Prosím o kontrolu logu - pomalý start pc

[Leonidas]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:13, on 8.11.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17055)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\AccelerometerSt.Exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Gerca\Plocha\aa.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.Exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6598270687
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate1c9ff0499afc95a) (gupdate1c9ff0499afc95a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 12466 bytes

[Reklama]

[Damned]

Odinstaluj si ICQ6Toolbar.
Vypni si spouštění NERO po startu.

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe monthly (User 'SYSTEM')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

*************************************************************************************************************************************************************************

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti: Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko Konec.
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje a poté kliknutím na OK spusť program
- nech vybranou možnost Rychlá kontrola a klikni na tlačítko Prohledat

Bude-li nalezen problém:
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na Plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
- výsledný log mi sem zkopíruj
(zatím nic nemaž!).

Nebude-li nalezen problém:
- Klikni na tlačítko "OK" a sděl mi to

[Leonidas]

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

8.11.2011 17:18:18
mbam-log-2011-11-08 (17-18-14).txt

Typ: Rychlá kontrola
Kontrolované objekty: 159947
Uplynulý čas: 2 minut, 20 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Damned]

Centrum aktualizací sis vypnul sám?

[Leonidas]

Nevím, není to můj notebook

[Damned]

Spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec
*************************************************************************************************************************************************************************
Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs) nebo ComboFix (subs) a ulož si ho na Plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Leonidas]

ComboFix 11-11-08.02 - Gerca 08.11.2011 18:06:25.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2043.1289 [GMT 1:00]
Spuštěný z: c:\documents and settings\Gerca\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Gerca\WINDOWS
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\CddbCdda.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-08 do 2011-11-08 )))))))))))))))))))))))))))))))
.
.
2011-11-08 16:09 . 2011-11-08 16:09 -------- d-----w- c:\documents and settings\Gerca\Data aplikací\Malwarebytes
2011-11-08 16:09 . 2011-11-08 16:09 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-11-08 16:09 . 2011-11-08 16:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-08 16:09 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-23 07:59 . 2011-10-23 07:59 -------- d-----w- c:\documents and settings\Gerca\Data aplikací\SFBot
2011-10-19 19:13 . 2011-10-19 19:14 -------- d-----w- c:\documents and settings\Gerca\Data aplikací\Hamachi
2011-10-19 19:13 . 2011-10-19 19:13 17480 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-10-19 19:13 . 2011-10-19 19:13 -------- d-----w- c:\program files\Hamachi
2011-10-19 19:09 . 2011-10-19 19:09 -------- d-----w- c:\program files\Valve
2011-10-15 13:14 . 2011-10-24 08:18 -------- d-----w- c:\program files\Counter-Strike 1.6
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2011-10-20 21:39 . 2011-05-16 07:42 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-09-01 2532680]
.
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2011-09-01 07:16 2532680 ----a-w- c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-09-01 2532680]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll" [2011-09-01 2532680]
.
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-12-14 2402512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1044480]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AccelerometerSysTrayApplet"="c:\windows\system32\AccelerometerSt.Exe" [2008-06-09 82224]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-18 178712]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1040384]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 2615624]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-23 906648]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-23 140568]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2011-06-13 528832]
"AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2338656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-3-31 576104]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\Program Files\\Metin2\\metin2client.bin"=
"c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"=
"c:\\Program Files\\Metin2\\metin2.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [13.9.2010 15:27 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [7.9.2010 3:48 32592]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2.6.2009 18:00 64160]
R0 SFAUDIO;Sonic Focus DSP Driver;c:\windows\system32\drivers\sfaudio.sys [13.11.2008 16:24 24064]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7.9.2010 3:48 248656]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [9.11.2010 22:20 297168]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18.8.2011 0:33 7390560]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [8.2.2011 4:33 269520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [18.1.2009 22:34 1036104]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [16.10.2010 8:21 583640]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [19.8.2010 20:42 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [19.8.2010 20:42 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [19.8.2010 20:42 27216]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [13.11.2008 16:42 193840]
S2 gupdate1c9ff0499afc95a;Služba Google Update (gupdate1c9ff0499afc95a);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2009 14:12 133104]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG10\Toolbar\ToolbarBroker.exe [12.5.2011 14:44 1025352]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2009 14:12 133104]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [21.6.2007 4:40 56448]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-09-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 17:00]
.
2011-07-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-07 13:12]
.
2011-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-07 13:12]
.
2011-11-04 c:\windows\Tasks\Norton Security Scan for Gerca.job
- c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-18 07:22]
.
2011-11-03 c:\windows\Tasks\RMSchedule.job
- c:\program files\Registry Mechanic\RegMech.exe [2010-10-16 06:46]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 91.197.119.129 192.168.0.1
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
FF - ProfilePath - c:\documents and settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_result ... r=1.3.1&q=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-08 18:31
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1284)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3028)
c:\windows\system32\btmmhook.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\progra~1\AVG\AVG10\avgchsvx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\System32\SCardSvr.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
c:\program files\Common Files\ACD Systems\EN\DevDetect.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\AVG\AVG10\avgnsx.exe
c:\program files\AVG\AVG10\avgemcx.exe
c:\program files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\wscntfy.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\program files\PC Connectivity Solution\NclBTHandler.exe
c:\progra~1\AVG\AVG10\avgrsx.exe
c:\program files\AVG\AVG10\avgcsrvx.exe
.
**************************************************************************
.
Celkový čas: 2011-11-08 18:41:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-08 17:40
.
Před spuštěním: 9 376 518 144
Po spuštění: 9 306 206 208
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 153C87DD0D0FD066679337D17E4E38F0

