Kontrola Logu - službu centrum zabezpečení windows nejde zap

Zpráva

ballanc · #1 Příspěvek od **ballanc** » 28 kvě 2013 10:57

Dobrý den,

Rád bych vás požádal o zkontrolování mého logu.
Počítač se začíná chovat trochu nestandartně - nejde zapnout zabezpečení windows, mozilla nechce načíst stránky. Každý den při vypínání počítače se stahují aktualizace windows.
Předem děkuji za pomoc

Logfile of random's system information tool 1.09 (written by random/random)
Run by František at 2013-05-28 11:51:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (16%) free of 100 GB
Total RAM: 3582 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:52:22, on 28.5.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\vsnp2std.exe
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\František\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
D:\System\program files\post_it\PsnLite.exe
C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
D:\System\PROGRA~1\post_it\PSNGive.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\svchost.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
D:\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\msaccess.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\František.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid=&mid=&lang ... &v=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [KiesPDLR] D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [KiesHelper] D:\System\program files\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [Google Update] "C:\Users\František\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
O4 - HKCU\..\Run: [{7765C81C-AA3A-CA33-8C53-5FE214C41B28}] C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe
O4 - HKCU\..\Policies\Explorer\Run: [APN PIP] C:\Users\František\AppData\Roaming\rwvteucb\gercrhfj.exe
O4 - Startup: Dropbox.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = D:\System\program files\post_it\PsnLite.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: brx - {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Common Files\BricsCad\BrxProtIE.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\System\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - D:\System\program files\wLite\wService.exe

--
End of file - 14612 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
atieclxx
/QuitInfo:0000000000000288;000000000000028C; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"D:\System\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
WLIDSvcM.exe 2252
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
/QuitInfo:0000000000000488;0000000000000418; /AddRef;
/QuitInfo:00000000000003CC;000000000000048C;
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
/loadhooks /Parent:0000000000000C2C
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Windows\vsnp2std.exe"
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE !hide Canon LBP5050
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Users\František\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
"C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"D:\System\program files\post_it\PsnLite.exe" -RegRun
"C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"D:\System\PROGRA~1\post_it\PSNGive.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{B35E22DF-BF69-44B5-B011-C5B9EDEB8EEF}
{A4E32241-49CB-49E9-AB1F-A83D158A38A2}
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2400.0.775657125\196994987" --supports-dual-gpus=false --gpu-vendor-id=0x1002 --gpu-device-id=0x9715 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.831.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2400.1.1066952677\967250189" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2400.2.1661744018\1643506271" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2400.3.455085140\397630888" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="2400.4.59423116\1368083593" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.5.1527227947\183737335" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.6.294559797\2049029092" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.7.307011504\1628783597" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.8.75631265\1918193086" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.9.1453250387\538751474" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.10.594418475\1689327986" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.12.689069678\2036554453" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.13.1767024095\1021493705" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2400.14.1158301438\2011973788" --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.15.1043010378\171080878" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.16.1488445346\744968375" /prefetch:673131151
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.17.1382099888\1914774162" /prefetch:673131151
"D:\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files (x86)\Microsoft Office\OFFICE11\msaccess.exe" "C:\Program Files\Vario12\AltusVario.mdb" /NoStartup /Wrkgrp "C:\Program Files\Vario12\Data\Vario.mdw" /User ballanc /Pwd BBS /Profile "Vario12" /Excl /Cmd /pwd BBS /Modul
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bb6ce743-1207-490f-af8f-b32eb01cb5fc -SystemEventPortName:HostProcess-be8e5ae0-97d8-484e-a00a-e1c6e986d1e2 -IoCancelEventPortName:HostProcess-658531c4-68b6-4891-ad39-5c1d459f6af1 -NonStateChangingEventPortName:HostProcess-a0394818-ff17-4c96-9158-37206900d3d3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3a3972d3-f61c-4e7e-b1e1-01386eb4527b -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
"C:\Users\František\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_1/DefaultControl/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxSearchSuggestTrialStarted2013Q1/13/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadDisabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/SpdyCwnd/cwndMin10/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_77/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --channel="2400.26.714097291\1194416260" /prefetch:673131151
"D:\stažené soubory\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670680469-1364093197-1783861760-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670680469-1364093197-1783861760-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670680469-1364093197-1783861760-1006Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2670680469-1364093197-1783861760-1006UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default

prefs.js - "browser.startup.homepage" - "http://www.ballanc.cz"
prefs.js - "extensions.enabledItems" - "DTToolbar@toolbarnet.com:1.1.2.0185, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {4D144BC3-23FB-47de-90C5-63CCB0139CCF}:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, plugin2@gameplaylabs.com:2.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669]
"Description"=12.0.1.669
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\components\
nppl3260.xpt
nsjsrealplayerplugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppl3260.dll
nprjplug.dll
nprpjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
mall-cz.xml

C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\extensions\
2020Player_IKEA@2020Technologies.com
DTToolbar@toolbarnet.com
plugin2@gameplaylabs.com
{4D144BC3-23FB-47de-90C5-63CCB0139CCF}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-10-24 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-04 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll [2013-05-21 1991344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-04 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Lištička - C:\Program Files (x86)\Seznam.cz\listicka.dll [2011-09-27 2080800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-05 1582912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05 988480]
{1EA00BE1-6E54-4E2A-8099-680300BF23E1} - Nástroje Lištičky - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll [2011-09-27 188960]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll [2013-05-21 1991344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-06 10144288]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2010-09-23 391144]
"snp2std"=C:\Windows\vsnp2std.exe [2006-09-15 675840]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2007-09-05 406944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-02 500208]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"KiesPDLR"=D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]
"KiesHelper"=D:\System\program files\Kies\KiesHelper.exe [2011-08-01 958352]
"Google Update"=C:\Users\František\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-12 136176]
"ManyCam"=C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2013-02-12 5402960]
"{7765C81C-AA3A-CA33-8C53-5FE214C41B28}"=C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe [2013-02-03 226072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"APN PIP"=C:\Users\František\AppData\Roaming\rwvteucb\gercrhfj.exe [2010-11-20 44312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-02 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
D:\System\program files\Kies\KiesHelper.exe [2011-08-01 958352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-08-01 20880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\System\program files\Kies\KiesTrayAgent.exe [2011-08-01 3507088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
D:\System\program files\Nokia\Nokia PC Suite 7\PCSuite.exe [2011-06-16 1500160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2010-09-02 2536752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Total CMA Pack]
D:\System\program files\Total CMA Pack\Total CMA Pack.exe [2009-09-01 43255]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-09-23 5502312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^František^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 336384]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-05-21 1226928]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-10-24 273528]
"iSkysoft Helper Compact.exe"=C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2012-02-28 1667072]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
Post-it® Software Notes Lite.lnk - D:\System\program files\post_it\PsnLite.exe

