 09:35:28 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009.11.27 14:58:27 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2009.11.27 14:58:27 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2009.11.27 14:58:28 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2009.11.27 14:58:28 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2009.11.27 14:58:28 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Search the web (Babylon) (Enabled)
CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTer ... 0476963389
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\28.0.1500.72\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Admin\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Expresso = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhdmjeclekijlogbipdlifcmgoanoemm\2.0.0.410_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.10.0.13089_0\
CHR - Extension: Facicons = C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\phgfmgiomenimmnlploaapnolonfdgpg\5.0.0_0\

O1 HOSTS File: ([2009.06.16 15:28:02 | 000,000,736 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (TBSB02843 Class) - {22E4A387-EBFC-442B-B46A-4E7957176FE0} - C:\Program Files\Facicons\tbcore3.dll ()
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
O2 - BHO: (Expresso) - {A6629839-6636-4998-95D6-2B0F52141861} - C:\Program Files\Expresso\Extension32.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Facicons) - {7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - C:\Program Files\Facicons\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\Toolbar\WebBrowser: (Facicons) - {7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - C:\Program Files\Facicons\tbcore3.dll ()
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirNCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [D-Link DWA-125 WZCSLDR2] C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [Jet Detection] C:\Program Files\Creative\SBLive\Program\ADGJDet.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RMAlert] "C:\Program Files\Registry Mechanic\Alert.exe" /PRODUCT=RM /R File not found
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [WINDVDPatch] C:\WINDOWS\System32\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003..\Run: [Facebook Update] C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE ()
O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe (InterVideo Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: WikiKomentáře Google... - File not found
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupda ... 5179893265 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 5179956484 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}: DhcpNameServer = 192.168.2.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - (avgrsstx.dll) - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O24 - Desktop Components:0 () - http://sphotos.ak.fbcdn.net/hphotos-ak- ... 7317_n.jpg
O24 - Desktop Components:1 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2009.06.16 19:19:21 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013.02.16 21:28:59 | 000,000,095 | ---- | M] () - E:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.07.19 22:08:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.07.19 21:35:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.07.19 21:34:59 | 000,000,000 | ---D | C] -- C:\rsit
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.07.20 11:10:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.07.20 10:53:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.07.20 10:52:01 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}
[2013.07.20 10:51:52 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}
[2013.07.20 10:51:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.20 10:51:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013.07.20 10:51:14 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,024,888 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,016,420 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2013.07.20 10:51:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2013.07.20 10:51:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCStateBkp-{00000001-00000000-00000008-00001102-00000002-80641102}.dat
[2013.07.20 10:51:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000001-00000000-00000008-00001102-00000002-80641102}.dat
[2013.07.20 10:51:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.07.20 10:50:04 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2013.07.20 10:30:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2013.07.20 10:30:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2013.07.20 10:24:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.20 03:45:46 | 127,677,058 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2013.07.19 19:41:15 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.07.19 19:14:32 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2013.07.19 16:50:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2013.07.13 12:31:14 | 000,271,784 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.07.20 11:10:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.07.12 18:56:46 | 000,000,769 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2013.07.12 18:56:41 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.ini
[2013.05.27 19:16:27 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2013.05.27 19:16:26 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2013.05.27 19:16:26 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2013.04.05 18:10:44 | 008,718,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys
[2013.04.05 18:10:44 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2013.04.05 18:10:44 | 000,094,208 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2013.04.05 18:10:44 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2013.04.05 18:10:41 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2013.04.05 18:10:41 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2013.04.05 18:10:41 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2013.04.05 18:10:41 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe
[2013.03.30 17:01:31 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\vsnpstd3.dll
[2013.02.16 20:40:43 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Admin\Data aplikací\ANICONFIG_{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}.ini
[2013.02.16 20:39:34 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANPDApi.dll
[2013.02.16 20:39:34 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANPD64.SYS
[2013.02.16 20:39:34 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANPD.SYS
[2013.02.16 20:38:44 | 000,014,119 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2013.02.08 05:03:08 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.02.16 00:49:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2009.06.19 18:15:40 | 000,038,400 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.17 20:39:22 | 000,002,876 | ---- | C] () -- C:\Documents and Settings\Admin\FMCodec.dat
[2009.06.17 10:04:31 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Data aplikací\fusioncache.dat