[Damned]

Odinstaluj ComboFix. ComboFix se odinstaluje takto:
Vypni antivir a pokud máš i Antispyware ( nutné ) .

Start -> Spustit (nebo klávesy Win+R) a zadej do řádku: Combofix[mezera]/uninstall

Stáhni si T-Cleaner (nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)
*************************************************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na Minimální výstup, zaškrtni Pro všechny uživatele.Pod Běžné registry změň na Vše, Specifické registry na Vše. Zatrhni Kontrola na havěť LOP a Kontrola na havěť Purity. Stáří souborů změň na 14 dnů. Všechny ostatní nastavení ponech jak jsou. Klikni na Prohledat. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Leonidas]

První
OTL Extras logfile created on: 8.11.2011 19:01:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Gerca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,19% Memory free
3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 11,73 Gb Free Space | 20,02% Space Free | Partition Type: NTFS
Drive D: | 164,52 Gb Total Space | 69,14 Gb Free Space | 42,02% Space Free | Partition Type: NTFS

Computer Name: POKUS-4DC47A7C1 | User Name: Gerca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\WINDOWS\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 10.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee\10.0\ACDSeeQV10.exe" "%1" (ACD Systems)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies)
"C:\Program Files\Metin2\metin2.bin" = C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2 -- ()
"C:\Program Files\Metin2\metin2client.bin" = C:\Program Files\Metin2\metin2client.bin:*:Enabled:metin2client -- ()
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Metin2\metin2.exe" = C:\Program Files\Metin2\metin2.exe:*:Enabled:metin2 -- ()
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostika 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Counter-Strike 1.6\hl.exe" = C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher -- (Valve)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E6CFB0-2EAA-A019-7894-18986696E711}" = Catalyst Control Center Localization Finnish
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05E740C4-0F88-4673-9DAF-549E41A6CB21}" = AVG 2011
"{096F7700-03BA-B421-703A-FE4D2CE88D08}" = Catalyst Control Center Graphics Light
"{11964613-805F-432D-A12B-169554B793E7}" = Nokia Connectivity Cable Driver
"{12F80942-5FE0-7CE9-F1B3-121795A32054}" = CCC Help Swedish
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15030405-7B1E-7300-1C6C-9FE98BA68CB4}" = CCC Help Norwegian
"{154446FB-439A-2AF4-B124-9E31CD3B3E88}" = Catalyst Control Center Localization Chinese Standard
"{176722EA-EB96-5AC0-9BC0-FD774C1A94FB}" = Catalyst Control Center Localization Russian
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CDB842D-9C18-5EBC-91D4-C6F8DA0AE7CE}" = CCC Help Turkish
"{1CF67A1B-1063-D44B-3234-42717D7D3FF8}" = Catalyst Control Center Localization French
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE5BFA8-C0E0-68FD-52DD-42FB11B3B160}" = Catalyst Control Center Localization Norwegian
"{243A6B8F-203D-EDAD-350D-15393AD822CD}" = CCC Help German
"{2480B673-194C-3C4B-1523-4C20F354E40C}" = Catalyst Control Center Localization Danish
"{263A0833-85A9-AF55-F3EE-5945FAC78614}" = Catalyst Control Center Graphics Full Existing
"{2696556B-1D2B-26B3-75B1-52F342C150D0}" = CCC Help Dutch
"{2746C43F-4D85-73C6-8ADC-C38453C3531E}" = CCC Help Czech
"{2C0988B9-3BEA-7A45-2A67-BD0267973878}" = CCC Help Hungarian
"{30BF4E6C-D866-46F7-A4F6-81A45E97706E}" = Catalyst Control Center - Branding
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 E1
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam
"{3C9643A7-ACF9-3431-3B42-89D553C20CCE}" = Catalyst Control Center Localization Portuguese
"{3D5238BD-B6F7-0325-4577-7B1DD3AC539F}" = CCC Help Thai
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{434DEF64-89D3-F83B-E008-5200E5B2F2D9}" = ccc-utility
"{4841F481-1272-A1BE-D424-78628D252426}" = Catalyst Control Center Localization German
"{4CE1CFF4-7F88-02DD-70BD-CD3B18F6CDC9}" = ccc-core-preinstall
"{5526E90B-7ED3-1881-4C96-35FF5E124225}" = Catalyst Control Center Localization Thai
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D397775-EFF0-26D7-AC85-5993391AEC4F}" = Catalyst Control Center Localization Dutch
"{6F8A555E-F2E1-415D-AD8A-67C0A7671029}" = Nero 8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76582A2F-F5FD-BF58-C69F-1E9AB9CBDF6A}" = Catalyst Control Center Localization Spanish
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7D543DFE-6459-462A-9A62-B5B012B1DCF1}" = AVG 2011
"{82B6333C-10B0-6BF2-F02B-FB907129C44C}" = ccc-core-static