C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-05-23 247296]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - Notepad.exe '%1'
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-05-28 11:01:02 ----D---- C:\Users\František\AppData\Roaming\Nipiag
2013-05-28 11:01:02 ----D---- C:\Users\František\AppData\Roaming\Ann
2013-05-24 16:59:59 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-05-24 16:59:58 ----A---- C:\Windows\system32\ieui.dll
2013-05-24 16:59:58 ----A---- C:\Windows\system32\ie4uinit.exe
2013-05-24 16:59:56 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-05-24 16:59:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-05-24 16:59:56 ----A---- C:\Windows\system32\iesetup.dll
2013-05-24 16:59:56 ----A---- C:\Windows\system32\iernonce.dll
2013-05-24 16:59:55 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-05-24 16:59:55 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-05-24 16:59:55 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-05-24 16:59:55 ----A---- C:\Windows\system32\iesysprep.dll
2013-05-24 16:59:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-05-24 16:59:54 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-05-24 16:59:54 ----A---- C:\Windows\system32\msfeeds.dll
2013-05-24 16:59:53 ----A---- C:\Windows\system32\iertutil.dll
2013-05-24 16:59:52 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-05-24 16:59:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-05-24 16:59:51 ----A---- C:\Windows\system32\urlmon.dll
2013-05-24 16:59:51 ----A---- C:\Windows\system32\jscript.dll
2013-05-24 16:59:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-05-24 16:59:49 ----A---- C:\Windows\system32\jscript9.dll
2013-05-24 16:59:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-05-24 16:59:47 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-05-24 16:59:47 ----A---- C:\Windows\system32\jsproxy.dll
2013-05-24 16:59:46 ----A---- C:\Windows\system32\wininet.dll
2013-05-24 16:59:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-05-24 16:59:42 ----A---- C:\Windows\system32\mshtml.dll
2013-05-24 16:59:41 ----A---- C:\Windows\system32\ieframe.dll
2013-05-24 16:59:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-05-24 12:13:26 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-05-24 11:40:28 ----D---- C:\Program Files (x86)\Seagate
2013-05-23 17:21:22 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-05-23 17:21:22 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-05-23 17:21:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-05-23 17:21:22 ----A---- C:\Windows\system32\elshyph.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-05-23 17:21:21 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\url.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-05-23 17:21:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-05-23 17:21:20 ----A---- C:\Windows\system32\msrating.dll
2013-05-23 17:21:20 ----A---- C:\Windows\system32\msls31.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\wextract.exe
2013-05-23 17:21:19 ----A---- C:\Windows\system32\webcheck.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\vbscript.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\url.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\pngfilt.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\occache.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\mshtmled.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\mshta.exe
2013-05-23 17:21:19 ----A---- C:\Windows\system32\licmgr10.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\inseng.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\imgutil.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\iexpress.exe
2013-05-23 17:21:19 ----A---- C:\Windows\system32\ieUnatt.exe
2013-05-23 17:21:19 ----A---- C:\Windows\system32\iedkcs32.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\ieapfltr.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\ieapfltr.dat
2013-05-23 17:21:19 ----A---- C:\Windows\system32\icardie.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\dxtrans.dll
2013-05-23 17:21:19 ----A---- C:\Windows\system32\dxtmsft.dll
2013-05-23 17:21:18 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-05-23 17:21:18 ----A---- C:\Windows\system32\mshtmler.dll
2013-05-23 17:21:18 ----A---- C:\Windows\system32\msfeedssync.exe
2013-05-23 17:21:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-05-23 17:21:18 ----A---- C:\Windows\system32\iepeers.dll
2013-05-23 17:21:18 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-05-17 10:03:45 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-05-17 10:03:45 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-05-17 10:03:45 ----A---- C:\Windows\SYSWOW64\java.exe
2013-05-15 15:17:04 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 15:17:04 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 15:17:04 ----A---- C:\Windows\system32\cdd.dll
2013-05-15 15:17:01 ----A---- C:\Windows\system32\shell32.dll
2013-05-15 15:17:00 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-05-15 15:17:00 ----A---- C:\Windows\system32\shdocvw.dll
2013-05-15 15:17:00 ----A---- C:\Windows\system32\consent.exe
2013-05-15 15:17:00 ----A---- C:\Windows\system32\authui.dll
2013-05-15 15:16:59 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-05-15 15:16:59 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-05-15 15:16:59 ----A---- C:\Windows\system32\appinfo.dll
2013-05-15 15:16:53 ----A---- C:\Windows\system32\wwansvc.dll
2013-05-15 15:16:53 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-05-15 15:16:50 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2013-05-28 11:52:34 ----D---- C:\Windows\temp
2013-05-28 11:51:58 ----D---- C:\Program Files\trend micro
2013-05-28 11:33:23 ----D---- C:\Windows\System32
2013-05-28 11:33:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-05-28 11:33:22 ----D---- C:\Windows\inf
2013-05-28 11:25:02 ----D---- C:\Program Files\Vario12
2013-05-28 11:06:52 ----D---- C:\Users\František\AppData\Roaming\Dropbox
2013-05-28 11:01:49 ----SD---- C:\Users\František\AppData\Roaming\Microsoft
2013-05-28 11:01:18 ----D---- C:\Windows\system32\config
2013-05-28 09:27:39 ----D---- C:\Windows\system32\Tasks
2013-05-28 09:00:48 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-27 17:11:42 ----SHD---- C:\Windows\Installer
2013-05-27 17:11:29 ----D---- C:\Windows\SysWOW64
2013-05-27 17:11:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-05-27 17:11:07 ----RSD---- C:\Windows\assembly
2013-05-27 17:09:18 ----D---- C:\Windows\Microsoft.NET
2013-05-27 17:01:10 ----SHD---- C:\System Volume Information
2013-05-27 10:02:22 ----RD---- C:\Program Files (x86)
2013-05-25 09:07:01 ----D---- C:\Windows\winsxs
2013-05-25 09:06:13 ----D---- C:\Program Files\Internet Explorer
2013-05-25 09:06:13 ----D---- C:\Program Files (x86)\Internet Explorer
2013-05-24 17:00:33 ----D---- C:\Windows\system32\catroot2
2013-05-24 17:00:33 ----D---- C:\Windows\system32\catroot
2013-05-24 09:14:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-05-24 09:14:36 ----D---- C:\Windows\system32\cs-CZ
2013-05-24 09:14:33 ----D---- C:\Windows\SYSWOW64\migration
2013-05-24 09:14:31 ----D---- C:\Windows\SYSWOW64\en-US
2013-05-24 09:14:30 ----D---- C:\Windows\system32\migration
2013-05-24 09:14:30 ----D---- C:\Windows\PolicyDefinitions
2013-05-24 09:14:29 ----D---- C:\Windows\system32\en-US
2013-05-23 17:25:20 ----D---- C:\Windows\Logs
2013-05-23 17:19:44 ----D---- C:\Windows
2013-05-21 11:01:16 ----D---- C:\Program Files (x86)\AVG Secure Search
2013-05-17 10:03:57 ----D---- C:\Program Files (x86)\Common Files
2013-05-17 10:03:45 ----D---- C:\Program Files (x86)\Java
2013-05-16 09:10:04 ----D---- C:\Windows\system32\drivers
2013-05-16 09:10:01 ----D---- C:\Windows\AppPatch
2013-05-15 17:17:51 ----D---- C:\ProgramData\Microsoft Help
2013-05-15 17:12:47 ----A---- C:\Windows\system32\MRT.exe
2013-05-15 12:58:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-05-06 11:40:15 ----D---- C:\ProgramData\Adobe
2013-05-03 09:07:39 ----D---- C:\Windows\Tasks
2013-05-02 17:29:56 ----N---- C:\Windows\system32\MpSigStub.exe
2013-04-30 15:03:07 ----D---- C:\Users\František\AppData\Roaming\AIMP3