========== ZeroAccess Check ==========

[2009.06.16 21:28:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2013.04.26 03:59:11 | 001,510,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.01.01 01:01:01 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009.11.08 00:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BSplayer Pro
[2011.04.24 08:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.06.17 09:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InterVideo
[2013.07.05 12:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TeamViewer
[2009.06.16 21:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2009.08.28 20:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2009.06.17 09:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Zoner
[2010.02.06 16:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
[2011.03.22 22:57:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2013.07.20 10:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2013.07.19 19:14:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.06.17 20:58:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2009.09.12 21:25:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\WorkshopCD

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.06.16 19:17:15 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.06.16 19:31:28 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2010.02.02 09:39:12 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2010.02.02 09:39:13 | 000,000,940 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2010.05.21 21:07:46 | 000,000,974 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2010.05.21 21:07:47 | 000,001,026 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2011.03.23 08:49:45 | 000,000,254 | ---- | C] () -- C:\WINDOWS\Tasks\RMSchedule.job
[2012.08.01 18:17:00 | 000,000,284 | ---- | C] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.03.29 17:45:56 | 000,000,970 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2013.03.29 17:45:57 | 000,000,992 | ---- | C] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2013.06.07 19:55:38 | 000,000,350 | ---- | C] () -- C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

< >

< MD5 for: ATAPI.SYS >
[2008.01.01 01:01:01 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.01.01 01:01:01 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.01.01 01:01:01 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2008.01.01 01:01:01 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\dllcache\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.01 01:01:01 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.01.01 01:01:01 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.01.01 01:01:01 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.01.01 01:01:01 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.01.01 01:01:01 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.01.01 01:01:01 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\hal.dll

< MD5 for: SCECLI.DLL >
[2008.01.01 01:01:01 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.01.01 01:01:01 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.02.09 13:18:56 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=3D107D45CCFDB266E91D84B52CD7F430 -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\dllcache\services.exe
[2009.02.09 13:25:57 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=9EF697AF07BB8DD82C3B02CA953A95B7 -- C:\WINDOWS\system32\services.exe
[2008.01.01 01:01:01 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=F0D2AE69035092BF22DAD6B50FAB85C2 -- C:\WINDOWS\$NtUninstallKB956572$\services.exe

< MD5 for: SVCHOST.EXE >
[2008.01.01 01:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.01.01 01:01:01 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.01.01 01:01:01 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.01 01:01:01 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.01.01 01:01:01 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.01.01 01:01:01 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.01.01 01:01:01 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[39 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013.06.11 19:44:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Adobe
[2013.06.23 09:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ArcSoft
[2009.11.08 00:21:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\BSplayer Pro
[2009.06.17 10:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Corel
[2011.03.28 18:18:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\DivX
[2009.07.26 11:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Google
[2009.08.11 21:33:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Help
[2011.04.24 08:43:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\ICQ
[2009.06.16 19:32:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Identities
[2009.06.17 10:21:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InstallShield
[2009.06.17 09:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\InterVideo
[2009.06.16 21:04:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Macromedia
[2009.06.16 21:08:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Malwarebytes
[2009.06.27 17:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Media Player Classic
[2013.06.11 19:44:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Admin\Data aplikací\Microsoft
[2009.10.11 11:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Mozilla
[2011.12.09 21:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Nero
[2009.06.21 13:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Real
[2013.07.20 10:53:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Skype
[2011.06.19 12:37:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\skypePM
[2009.06.17 09:34:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Sun
[2009.10.10 10:51:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Talkback
[2013.07.05 12:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\TeamViewer
[2009.06.17 09:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Winamp
[2009.06.16 21:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Desktop Search
[2009.08.28 20:43:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Windows Search
[2009.06.17 09:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Data aplikací\Zoner