"{82C2F4FF-B768-12D6-E53D-62C8E17E8662}" = CCC Help Japanese
"{8452B997-80A4-B2F9-9CAD-00A3FA45AD92}" = Catalyst Control Center Localization Swedish
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = HP Integrated Module with Bluetooth wireless technology
"{865821E8-88E8-BE83-A4C0-4B2723352AE4}" = Catalyst Control Center Localization Japanese
"{8676226D-E23E-8701-778F-7DE0E12DA452}" = CCC Help Chinese Standard
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89CA8C53-9CE5-B628-AA17-11F232F1E726}" = CCC Help Danish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B68D7D1-258E-0B52-B216-DD8DD59B544A}" = Catalyst Control Center Localization Italian
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{983980FC-66FB-4ECC-A5D8-4565BE217733}" = SCR3xxx Smart Card Reader
"{9919B071-F93A-8BFD-6A65-01D560121DC5}" = CCC Help French
"{99A40651-0BC2-4095-8F9A-A40FAB224FEF}" = PC Connectivity Solution
"{9E60B43A-50D6-057F-8EA6-8286CE00A65C}" = CCC Help Greek
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A36CBCBC-10B5-EBC0-1219-95830657FF98}" = CCC Help Portuguese
"{A4502FB2-69C0-9F71-C697-0F0AC94656E3}" = Catalyst Control Center Localization Czech
"{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}" = Kontrola české gramatiky pro sadu Microsoft Office 2003
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ADAE950C-FF76-F081-5861-FBD5AF48FE56}" = Catalyst Control Center Graphics Full New
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4205456-1F3F-7156-5EE2-DA1045FD7207}" = Catalyst Control Center Localization Turkish
"{B42A8EA7-2A15-2E30-651E-DD47C000301D}" = CCC Help Finnish
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C45FB733-E259-A7FF-5C9F-4FC68CC69365}" = CCC Help Italian
"{C94AAA8B-4152-3F32-E94E-E23503D21EAC}" = CCC Help Spanish
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D889ECAE-D516-363D-0CEC-17F1D2E1AA81}" = CCC Help Korean
"{D9199DDB-B5EE-BF67-7C85-31790A8B5D85}" = CCC Help Chinese Traditional
"{D9803478-F222-AC9C-48FB-1F4D6B54F1FF}" = Catalyst Control Center Localization Chinese Traditional
"{DCA43467-6F0F-CC7B-B944-F54AA1752BBE}" = Catalyst Control Center Core Implementation
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E11D4FE9-718A-D54C-9C19-A13CA89B9E18}" = Skins
"{E277DDEB-9395-77FA-E273-A2BD084CEE0C}" = CCC Help Russian
"{E5343B27-55DF-40BD-9FCF-A643C1331E8A}" = Acronis True Image Home
"{ED8BA12A-AD99-4E61-9E4B-AB64957999AE}" = HP 3D DriveGuard
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4306DF8-7B00-158B-435B-05FA42C81795}" = Catalyst Control Center Localization Greek
"{F5D61F44-C37E-2015-BA9F-A718B9DBF69D}" = Catalyst Control Center Localization Korean
"{F6019CF2-24CA-F33D-091A-D6F65CB54D01}" = Catalyst Control Center Localization Polish
"{F8B98EB6-FC06-45BF-87D4-9784E0408611}" = ACDSee 10 Photo Manager
"{F9048FF8-45E1-8BD4-0161-468F777BA2B4}" = CCC Help English
"{FC00DD7E-8EBD-DAF9-B345-6643818AC242}" = Catalyst Control Center Localization Hungarian
"{FC1DCE80-2E83-A938-1450-A846B851E264}" = CCC Help Polish
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"4077F884D1BB007055BDB83B621D87220A73F30F" = Balíček ovladače systému Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
"7-Zip" = 7-Zip 4.65
"Ad-Aware" = Ad-Aware
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)
"BSPlayer" = BSPlayer
"CCleaner" = CCleaner
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Balíček ovladače systému Windows - Nokia Modem (05/24/2007 6.84.0.1)
"CrazyBirds_is1" = Crazy Birds
"Čeština do ACDSee 10 Photo Manager Build 219" = Čeština do ACDSee 10 Photo Manager Build 219
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Google Chrome" = Google Chrome
"GreatMahjong_is1" = Great Mahjong
"Hamachi" = Hamachi 1.0.1.5
"Charma_is1" = Charma
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Kreslení pro děti (doporučená instalace)" = Kreslení pro děti (doporučená instalace)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"McDonald's Dragons " = McDonald's Dragons
"McDonald's Fairies " = McDonald's Fairies
"Metin2_is1" = Metin2
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 7.0.1 (x86 cs)" = Mozilla Firefox 7.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NHL 99" = NHL 99
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nokia PC Suite" = Nokia PC Suite
"NSS" = Norton Security Scan
"Registry Mechanic_is1" = Registry Mechanic 10.0
"SharkAttack_is1" = Shark Attack
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"Steam" = Steam
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Zuma Deluxe_is1" = Zuma Deluxe
"Zuma's Revenge! - version 1.0.4.9495" = Zuma's Revenge! - version 1.0.4.9495