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2011-01-03 277088]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-27 834544]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273); C:\Windows\system32\DRIVERS\tdrpm273.sys [2011-01-03 1263200]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2011-01-03 970336]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2011-01-03 279136]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 9258496]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-09 300544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2337440]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-01-27 231328]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-02 187392]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys [2006-11-08 12296704]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2010-10-05 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2010-10-05 16168]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328]
S3 AODDriver4.0;AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2011-07-20 95416]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-06-11 25640]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-05-18 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-05-18 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2011-07-20 203320]
S3 tbhsd;Audials Sound Capturing; C:\Windows\system32\drivers\tbhsd.sys [2012-11-06 47240]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-05-18 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-05-18 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 154256]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2010-12-22 43792]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
S3 wacmoumonitor;Wacom Mode Helper; C:\Windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 18288]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:\Windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-12-19 29288]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2010-09-23 1079376]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-01-03 3975088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-09 203776]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-09 365568]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 PnkBstrA;PunkBuster; D:\System\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 136176]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-24 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-19 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 28 kvě 2013 11:04

Zdravim a pekne poledne preji

Vsak tam mate taky celou zoo i s babkou pokladni

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ballanc · #3 Příspěvek od **ballanc** » 28 kvě 2013 11:32

log s RKILL
ted mám tedy projet combofixem ano?

Rkill 2.5.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 05/28/2013 12:28:53 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe (PID: 3372) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Centrum zabezpečení (wscsvc) is not Running.
Startup Type set to: Disabled

* Windows Update (wuauserv) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91

20 out of 22 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 05/28/2013 12:30:20 PM
Execution time: 0 hours(s), 1 minute(s), and 27 seconds(s)