< %APPDATA%\*.exe /s >
[2009.06.16 21:04:56 | 001,915,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Admin\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
[2011.09.09 20:23:03 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\ARPPRODUCTICON.exe
[2011.09.09 20:23:03 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe1_D9316813509243FDA4C292F72F483E61.exe
[2011.09.09 20:23:03 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GameShadow.exe_D9316813509243FDA4C292F72F483E61.exe
[2011.09.09 20:23:03 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\GSDR.exe_D9316813509243FDA4C292F72F483E61.exe
[2011.09.09 20:23:03 | 000,008,854 | R--- | M] () -- C:\Documents and Settings\Admin\Data aplikací\Microsoft\Installer\{D98C9637-93DA-44DB-B73A-B11A1192AB26}\NewShortcut1_D98C963793DA44DBB73AB11A1192AB26.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2013.07.06 20:59:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2013.07.20 10:51:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013.07.19 16:50:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2013.07.20 10:50:04 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2013.07.20 10:51:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.07.20 11:24:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2013.07.20 10:30:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
[2013.07.20 10:30:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
[2013.07.19 19:14:32 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.06.17 09:31:08 | 000,685,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2009.06.16 17:35:46 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.06.16 17:35:45 | 001,093,632 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.06.16 17:35:45 | 000,471,040 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.07.20 10:51:52 | 000,000,006 | ---- | M] () -- C:\WINDOWS\system32\ANIWZCSUSERNAME{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}
[2013.07.20 10:52:01 | 000,003,284 | ---- | M] () -- C:\WINDOWS\system32\ANIWZCS{CF7E0E2E-AD82-40B8-A4BE-51D249898C83}
[2013.07.20 10:51:14 | 000,024,888 | ---- | M] () -- C:\WINDOWS\system32\BMXBkpCtrlState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,024,888 | ---- | M] () -- C:\WINDOWS\system32\BMXCtrlState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,016,420 | ---- | M] () -- C:\WINDOWS\system32\BMXState-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,016,420 | ---- | M] () -- C:\WINDOWS\system32\BMXStateBkp-{00000001-00000000-00000008-00001102-00000002-80641102}.rfx
[2013.07.20 10:51:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\system32\DVCState-{00000001-00000000-00000008-00001102-00000002-80641102}.dat
[2013.07.20 10:51:14 | 000,000,024 | ---- | M] () -- C:\WINDOWS\system32\DVCStateBkp-{00000001-00000000-00000008-00001102-00000002-80641102}.dat
[2013.07.20 10:51:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settings.sfm