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6 v42b instalace" = Counter-Strike 1.6 v42b instalace
"Game Organizer" = EasyBits GO

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16.9.2011 4:53:59 | Computer Name = POKUS-4DC47A7C1 | Source = MsiInstaller | ID = 11719
Description = Product: Compatibility Pack for the 2007 Office system -- Error 1719.
The Windows Installer Service could not be accessed. This can occur if you are
running Windows in safe mode, or if the Windows Installer is not correctly installed.
Contact your support personnel for assistance.

Error - 16.9.2011 4:53:59 | Computer Name = POKUS-4DC47A7C1 | Source = MsiInstaller | ID = 1024
Description = Aktualizaci Security Update for 2007 Microsoft Office System (KB2584063)
produktu Compatibility Pack for the 2007 Office system nebylo možné nainstalovat.
Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu
s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace
naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error - 19.9.2011 13:49:14 | Computer Name = POKUS-4DC47A7C1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 19.9.2011 13:49:15 | Computer Name = POKUS-4DC47A7C1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Takové síťové připojení neexistuje.

Error - 19.9.2011 13:52:56 | Computer Name = POKUS-4DC47A7C1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: The server name or address could not be resolved

Error - 21.9.2011 13:58:12 | Computer Name = POKUS-4DC47A7C1 | Source = Userenv | ID = 1512
Description = Systém Windows nemůže uvolnit soubor registru. Nebyla uvolněna paměť
používaná registrem. To je často způsobeno tím, že jsou služby spuštěny pomocí
uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo
síťové služby. Pokud problém přetrvává, obraťte se na správce. DETAIL - K dokončení
požadované služby není k dispozici dostatek prostředků.