#4 Příspěvek od **vyosek** » 28 kvě 2013 11:39

Ano, pustte tam ComboFix

ballanc · #5 Příspěvek od **ballanc** » 28 kvě 2013 12:00

Log s combofixu

ComboFix 13-05-28.01 - František 28.05.2013 12:42:52.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3582.2270 [GMT 2:00]
Spuštěný z: c:\users\FrantiÜek\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\FRANTI~1\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\users\František\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-28 do 2013-05-28 )))))))))))))))))))))))))))))))
.
.
2013-05-28 10:49 . 2013-05-28 10:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-05-28 10:49 . 2013-05-28 10:49 -------- d-----w- c:\users\Jožka\AppData\Local\temp
2013-05-28 10:49 . 2013-05-28 10:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-28 09:01 . 2013-05-28 09:16 -------- d-----w- c:\users\František\AppData\Roaming\Ann
2013-05-28 09:01 . 2013-05-28 09:01 -------- d-----w- c:\users\František\AppData\Roaming\Nipiag
2013-05-27 07:18 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D1027ECB-89A9-4AA8-8A61-E7376993D8D8}\mpengine.dll
2013-05-24 09:40 . 2013-05-24 09:40 -------- d-----w- c:\program files (x86)\Seagate
2013-05-24 07:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-22 07:13 . 2013-05-22 07:12 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6A933565-0B1D-40CD-8299-612E28BD3FE6}\gapaengine.dll
2013-05-17 08:03 . 2013-05-17 08:03 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-05-17 08:03 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-16 07:13 . 2013-05-16 07:13 -------- d-----r- c:\users\František\Links
2013-05-16 07:13 . 2013-05-28 10:27 -------- d-----r- c:\users\František\Downloads
2013-05-15 13:17 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 13:17 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 13:17 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-15 13:17 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-15 13:17 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-15 13:17 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-15 13:17 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-15 13:16 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 13:16 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-15 13:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 13:16 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 13:16 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-21 09:01 . 2012-09-04 07:04 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-05-15 15:12 . 2010-12-19 21:05 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-15 10:58 . 2012-04-11 07:02 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 10:58 . 2011-10-01 08:53 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-14 07:04 . 2012-07-17 13:37 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-12-19 20:15 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-24 07:36 . 2011-03-25 08:12 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-04-13 05:49 . 2013-05-15 13:17 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 13:17 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 13:17 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 13:17 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 13:17 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:17 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 07:32 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-08 08:11 . 2012-09-05 08:27 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-08 08:11 . 2010-12-29 15:32 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-03-19 06:04 . 2013-04-11 07:29 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-11 07:29 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-11 07:29 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-11 07:29 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-11 07:29 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-11 07:29 112640 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-05-21 09:01 1991344 ----a-w- c:\program files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files (x86)\Seznam.cz\toolbar\toolbar.dll" [2011-09-27 188960]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll" [2013-05-21 1991344]
.
[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-31 10:36 220632 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-31 10:36 220632 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-31 10:36 220632 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPDLR"="d:\system\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-08-01 20880]
"KiesHelper"="d:\system\program files\Kies\KiesHelper.exe" [2011-08-01 958352]
"ManyCam"="c:\program files (x86)\ManyCam\Bin\ManyCam.exe" [2013-02-12 5402960]
"{7765C81C-AA3A-CA33-8C53-5FE214C41B28}"="c:\users\František\AppData\Roaming\Nipiag\ymkoapi.exe" [2013-02-03 226072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-08 336384]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-05-21 1226928]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-10-24 273528]
"iSkysoft Helper Compact.exe"="c:\program files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe" [2012-02-28 1667072]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\users\Jožka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
c:\users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
Post-it® Software Notes Lite.lnk - d:\system\program files\post_it\PsnLite.exe [2004-10-15 2080768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2011-07-20 95416]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2011-07-20 203320]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 154256]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2010-12-22 43792]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 18288]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-19 1255736]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [2011-12-19 29288]
R3 wxpSvc;webcamXP Service;d:\system\program files\wLite\wService.exe [2009-06-27 3567616]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-27 834544]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [2011-01-03 1263200]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-05-21 45856]
S2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-01-03 3975088]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-03-09 203776]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-03-08 365568]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-13 5790064]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-13 487280]
S2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [2013-05-21 1015984]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-01-03 279136]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-10-11 44928]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2013-01-31 28160]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 10:58]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 14:46]
.
2013-05-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-30 14:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-31 10:36 244696 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-31 10:36 244696 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-31 10:36 244696 ----a-w- c:\users\František\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\František\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
"Služba Acronis Scheduler2"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2010-09-23 391144]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE" [2007-09-05 406944]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-02 500208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://isearch.avg.com/?cid=&mid=&lang ... &v=&sap=hp
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files (x86)\Seznam.cz\listicka.dll
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.ballanc.cz
FF - ExtSQL: !HIDDEN! 2012-01-16 16:44; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\program files (x86)\Seznam.cz\firefox
FF - ExtSQL: !HIDDEN! 2012-01-16 16:44; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\program files (x86)\Seznam.cz\firefox
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
------- Asociace souborů -------
.
.scr=Icad.load.scr
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\wxpSvc]
"ImagePath"="d:\system\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\system\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
c:\windows\system32\spool\DRIVERS\x64\3\CNAC8SWK.EXE
c:\users\Frantic:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
c:\users\Frantic:\program files (x86)\AVG Secure Search\vprot.exe
d:\system\PROGRA~1\post_it\PSNGive.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2013-05-28 12:58:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-28 10:58
ComboFix2.txt 2012-03-01 12:26
ComboFix3.txt 2012-03-01 10:06
ComboFix4.txt 2012-02-29 15:50
.
Před spuštěním: Volných bajtů: 18 090 971 136
Po spuštění: Volných bajtů: 24 308 985 856
.
- - End Of File - - FBBBAEC3BEA1EAB17CCB408A763117BE

#6 Příspěvek od **vyosek** » 28 kvě 2013 12:08

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

ballanc · #7 Příspěvek od **ballanc** » 28 kvě 2013 12:13

# AdwCleaner v2.301 - Log vytvooen 28/05/2013 v 13:12:40
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : František - FRANTISEK
# Spuštin systém : Normální
# Spuštino z : C:\Users\František\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Ask.com
Složka Nalezeno : C:\Program Files (x86)\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\DAEMON Tools Toolbar
Složka Nalezeno : C:\ProgramData\APN
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\Users\František\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\František\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\extensions\DTToolbar@toolbarnet.com
Složka Nalezeno : C:\Users\František\AppData\Roaming\yourfiledownloader
Složka Nalezeno : C:\Users\Jožka\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\Jožka\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\Jožka\AppData\Roaming\Mozilla\Firefox\Profiles\jris8brm.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
Složka Nalezeno : C:\Users\Jožka\AppData\Roaming\SimilarSites
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Hodnota Nalezeno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\GamePlayLabs
Klíe Nalezeno : HKCU\Software\IGearSettings
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\YourFileDownloader
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\Software\YourFileDownloader
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16576

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid=&mid=&lang=&ds=&pr=&d=&v=&sap=hp

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\prefs.js

Nalezeno : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1302187471");
Nalezeno : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Nalezeno : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1302187472");
Nalezeno : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1302187472");

Soubor : C:\Users\Jožka\AppData\Roaming\Mozilla\Firefox\Profiles\jris8brm.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v27.0.1453.94

Soubor : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Users\Jožka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [9367 octets] - [28/05/2013 13:11:59]
AdwCleaner[R2].txt - [9316 octets] - [28/05/2013 13:12:40]