[2013.07.20 10:51:14 | 000,001,080 | ---- | M] () -- C:\WINDOWS\system32\settingsbkup.sfm
[2013.07.20 10:53:30 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.01.01 01:01:01 | 000,015,360 | ---- | M] (Microsoft Corporation)
"OEXPRESS" = C:\WINDOWS\OETRN.EXE -- [2009.06.17 08:58:49 | 000,026,624 | ---- | M] ()
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2009.06.19 20:32:43 | 000,039,408 | ---- | M] (Google Inc.)
"Google Update" = "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.06.12 09:10:24 | 000,136,176 | ---- | M] (Google Inc.)
"Facebook Update" = "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2013.03.29 17:44:50 | 000,138,096 | ---- | M] (Facebook Inc.)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun -- [2013.06.03 16:27:20 | 019,603,048 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2010.02.19 18:01:31 | 000,307,672 | ---- | M] (Mozilla Corporation) MD5=06378B35F42F5F98FD53DCF1E08920FC -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.07.20 11:10:01 | 000,000,512 | ---- | M] () MD5=689C7E45028075ACE50457D686166759 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[1999.03.31 18:29:48 | 000,010,560 | ---- | M] () -- \CorelDATA\Tiles\Stone\CRACKS2M.cpt
[2003.12.05 15:52:40 | 000,000,796 | ---- | M] () -- \gta\GTA San Andreas\data\Decision\Craig\crack1.ped
[2006.05.11 02:37:51 | 000,000,222 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_concrete_cracked_tile_01.vmt
[2006.05.11 02:37:51 | 000,087,600 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_concrete_cracked_tile_01.vtf
[2006.05.11 02:37:53 | 000,000,216 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_paveCrack_decal_01.vmt
[2006.05.11 02:37:53 | 000,349,744 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_paveCrack_decal_01.vtf
[2006.05.11 02:37:53 | 000,000,216 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_pavecrack_decal_02.vmt
[2006.05.11 02:37:53 | 000,349,744 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\SE1_Decals\SE1_paveCrack_decal_02.vtf
[2006.05.11 02:37:58 | 000,000,730 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\Blnd_pave01_pavecracked.vmt
[2006.05.11 02:37:58 | 000,000,730 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\Blnd_pave02_pavecracked.vmt
[2006.05.11 02:38:05 | 000,174,968 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\SE1_pave01_pavecrack_tooltexture.vtf
[2006.05.11 02:38:05 | 000,174,968 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\SE1_pave02_pavecrack_tooltexture.vtf
[2006.05.11 02:38:05 | 000,000,311 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\SE1_pavecracked_01.vmt
[2006.05.11 02:38:05 | 000,174,968 | ---- | M] () -- \Hry\SinEpisodes\SE1\materials\WAREHOUSE\SE1_pavecracked_01.vtf
[2002.12.18 17:10:46 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Bumpmap\Cracks.cpt
[2002.12.16 18:44:50 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Canvas\cracks2c.pcx
[2002.12.16 18:44:30 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Tiles\CRACKS2M.CPT