Error - 5.10.2011 16:31:09 | Computer Name = POKUS-4DC47A7C1 | Source = Userenv | ID = 1512
Description = Systém Windows nemůže uvolnit soubor registru. Nebyla uvolněna paměť
používaná registrem. To je často způsobeno tím, že jsou služby spuštěny pomocí
uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo
síťové služby. Pokud problém přetrvává, obraťte se na správce. DETAIL - K dokončení
požadované služby není k dispozici dostatek prostředků.

Error - 1.11.2011 12:51:34 | Computer Name = POKUS-4DC47A7C1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: Daná operace se vrátila, protože vypršel časový limit.

Error - 1.11.2011 12:51:55 | Computer Name = POKUS-4DC47A7C1 | Source = crypt32 | ID = 131080
Description = Načtení automatické aktualizace pořadového čísla kořenového seznamu
jiného výrobce z: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
se nezdařilo. Chyba: The operation timed out

[ System Events ]
Error - 3.11.2011 11:10:07 | Computer Name = POKUS-4DC47A7C1 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.

Error - 4.11.2011 9:36:14 | Computer Name = POKUS-4DC47A7C1 | Source = ipnathlp | ID = 32003
Description = Služba NAT (Network Address Translator) nemohla požádat o operaci překládacího
modulu režimu jádra. To může znamenat špatnou konfiguraci, nedostatek prostředků
nebo vnitřní chybu. Uvedený údaj je kód chyby.

Error - 8.11.2011 12:10:22 | Computer Name = POKUS-4DC47A7C1 | Source = Service Control Manager | ID = 7000
Description = Služba MBAMSwissArmy neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >

[Leonidas]

OTL logfile created on: 8.11.2011 19:01:49 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Gerca\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 59,19% Memory free
3,84 Gb Paging File | 3,13 Gb Available in Paging File | 81,39% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 11,73 Gb Free Space | 20,02% Space Free | Partition Type: NTFS
Drive D: | 164,52 Gb Total Space | 69,14 Gb Free Space | 42,02% Space Free | Partition Type: NTFS

Computer Name: POKUS-4DC47A7C1 | User Name: Gerca | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Gerca\Plocha\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\avgemcx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
PRC - C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
PRC - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe (ACD Systems, Ltd.)
PRC - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
PRC - C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
PRC - C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
PRC - C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\PC Connectivity Solution\NclBTHandler.exe (Nokia)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Lavasoft\Ad-Aware\Resources.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\ShellExt.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\RPAPI.dll ()
MOD - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 3\winSkinD7R.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 3\CoolTrayIcon_D6plus.bpl ()
MOD - C:\Program Files\IObit\Advanced SystemCare 3\STFix.dll ()
MOD - C:\Program Files\IObit\Advanced SystemCare 3\NtfsData.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7124a40b9998f7b63c86bd1a2125ce26\mscorlib.ni.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3050.37261__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3050.37221__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3050.37274__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3050.37446__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3050.37411__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3050.37253__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3050.37370__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3050.37240__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3050.37475__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3050.37419__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Dashboard\2.0.3050.37487__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3050.37482__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3050.37267__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3050.37425__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3050.37234__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3050.37418__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Runtime\2.0.3050.37487__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3050.37267__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3050.37378__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3050.37438__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3050.37378__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3050.37287__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3050.37372__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3050.37241__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3050.37405__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3050.37293__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3050.37281__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3050.37393__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3050.37371__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3050.37292__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3050.37392__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3050.37404__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3050.37377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay4.Graphics.Shared\2.0.2939.23766__90ba9c70f846762e\CLI.Aspect.PowerPlay4.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3050.37493__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3050.37248__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3050.37467__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3050.37466__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3050.37214__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3050.37228__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3050.37215__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3050.37213__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3050.37213__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3050.37467__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Program Files\Lavasoft\Ad-Aware\unrar.dll ()
MOD - C:\WINDOWS\system32\btwicons.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
MOD - C:\Program Files\Acronis\TrueImageHome\fox.dll ()
MOD - C:\Program Files\WinRAR\rarlng.dll ()
MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMON.EXE (Intel Corporation)
SRV - (AgereModemAudio) -- C:\WINDOWS\system32\agrsmsvc.exe (Agere Systems)
SRV - (TryAndDecideService) -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe ()
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)