########## EOF - C:\AdwCleaner[R2].txt - [9376 octets] ##########

#8 Příspěvek od **vyosek** » 28 kvě 2013 12:34

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Smazat
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

ballanc · #9 Příspěvek od **ballanc** » 28 kvě 2013 12:46

# AdwCleaner v2.301 - Log vytvooen 28/05/2013 v 13:36:37
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : František - FRANTISEK
# Spuštin systém : Normální
# Spuštino z : C:\Users\František\Desktop\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Ask.com
Složka Vymazáno : C:\Program Files (x86)\AVG Secure Search
Složka Vymazáno : C:\Program Files (x86)\DAEMON Tools Toolbar
Složka Vymazáno : C:\ProgramData\APN
Složka Vymazáno : C:\ProgramData\AVG Secure Search
Složka Vymazáno : C:\Users\František\AppData\Local\AVG Secure Search
Složka Vymazáno : C:\Users\František\AppData\LocalLow\AVG Secure Search
Složka Vymazáno : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\extensions\DTToolbar@toolbarnet.com
Složka Vymazáno : C:\Users\František\AppData\Roaming\yourfiledownloader
Složka Vymazáno : C:\Users\Jožka\AppData\Local\AVG Secure Search
Složka Vymazáno : C:\Users\Jožka\AppData\LocalLow\AVG Secure Search
Složka Vymazáno : C:\Users\Jožka\AppData\Roaming\Mozilla\Firefox\Profiles\jris8brm.default\extensions\{E71B541F-5E72-5555-A47C-E47863195841}
Složka Vymazáno : C:\Users\Jožka\AppData\Roaming\SimilarSites
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Vymazáno poi restartu : C:\Program Files (x86)\Common Files\AVG Secure Search

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Hodnota Vymazáno : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\GamePlayLabs
Klíe Vymazáno : HKCU\Software\IGearSettings
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\YourFileDownloader
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{65C994A2-C65A-4A20-BA92-AADAFC0DCE49}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Klíe Vymazáno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\14919ea49a8f3b4aa3cf1058d9a64cec
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Vymazáno : HKLM\Software\YourFileDownloader
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16576

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid=&mid=&lang=&ds=&pr=&d=&v=&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\prefs.js

C:\Users\František\AppData\Roaming\Mozilla\Firefox\Profiles\4r2khtfk.default\user.js ... Vymazáno !

Vymazáno : user_pref("extensions.plugin2@gameplaylabs.com.fr", "1302187471");
Vymazáno : user_pref("extensions.plugin2@gameplaylabs.com.ranonce", true);
Vymazáno : user_pref("extensions.plugin2@gameplaylabs.com.rule_/", "1302187472");
Vymazáno : user_pref("extensions.plugin2@gameplaylabs.com.rule_h", "1302187472");

Soubor : C:\Users\Jožka\AppData\Roaming\Mozilla\Firefox\Profiles\jris8brm.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v27.0.1453.94

Soubor : C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

Soubor : C:\Users\Jožka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [9367 octets] - [28/05/2013 13:11:59]
AdwCleaner[R2].txt - [9427 octets] - [28/05/2013 13:12:40]
AdwCleaner[S1].txt - [9363 octets] - [28/05/2013 13:36:37]

########## EOF - C:\AdwCleaner[S1].txt - [9423 octets] ##########

#10 Příspěvek od **vyosek** » 28 kvě 2013 12:53

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

ballanc · #11 Příspěvek od **ballanc** » 28 kvě 2013 13:44

takže tady jsou ty logy. OTL 1/2:

OTL logfile created on: 28.5.2013 14:04:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\František\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 55,02% Memory free
6,99 Gb Paging File | 4,58 Gb Available in Paging File | 65,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 22,85 Gb Free Space | 23,43% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 481,71 Gb Free Space | 57,77% Space Free | Partition Type: NTFS

Computer Name: FRANTISEK | User Name: František | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2013.05.28 14:00:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\František\Desktop\OTL.exe
PRC - [2013.05.21 11:01:06 | 001,015,984 | ---- | M] (AVG Secure Search) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
PRC - [2013.05.16 12:20:21 | 000,389,016 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Thunderbird\thunderbird.exe
PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013.02.12 10:35:36 | 005,402,960 | ---- | M] (ManyCam LLC) -- C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
PRC - [2013.02.05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013.02.03 07:10:16 | 000,226,072 | ---- | M] (Hilgraeve, Inc.) -- C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe
PRC - [2011.10.24 09:12:27 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2011.08.01 05:32:20 | 000,020,880 | ---- | M] () -- D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2011.03.21 13:19:36 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2011.01.03 12:28:05 | 003,975,088 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2010.09.23 16:59:56 | 000,391,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2007.08.15 09:49:26 | 000,063,040 | ---- | M] () -- D:\System\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
PRC - [2006.09.15 13:21:54 | 000,675,840 | ---- | M] (Sonix) -- C:\Windows\vsnp2std.exe
PRC - [2004.10.15 15:27:22 | 000,065,536 | ---- | M] (3M) -- D:\System\program files\post_it\PSNGive.exe
PRC - [2004.10.15 15:26:54 | 002,080,768 | ---- | M] (3M) -- D:\System\program files\post_it\PsnLite.exe