< *keygen* /s >
[2010.11.30 07:39:25 | 000,041,152 | ---- | M] () -- \Downloads\WinRar 3.71 final + keygen (Works 100% )\keygen.exe
[2006.04.29 11:13:44 | 000,299,008 | ---- | M] () -- \Install\Sw\XP.Repair.Pro.2006.v3.1.6.Incl.Keygen.and.Patch-HERETiC\Crack\Keygen.exe
[2006.04.29 11:13:44 | 000,299,008 | ---- | M] () -- \Install\XP.Repair.Pro.2006.v3.1.6.Incl.Keygen.and.Patch-HERETiC\Crack\Keygen.exe

< *loader* /s >
[2008.11.18 12:11:35 | 000,494,565 | ---- | M] () -- \Documents and Settings\Admin\Plocha\nepoužívané odkazy\Portable_Google_Chrome_2.0.172.8\ChromeLoader.exe
[2008.11.18 12:11:35 | 000,494,565 | ---- | M] () -- \Documents and Settings\Admin\Plocha\nepoužívané odkazy\Portable_Google_Chrome_2.0.172.8\ChromeLoader_1.exe
[2008.11.18 12:10:50 | 000,494,585 | ---- | M] () -- \Documents and Settings\Admin\Plocha\nepoužívané odkazy\Portable_Google_Chrome_2.0.172.8\IncognitoChromeLoader.exe
[2008.11.18 12:10:50 | 000,494,585 | ---- | M] () -- \Documents and Settings\Admin\Plocha\nepoužívané odkazy\Portable_Google_Chrome_2.0.172.8\IncognitoChromeLoader_1.exe
[2013.04.25 17:31:28 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2013.04.25 17:31:28 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2013.04.25 17:31:28 | 000,009,772 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\retina\loader@2x.png
[2009.01.03 14:07:55 | 000,268,082 | ---- | M] () -- \Hry\Codename Outbreak\Outbreak\LoadErr.log
[2009.01.08 08:11:26 | 000,077,824 | ---- | M] () -- \Program Files\ArcSoft\WebCam Companion 3\ASDownloader.exe
[2009.11.25 02:54:58 | 000,003,604 | ---- | M] () -- \Program Files\AVG\AVG9\Toolbar.old\Firefox\avg@igeared\chrome\content\libs\loader.js
[2001.01.16 06:55:36 | 000,053,248 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.DLL
[2001.01.16 04:22:34 | 000,002,560 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\COLOADER.TLB
[2006.04.14 22:11:00 | 000,003,095 | ---- | M] () -- \Program Files\Common Files\mozilla.org\GRE\1.7.13_2006041421\components\uriloader.xpt
[2010.09.23 06:30:25 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.jpg
[2010.09.23 06:30:25 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\Packages\atlas\Skins\AtlasSkin\images\XtraPreloader\loader.swf
[2009.03.01 12:31:26 | 000,005,795 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.jpg
[2009.03.01 12:31:26 | 000,004,089 | ---- | M] () -- \Program Files\ICQ6.5\services\icqApp\ver1\theme\IMAGES\XtraPreloader\loader.swf
[2013.03.30 17:37:26 | 000,002,886 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\babylon_feed\preloader01_b.swf
[2010.09.23 06:30:43 | 000,003,479 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\content\contact_list\preloader04.swf
[2010.09.23 06:30:49 | 000,552,798 | ---- | M] () -- \Program Files\ICQ6.5\services\icqXtraz\ver1\theme\game_center\loaderBkg.png
[2003.09.26 08:15:26 | 000,169,384 | ---- | M] () -- \Program Files\Valve\cstrike\models\qloader.mdl
[2003.09.26 14:19:52 | 000,352,548 | ---- | M] () -- \Program Files\Valve\valve\models\loader.mdl
[2003.09.26 14:24:16 | 000,012,764 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_hydra1.wav
[2003.09.26 14:24:16 | 000,012,164 | ---- | M] () -- \Program Files\Valve\valve\sound\ambience\loader_step1.wav
[2013.07.19 19:41:19 | 000,030,588 | ---- | M] () -- \WINDOWS\Prefetch\ASDOWNLOADER.EXE-309BAAF2.pf
[2008.01.01 01:01:01 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2010.04.01 13:54:02 | 000,012,532 | ---- | M] () -- \WINDOWS\system32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2008.01.01 01:01:01 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:6971CCC5
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

Trvate na antiviru AVG - u nas neni moc obliben - vysoka zatez systemu, slabsi detekce

Nene netrvám

Avg je spise parodie na antivir

Odinstalujte Avg a pak pouzijte jeste http://download.avg.com/filedir/util/av ... 3_3341.exe

Nainstalujte Avast Free http://www.avast.com/get/gWR5mo92

Ja zatim napisi opravny skript

Spustte znovu OTL

• Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
• Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