========== Driver Services (SafeList) ==========

DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Lbd) -- C:\WINDOWS\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (timounter) -- C:\WINDOWS\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\WINDOWS\system32\drivers\tifsfilt.sys (Acronis)
DRV - (snapman) -- C:\WINDOWS\system32\DRIVERS\snapman.sys (Acronis)
DRV - (tdrpman) -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys (Acronis)
DRV - (hpdskflt) -- C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\WINDOWS\system32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (HBtnKey) -- C:\WINDOWS\system32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (NETw5x32) Ovladač adaptéru Intel(R) -- C:\WINDOWS\system32\drivers\NETw5x32.sys (Intel Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\WINDOWS\system32\drivers\snp2uvc.sys ()
DRV - (yukonwxp) -- C:\WINDOWS\system32\drivers\yk51x86.sys (Marvell)
DRV - (BTKRNL) -- C:\WINDOWS\system32\drivers\btkrnl.sys (Broadcom Corporation.)
DRV - (btaudio) -- C:\WINDOWS\system32\drivers\btaudio.sys (Broadcom Corporation.)
DRV - (BTWDNDIS) -- C:\WINDOWS\system32\drivers\btwdndis.sys (Broadcom Corporation.)
DRV - (BTWUSB) -- C:\WINDOWS\system32\drivers\btwusb.sys (Broadcom Corporation.)
DRV - (BTDriver) -- C:\WINDOWS\system32\drivers\btport.sys (Broadcom Corporation.)
DRV - (SFAUDIO) -- C:\WINDOWS\system32\drivers\sfaudio.sys (Sonic Focus, Inc)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (SCR3XX2K) -- C:\WINDOWS\system32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.)
DRV - (HpqKbFiltr) -- C:\WINDOWS\system32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\nmwcd.sys (Nokia)
DRV - (nmwcdcm) -- C:\WINDOWS\system32\drivers\nmwcdcm.sys (Nokia)
DRV - (nmwcdcj) -- C:\WINDOWS\system32\drivers\nmwcdcj.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\nmwcdc.sys (Nokia)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-73586283-1563985344-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: avg@igeared:6.103.018.001
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..keyword.URL: "http://www.webhledani.cz/results.aspx?i=39&tp=ab&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "chrome://browser-region/locale/region.properties"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 09:00:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011.09.17 10:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.10.15 08:31:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.20 22:39:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.16 08:42:44 | 000,000,000 | ---D | M]

[2008.11.13 16:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Extensions
[2008.11.13 16:55:13 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.11.08 10:17:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\extensions
[2010.08.31 08:44:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.11.08 10:17:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.02 17:46:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-1.xml
[2010.10.07 15:35:21 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-10.xml
[2010.10.24 07:04:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-11.xml
[2010.10.27 07:58:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-12.xml
[2010.12.09 15:19:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-13.xml
[2011.01.13 17:38:32 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-14.xml
[2011.03.25 18:22:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-15.xml
[2011.03.26 12:18:44 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-16.xml
[2011.05.01 05:49:26 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-17.xml
[2011.05.12 14:50:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-18.xml
[2011.06.16 18:16:04 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-19.xml
[2009.12.17 09:23:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-2.xml
[2011.07.16 07:41:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-20.xml
[2011.07.17 15:48:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-21.xml
[2011.09.17 11:16:56 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-22.xml
[2011.10.20 22:39:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-23.xml
[2011.10.21 06:27:38 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-24.xml
[2010.01.07 15:10:43 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-3.xml
[2010.02.24 02:38:41 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-4.xml
[2010.04.01 05:56:05 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-5.xml
[2010.06.25 07:15:07 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-6.xml
[2010.07.23 20:58:27 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-7.xml
[2010.08.31 08:46:21 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-8.xml
[2010.09.16 13:08:42 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-9.xml
[2011.10.30 12:09:30 | 000,000,168 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.gif
[2011.10.30 12:09:30 | 000,000,618 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.src
[2009.10.28 17:18:09 | 000,000,944 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.xml
[2009.02.13 12:44:07 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\sweetim.xml
[2011.05.15 13:37:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.22 10:14:51 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.10.20 22:39:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.31 11:59:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GERCA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\E4I6FSZW.DEFAULT\EXTENSIONS\{800B5000-A755-47E1-992B-48A1C1357F07}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\GERCA\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\E4I6FSZW.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
[2011.10.15 08:31:09 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011.09.17 10:52:17 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="7.008.031.001" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG10\TOOLBAR\FIREFOX\AVG@IGEARED
[2011.10.20 22:39:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.05.01 22:02:48 | 001,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2009.05.12 19:46:20 | 001,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009.05.18 23:41:32 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007.03.22 19:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL
[2008.06.11 22:45:28 | 000,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2008.11.13 19:29:57 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009.05.01 22:02:48 | 000,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2011.09.17 07:22:21 | 000,002,216 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg_igeared.xml
[2011.10.20 22:39:02 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011.10.20 22:39:02 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.20 22:39:02 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.20 15:54:39 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.20 22:39:02 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.20 22:39:02 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.20 22:39:02 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