========== Modules (No Company Name) ==========

MOD - [2013.05.28 13:42:30 | 000,086,016 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMADA.tmp
MOD - [2013.05.28 13:42:30 | 000,086,016 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMA5B.tmp
MOD - [2013.05.28 13:42:29 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM757.tmp
MOD - [2013.05.28 13:42:29 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM68A.tmp
MOD - [2013.05.28 13:42:29 | 000,086,016 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM9DC.tmp
MOD - [2013.05.28 13:42:29 | 000,086,016 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM99C.tmp
MOD - [2013.05.28 13:42:28 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM57F.tmp
MOD - [2013.05.28 13:42:28 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM4B2.tmp
MOD - [2013.05.28 13:42:28 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM3A7.tmp
MOD - [2013.05.28 13:42:28 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM25D.tmp
MOD - [2013.05.28 13:42:27 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMFF3B.tmp
MOD - [2013.05.28 13:42:27 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM8.tmp
MOD - [2013.05.28 13:42:27 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEM104.tmp
MOD - [2013.05.28 13:42:26 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMFD65.tmp
MOD - [2013.05.28 13:42:26 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMFC89.tmp
MOD - [2013.05.28 13:42:26 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMFB01.tmp
MOD - [2013.05.28 13:42:25 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF9F6.tmp
MOD - [2013.05.28 13:42:25 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF929.tmp
MOD - [2013.05.28 13:42:25 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF85C.tmp
MOD - [2013.05.28 13:42:25 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF7BE.tmp
MOD - [2013.05.28 13:42:25 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF6D2.tmp
MOD - [2013.05.28 13:42:24 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF605.tmp
MOD - [2013.05.28 13:42:24 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF50A.tmp
MOD - [2013.05.28 13:42:24 | 000,120,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF41D.tmp
MOD - [2013.05.28 13:42:24 | 000,072,192 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF312.tmp
MOD - [2013.05.28 13:42:24 | 000,072,192 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF2C2.tmp
MOD - [2013.05.28 13:42:23 | 000,072,704 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF0EC.tmp
MOD - [2013.05.28 13:42:23 | 000,072,192 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMF0BB.tmp
MOD - [2013.05.28 13:42:23 | 000,064,000 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEF10.tmp
MOD - [2013.05.28 13:42:23 | 000,057,344 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEFFE.tmp
MOD - [2013.05.28 13:42:23 | 000,053,760 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEFAE.tmp
MOD - [2013.05.28 13:42:22 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEC7A.tmp
MOD - [2013.05.28 13:42:22 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEC3A.tmp
MOD - [2013.05.28 13:42:22 | 000,056,320 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEB4E.tmp
MOD - [2013.05.28 13:42:22 | 000,053,760 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMED1A.tmp
MOD - [2013.05.28 13:42:22 | 000,033,792 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\YTMP7MC8AA\TAAEC7B.tmp
MOD - [2013.05.28 13:42:21 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEAC0.tmp
MOD - [2013.05.28 13:42:21 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMEA31.tmp
MOD - [2013.05.28 13:42:21 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME9C2.tmp
MOD - [2013.05.28 13:42:21 | 000,056,832 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME8A7.tmp
MOD - [2013.05.28 13:42:20 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME599.tmp
MOD - [2013.05.28 13:42:20 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME4AD.tmp
MOD - [2013.05.28 13:42:20 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME45D.tmp
MOD - [2013.05.28 13:42:20 | 000,068,608 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME390.tmp
MOD - [2013.05.28 13:42:19 | 000,056,320 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMDF29.tmp
MOD - [2013.05.28 13:42:19 | 000,055,296 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEME17C.tmp
MOD - [2013.05.28 13:42:18 | 000,075,776 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\XTMP1MC3VE\DEMDEE9.tmp
MOD - [2013.05.28 12:53:26 | 000,115,137 | ---- | M] () -- C:\Users\František\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
MOD - [2013.05.23 07:44:07 | 000,393,168 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
MOD - [2013.05.23 07:44:06 | 013,136,336 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
MOD - [2013.05.23 07:43:59 | 004,051,408 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013.05.23 07:43:06 | 000,599,504 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\libglesv2.dll
MOD - [2013.05.23 07:43:05 | 000,124,368 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\libegl.dll
MOD - [2013.05.23 07:43:03 | 001,597,392 | ---- | M] () -- C:\Users\František\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2013.05.16 12:20:22 | 002,244,504 | ---- | M] () -- D:\Mozilla Thunderbird\mozjs.dll
MOD - [2013.05.16 12:20:22 | 000,158,104 | ---- | M] () -- D:\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013.05.16 12:20:22 | 000,022,424 | ---- | M] () -- D:\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2013.05.15 17:12:43 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013.05.15 17:12:32 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013.05.15 17:12:28 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll
MOD - [2013.05.15 17:12:27 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013.05.15 17:12:24 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013.03.28 18:20:03 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013.03.28 18:19:48 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll
MOD - [2013.03.28 18:19:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013.03.28 18:19:11 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013.03.28 18:19:06 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2013.02.12 10:31:06 | 002,010,624 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
MOD - [2013.02.12 10:31:06 | 001,241,088 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
MOD - [2013.02.12 10:31:06 | 000,775,680 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
MOD - [2013.02.12 10:31:06 | 000,241,152 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
MOD - [2013.02.12 10:31:06 | 000,201,216 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
MOD - [2011.08.01 05:32:20 | 000,020,880 | ---- | M] () -- D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe

========== Services (SafeList) ==========

SRV:64bit: - [2013.01.27 12:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013.01.27 12:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011.03.09 06:53:04 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.03.09 01:06:44 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.10.13 12:41:06 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2010.10.13 12:41:04 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013.05.24 12:14:06 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.21 11:01:06 | 001,015,984 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe -- (vToolbarUpdater15.2.0)
SRV - [2013.05.15 12:58:19 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2012.11.09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.01.03 12:28:05 | 003,975,088 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.09.23 17:03:46 | 001,079,376 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.06.27 15:10:18 | 003,567,616 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- D:\System\program files\wLite\wService.exe -- (wxpSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.08.15 09:49:26 | 000,063,040 | ---- | M] () [Auto | Running] -- D:\System\program files\Medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe -- (PnkBstrA)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2013.05.21 11:01:08 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.01.31 11:50:58 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)
DRV:64bit: - [2013.01.20 16:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.11.06 15:18:52 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012.10.11 05:08:10 | 000,044,928 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)
DRV:64bit: - [2012.09.12 16:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.19 16:41:32 | 000,029,288 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)
DRV:64bit: - [2011.07.20 09:46:06 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2011.07.20 09:46:06 | 000,095,416 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011.06.02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.06.02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.06.02 07:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.06.02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.05.18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.18 10:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.09 11:22:42 | 009,258,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.09 06:17:42 | 000,300,544 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.01.03 12:28:07 | 000,279,136 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011.01.03 12:28:02 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm273.sys -- (tdrpman273)
DRV:64bit: - [2011.01.03 12:28:01 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011.01.03 12:27:55 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.12.27 17:26:16 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.12.22 16:08:50 | 000,154,256 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.11.20 15:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010.11.20 15:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010.11.20 13:35:24 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2010.11.20 13:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.05 14:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010.10.05 14:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010.10.05 14:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.01.27 05:05:00 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2006.11.08 14:58:30 | 012,296,704 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2011.06.11 09:46:34 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.11.08 14:57:50 | 012,006,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2001.05.24 11:42:40 | 000,021,504 | R--- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.DLL -- (Winsock)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes\{0f2a8b9a-f56d-495a-9ab3-ff9b084ec63e}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_7436
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes\{33908724-6691-4cc7-8842-5821778650d6}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_7436
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes\{72044a08-734a-447a-a064-52c6fd029a0a}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... earch_7436
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\SearchScopes\{d9c01901-7b0f-47b2-b9fd-ca6f3473368f}: "URL" = http://www.firmy.cz/phr/{searchTerms}?s ... earch_7436
IE - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.ballanc.cz"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {4D144BC3-23FB-47de-90C5-63CCB0139CCF}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: plugin2@gameplaylabs.com:2.0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\František\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\František\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.10.11 12:04:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files (x86)\Seznam.cz\firefox [2012.01.16 17:44:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.24 12:14:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.24 12:13:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: D:\Mozilla Thunderbird\components [2012.06.22 09:09:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: D:\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{ea614400-e918-4741-9a97-7a972ff7c30b}: C:\Program Files (x86)\Seznam.cz\firefox [2012.01.16 17:44:00 | 000,000,000 | ---D | M]