• Kód: Vybrat vše

  :otl
  SRV - [2013.06.30 13:43:53 | 001,598,128 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe -- (vToolbarUpdater15.3.0)
  SRV - [2011.11.10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
  SRV - [2010.06.22 09:28:50 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\STK02HW2.sys -- (DCamUSBSTK02H)
  DRV - File not found [Kernel | On_Demand | Unknown] -- -- (as46oixc)
  DRV - [2013.06.30 13:43:56 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
  DRV - [2013.02.16 21:54:27 | 000,226,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (AvgLdx86)
  DRV - [2011.09.12 21:18:04 | 000,029,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (AvgMfx86)
  DRV - [2011.05.05 16:26:08 | 000,243,152 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (AvgTd
  DRV - [2010.04.19 13:55:52 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (AvgRkx86)
  IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\URLSearchHook: - No CLSID value found
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes,DefaultScope =
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  IE - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\SearchScopes\{C4F23BD0-D337-4565-AEE6-69378B701FEA}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
  [2010.09.22 20:34:16 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\{DDABDBA1-2377-4A30-A027-25697B99E254}
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\FFXTLBR@BABYLON.COM
  File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMIN\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\363BCT70.DEFAULT\EXTENSIONS\TOOLBAR@ASK.COM
  [2011.09.12 21:18:11 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG9\FIREFOX
  [2011.05.09 19:36:20 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.103.018.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG9\TOOLBAR\FIREFOX\AVG@IGEARED
  CHR - default_search_provider: Search the web (Babylon) (Enabled)
  CHR - default_search_provider: search_url = http://search.babylon.com/?q={searchTerms}&AF=100815&babsrc=SP_ss&mntrId=6ca0d730000000000000000476963389
  CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
  O2 - BHO: (TBSB02843 Class) - {22E4A387-EBFC-442B-B46A-4E7957176FE0} - C:\Program Files\Facicons\tbcore3.dll ()
  O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll ()
  O2 - BHO: (Expresso) - {A6629839-6636-4998-95D6-2B0F52141861} - C:\Program Files\Expresso\Extension32.dll ()
  O3 - HKLM\..\Toolbar: (Facicons) - {7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - C:\Program Files\Facicons\tbcore3.dll ()
  O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll ()
  O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
  O3 - HKU\S-1-5-21-1060284298-1972579041-1606980848-1003\..\Toolbar\WebBrowser: (Facicons) - {7124C800-B6B8-4A2E-BEC0-8B9ECCEA2149} - C:\Program Files\Facicons\tbcore3.dll ()
  O4 - HKLM..\RunOnceEx: [Flag] Reg Error: Invalid data type. File not found
  O8 - Extra context menu item: WikiKomentáře Google... - File not found
  O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
  O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
  [2013.07.12 18:56:46 | 000,000,769 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
  [2010.02.06 16:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\avg9
  [12 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  [33 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
  [2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
  [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  [2013.07.06 20:59:12 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
  [2013.07.20 10:51:20 | 000,000,350 | ---- | M] () -- C:\WINDOWS\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
  [2013.07.19 16:50:00 | 000,000,970 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
  [2013.07.20 10:50:04 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
  [2013.07.20 10:51:25 | 000,000,936 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
  [2013.07.20 11:24:01 | 000,000,940 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
  [2013.07.20 10:30:01 | 000,000,974 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003Core.job
  [2013.07.20 10:30:00 | 000,001,026 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1972579041-1606980848-1003UA.job
  [2013.07.19 19:14:32 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job
  @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:6971CCC5
  @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1
  
  :services
  NAUpdate
  
  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "ISUSPM Startup"=-
  "ISUSScheduler"=-
  "AVG9_TRAY"=-
  "SunJavaUpdateSched"=-
  "vProt"=-
  "RMAlert"=-
  "KernelFaultCheck"=-
  "Adobe ARM"=-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "CTFMON.EXE"=-
  "OEXPRESS"=-
  "swg"=-
  "Google Update"=-
  "Facebook Update"=-
  "Skype"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Quick Launch]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^InterVideo WinCinema Manager.lnk]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
  
  :files
  C:\Program Files\Common Files\AVG Secure Search
  C:\Program Files\AVG Secure Search
  C:\Program Files\AVG
  c:\Downloads\WinRar 3.71 final + keygen (Works 100% )\keygen.exe
  c:\Install\Sw\XP.Repair.Pro.2006.v3.1.6.Incl.Keygen.and.Patch-HERETiC\Crack\Keygen.exe
  c:\Install\XP.Repair.Pro.2006.v3.1.6.Incl.Keygen.and.Patch-HERETiC\Crack\Keygen.exe
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Nasledne kliknete na Opravit
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Udělal jsem to několikrát a vždycky se mi to sekne :/