[Leonidas]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\13.0.782.220\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\13.0.782.220\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\13.0.782.220\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.51204.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AVG Safe Search = C:\Documents and Settings\Gerca\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1390_0\

O1 HOSTS File: ([2011.11.08 18:29:39 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\accelerometerST.exe (Hewlett-Packard Corporation)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Device Detector] DevDetect.exe -autorun File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE (Intel Corporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-21-73586283-1563985344-839522115-1003..\Run: [Advanced SystemCare 3] C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe (IObit)
O4 - HKU\S-1-5-21-73586283-1563985344-839522115-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-73586283-1563985344-839522115-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - HKU\S-1-5-18..\RunOnce: [AutoLaunch] C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-73586283-1563985344-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 6598270687 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 91.197.119.129 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92F88984-42D7-4A12-91CE-27FCA1C27C10}: DhcpNameServer = 91.197.119.129 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) -C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Gerca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Gerca\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) -C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) -C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) -C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2011.11.08 19:01:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gerca\Data aplikací\Registry Mechanic
[2011.11.08 18:58:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Gerca\Plocha\OTL.exe
[2011.11.08 18:58:33 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.11.08 18:41:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011.11.08 18:05:26 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.11.08 17:09:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gerca\Data aplikací\Malwarebytes
[2011.11.08 17:09:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.11.08 17:09:40 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.11.08 17:09:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.08 17:08:43 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gerca\Plocha\mbam-setup-1.51.2.1300.exe
[2011.11.08 17:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gerca\Plocha\backups
[2011.11.08 17:01:45 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Gerca\Plocha\HiJackThis.exe
[2011.11.08 15:54:22 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Gerca\Recent
[2011.10.30 18:44:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gerca\Dokumenty\Hudba
[2011.10.28 10:17:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Gerca\Dokumenty\Bluetooth Exchange Folder
[2008.11.13 16:39:37 | 000,176,128 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2008.11.13 16:39:32 | 000,180,224 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2011.11.08 19:01:11 | 000,000,254 | ---- | M] () -- C:\WINDOWS\tasks\RMSchedule.job
[2011.11.08 19:00:04 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011.11.08 18:58:51 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Gerca\Plocha\OTL.exe
[2011.11.08 18:56:34 | 000,000,188 | ---- | M] () -- C:\Documents and Settings\Gerca\Plocha\internet.URL
[2011.11.08 18:30:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.11.08 18:29:39 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.11.08 18:29:34 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.11.08 18:29:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.11.08 18:29:18 | 2142,515,200 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.08 18:05:32 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011.11.08 17:51:49 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.11.08 17:20:00 | 000,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.11.08 17:09:44 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.11.08 17:08:59 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Gerca\Plocha\mbam-setup-1.51.2.1300.exe
[2011.11.08 17:01:45 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Gerca\Plocha\HiJackThis.exe
[2011.11.08 10:19:31 | 137,318,180 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011.11.04 18:15:25 | 000,000,402 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Gerca.job
[2011.11.01 17:25:23 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.10.30 16:18:55 | 000,432,690 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.10.30 16:18:55 | 000,429,262 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.10.30 16:18:55 | 000,078,250 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.10.30 16:18:55 | 000,067,646 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.10.27 08:55:43 | 000,232,448 | ---- | M] () -- C:\Documents and Settings\Gerca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.08 18:05:32 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.11.08 18:05:28 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.11.08 17:09:44 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.07.03 19:06:59 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010.10.16 08:21:37 | 000,037,336 | ---- | C] () -- C:\WINDOWS\System32\CleanMFT32.exe
[2010.08.29 19:03:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2010.03.03 11:41:12 | 000,000,010 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009.06.02 18:21:11 | 000,015,688 | ---- | C] () -- C:\WINDOWS\System32\lsdelete.exe
[2008.12.25 17:08:03 | 000,000,465 | ---- | C] () -- C:\Documents and Settings\Gerca\Data aplikací\NMM-MetaData.db
[2008.12.13 13:15:30 | 000,000,044 | ---- | C] () -- C:\WINDOWS\SMWizard.INI
[2008.12.07 12:44:55 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.11.24 13:05:39 | 000,232,448 | ---- | C] () -- C:\Documents and Settings\Gerca\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.11.22 16:20:56 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008.11.13 17:53:43 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008.11.13 17:30:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WinPM.INI
[2008.11.13 17:27:13 | 003,870,720 | ---- | C] () -- C:\WINDOWS\System32\qt-mt323.dll
[2008.11.13 17:27:13 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\WnASPI32.dll
[2008.11.13 17:07:17 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.11.13 17:06:11 | 000,266,208 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008.11.13 16:55:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008.11.13 16:48:23 | 000,001,723 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.11.13 16:45:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008.11.13 16:39:37 | 001,804,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2008.11.13 16:39:37 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2008.11.13 16:39:37 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2008.11.13 16:38:53 | 000,000,571 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.INI
[2008.11.13 16:30:53 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008.11.13 16:30:52 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008.11.13 16:30:52 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.11.13 16:30:52 | 000,168,883 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2008.11.13 16:17:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008.11.13 16:10:23 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.03.31 14:30:34 | 002,842,624 | ---- | C] () -- C:\WINDOWS\System32\btwicons.dll
[2008.01.18 08:33:29 | 000,003,584 | ---- | C] () -- C:\WINDOWS\System32\wceprv.dll
[2006.03.02 13:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.03.02 13:00:00 | 000,432,690 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.03.02 13:00:00 | 000,429,262 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2006.03.02 13:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.03.02 13:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2006.03.02 13:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.03.02 13:00:00 | 000,078,250 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2006.03.02 13:00:00 | 000,067,646 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.03.02 13:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.03.02 13:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2006.03.02 13:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.03.02 13:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.03.02 13:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.03.02 13:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,778,240 | ---- | C] () -- C:\WINDOWS\System32\DivXsm.exe
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 11:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\MMAVILNG.exe
[2002.05.28 19:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002.05.28 19:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.11.14 13:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll

========== LOP Check ==========

[2008.11.13 16:50:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2008.11.13 17:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2011.09.18 13:15:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG Security Toolbar
[2010.12.09 12:58:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG10
[2010.12.09 12:57:35 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.10.22 18:57:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easybits GO
[2009.09.22 10:14:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2008.12.25 17:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Installations
[2010.12.17 10:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\IObit
[2011.05.22 09:04:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2008.12.29 11:26:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2009.02.13 12:44:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2011.11.08 19:01:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2009.06.02 17:55:26 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\{83C91755-2546-441D-AC40-9A6B4B860800}
[2008.11.14 15:08:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\ACD Systems
[2008.11.22 16:43:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\Artogon
[2010.12.09 12:58:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\AVG10
[2011.06.12 18:10:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\go
[2010.02.03 08:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\ICQ
[2010.12.17 10:57:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\IObit
[2011.01.22 08:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\Nokia
[2008.12.29 11:34:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\Nokia Multimedia Player
[2008.12.29 11:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\PC Suite
[2011.11.08 19:01:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\Registry Mechanic
[2011.10.23 08:59:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Gerca\Data aplikací\SFBot
[2008.11.13 17:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Acronis
[2011.11.08 19:00:04 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2011.11.08 19:01:11 | 000,000,254 | ---- | M] () -- C:\WINDOWS\Tasks\RMSchedule.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/Opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 129 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D1B5B4F1

:Services

:Files
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.3.1&q="
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-1.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-10.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-11.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-12.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-13.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-14.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-15.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-16.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-17.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-18.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-19.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-2.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-20.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-21.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-22.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-23.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-24.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-3.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-4.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-5.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-6.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-7.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-8.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin-9.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.gif
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.src
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\icqplugin.xml
C:\Documents and Settings\Gerca\Data aplikací\Mozilla\Firefox\Profiles\e4i6fszw.default\searchplugins\sweetim.xml
C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
C:\WINDOWS\System32\d3d8caps.dat
C:\WINDOWS\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\system32\SET*.tmp
C:\Recycler
C:\$RECYCLE.BIN
C:\RECYCLER
C:\Windows\tasks\*.job

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

:Commands
[purity]
[emptytemp]
[emptyflash]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.