[2010.12.28 18:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\František\AppData\Roaming\mozilla\Extensions
[2010.12.28 18:05:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\František\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.05.28 13:37:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\František\AppData\Roaming\mozilla\Firefox\Profiles\4r2khtfk.default\extensions
[2011.01.13 13:16:56 | 000,000,000 | ---D | M] (TradeManager-Plugin) -- C:\Users\František\AppData\Roaming\mozilla\Firefox\Profiles\4r2khtfk.default\extensions\{4D144BC3-23FB-47de-90C5-63CCB0139CCF}
[2013.03.29 15:50:32 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\František\AppData\Roaming\mozilla\Firefox\Profiles\4r2khtfk.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.07.07 10:01:51 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\František\AppData\Roaming\mozilla\Firefox\Profiles\4r2khtfk.default\extensions\2020Player_IKEA@2020Technologies.com
[2011.04.07 16:44:25 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\František\AppData\Roaming\mozilla\Firefox\Profiles\4r2khtfk.default\extensions\plugin2@gameplaylabs.com
[2013.05.24 12:14:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.24 12:14:08 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.12.03 20:08:29 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Torch Share = C:\Users\František\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.3199_0\

O1 HOSTS File: ([2013.05.28 12:52:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..\Toolbar\WebBrowser: (Nástroje Lištičky) - {34AB3C4C-DA1A-4067-96F4-31452C7CFE65} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [CNAP2 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP2LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [snp2std] C:\Windows\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (iSkySoft)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000..\Run: [{7765C81C-AA3A-CA33-8C53-5FE214C41B28}] C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe (Hilgraeve, Inc.)
O4 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000..\Run: [KiesHelper] D:\System\program files\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000..\Run: [KiesPDLR] D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - Startup: C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Jožka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files (x86)\Seznam.cz\listicka.dll ()
O15 - HKLM\..Trusted Domains: mojebanka.cz ([*] https in Trusted sites)
O15 - HKU\S-1-5-21-2670680469-1364093197-1783861760-1000\..Trusted Domains: mojebanka.cz ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B43E4B44-30E9-41D0-A28D-141353024F69}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\brx - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\brx {9C160F90-74D1-11D3-AB60-0060977C1F29} - C:\Program Files (x86)\Common Files\BricsCad\BrxProtIE.dll (BricsCad)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.MP42 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\Windows\SysWow64\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.05.28 14:00:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\František\Desktop\OTL.exe
[2013.05.28 12:58:31 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.05.28 12:52:53 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.05.28 12:27:10 | 005,073,708 | R--- | C] (Swearware) -- C:\Users\František\Desktop\ComboFix.exe
[2013.05.28 12:24:43 | 001,796,736 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\František\Desktop\rkill.com
[2013.05.28 11:01:02 | 000,000,000 | ---D | C] -- C:\Users\František\AppData\Roaming\Nipiag
[2013.05.28 11:01:02 | 000,000,000 | ---D | C] -- C:\Users\František\AppData\Roaming\Ann
[2013.05.24 16:59:59 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.24 16:59:58 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.24 16:59:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.24 16:59:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.24 16:59:56 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.24 16:59:56 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.24 16:59:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.24 16:59:55 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.24 16:59:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.24 16:59:55 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.24 16:59:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.24 16:59:54 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.24 16:59:51 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.24 16:59:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.24 16:59:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.24 12:13:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.24 11:40:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
[2013.05.24 11:40:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2013.05.23 17:21:22 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.23 17:21:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.23 17:21:22 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.23 17:21:21 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.23 17:21:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.23 17:21:21 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.23 17:21:21 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.23 17:21:21 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.23 17:21:21 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.23 17:21:21 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.23 17:21:21 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.23 17:21:21 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.23 17:21:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.23 17:21:21 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.23 17:21:21 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.23 17:21:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.23 17:21:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.23 17:21:20 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.23 17:21:20 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.23 17:21:20 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.23 17:21:20 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.23 17:21:20 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.23 17:21:20 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.23 17:21:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.23 17:21:20 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.23 17:21:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.23 17:21:20 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.23 17:21:19 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.23 17:21:19 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.23 17:21:19 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.23 17:21:19 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.23 17:21:19 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.23 17:21:19 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.23 17:21:19 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.23 17:21:19 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.23 17:21:19 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.23 17:21:19 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.23 17:21:19 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.23 17:21:19 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.23 17:21:19 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.23 17:21:19 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.23 17:21:19 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.23 17:21:19 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.23 17:21:19 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.23 17:21:19 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.23 17:21:19 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.23 17:21:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.23 17:21:18 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.23 17:21:18 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.23 17:21:18 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.23 17:21:18 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.23 17:21:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.23 17:21:18 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

========== Files - Modified Within 7 Days ==========

[2013.05.28 14:07:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.05.28 14:00:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\František\Desktop\OTL.exe
[2013.05.28 13:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.28 13:48:18 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.28 13:48:18 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.28 13:40:34 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.28 13:39:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.28 13:39:24 | 2816,647,168 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.28 13:24:00 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.28 13:11:34 | 000,632,031 | ---- | M] () -- C:\Users\František\Desktop\adwcleaner.exe
[2013.05.28 12:52:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.05.28 12:27:27 | 005,073,708 | R--- | M] (Swearware) -- C:\Users\František\Desktop\ComboFix.exe
[2013.05.28 12:24:12 | 001,796,736 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\František\Desktop\rkill.com
[2013.05.28 11:33:23 | 001,587,330 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.28 11:33:23 | 000,671,976 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.05.28 11:33:23 | 000,656,136 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.28 11:33:23 | 000,142,560 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.05.28 11:33:23 | 000,123,008 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.27 17:11:29 | 001,569,252 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.27 15:28:10 | 000,000,132 | ---- | M] () -- C:\Users\František\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.05.27 15:23:19 | 000,000,132 | ---- | M] () -- C:\Users\František\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
[2013.05.24 11:40:30 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013.05.24 10:03:40 | 000,002,389 | ---- | M] () -- C:\Users\František\Desktop\Google Chrome.lnk
[2013.05.23 17:21:22 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.05.23 17:21:22 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.05.23 17:21:22 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.05.23 17:21:21 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.05.23 17:21:21 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.05.23 17:21:21 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.05.23 17:21:21 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.05.23 17:21:21 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.05.23 17:21:21 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.05.23 17:21:21 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.05.23 17:21:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.05.23 17:21:21 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.05.23 17:21:21 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.05.23 17:21:21 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.05.23 17:21:21 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.05.23 17:21:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.05.23 17:21:21 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.05.23 17:21:20 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.05.23 17:21:20 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.05.23 17:21:20 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.05.23 17:21:20 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.05.23 17:21:20 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.05.23 17:21:20 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.05.23 17:21:20 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.05.23 17:21:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.05.23 17:21:20 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.05.23 17:21:20 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.23 17:21:20 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.05.23 17:21:19 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.05.23 17:21:19 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.05.23 17:21:19 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.05.23 17:21:19 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.05.23 17:21:19 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.05.23 17:21:19 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.05.23 17:21:19 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.05.23 17:21:19 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.05.23 17:21:19 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.05.23 17:21:19 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.05.23 17:21:19 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.05.23 17:21:19 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.05.23 17:21:19 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.05.23 17:21:19 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.05.23 17:21:19 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.05.23 17:21:19 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.05.23 17:21:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.05.23 17:21:19 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.05.23 17:21:19 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.05.23 17:21:19 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.05.23 17:21:19 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.23 17:21:19 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.05.23 17:21:18 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.05.23 17:21:18 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.05.23 17:21:18 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.05.23 17:21:18 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.05.23 17:21:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

ballanc · #12 Příspěvek od **ballanc** » 28 kvě 2013 13:45

OTL 2/2:

========== Files Created - No Company Name ==========

[2013.05.28 14:07:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.05.28 13:11:34 | 000,632,031 | ---- | C] () -- C:\Users\František\Desktop\adwcleaner.exe
[2013.05.27 15:28:10 | 000,000,132 | ---- | C] () -- C:\Users\František\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
[2013.05.24 11:40:30 | 000,002,453 | ---- | C] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013.05.23 17:21:20 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.23 17:21:19 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.03.16 11:42:23 | 000,000,015 | ---- | C] () -- C:\Windows\OverlayXP.ini
[2012.02.29 17:28:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.02.29 17:28:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.02.29 17:28:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.02.29 17:28:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.02.29 17:28:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.01.19 12:58:20 | 000,001,480 | ---- | C] () -- C:\Users\František\AppData\Local\Adobe Uložit pro web 12.0 Prefs
[2011.08.09 09:50:23 | 000,000,644 | RHS- | C] () -- C:\Users\František\ntuser.pol
[2011.07.25 12:16:37 | 000,011,264 | ---- | C] () -- C:\Users\František\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.22 11:51:19 | 000,000,678 | ---- | C] () -- C:\Users\František\.jmf-resource
[2011.06.20 14:54:39 | 000,230,912 | R--- | C] () -- C:\Windows\SysWow64\Zipit.dll
[2011.06.20 14:54:38 | 004,677,632 | R--- | C] () -- C:\Windows\SysWow64\ri.dll
[2011.06.20 14:54:38 | 000,618,496 | R--- | C] () -- C:\Windows\SysWow64\stlpmt45.dll
[2011.06.20 14:54:38 | 000,618,496 | R--- | C] () -- C:\Windows\SysWow64\stlp45.dll
[2011.06.20 14:54:38 | 000,315,904 | R--- | C] () -- C:\Windows\SysWow64\glu.dll
[2011.06.20 14:54:38 | 000,172,032 | R--- | C] () -- C:\Windows\SysWow64\glut32.dll
[2011.06.20 14:54:38 | 000,147,456 | R--- | C] () -- C:\Windows\SysWow64\vc4_jpeg.dll
[2011.06.20 14:54:38 | 000,099,840 | R--- | C] ( ) -- C:\Windows\SysWow64\Zipdll.dll
[2011.06.20 14:54:38 | 000,098,304 | R--- | C] () -- C:\Windows\SysWow64\VC4_TIFF.dll
[2011.06.20 14:54:38 | 000,094,208 | R--- | C] ( ) -- C:\Windows\SysWow64\Unzdll.dll
[2011.06.20 14:54:38 | 000,090,112 | R--- | C] () -- C:\Windows\SysWow64\sdr.dll
[2011.06.20 14:54:38 | 000,084,992 | R--- | C] () -- C:\Windows\SysWow64\HASPVB32.DLL
[2011.06.20 14:54:38 | 000,040,720 | R--- | C] () -- C:\Windows\SysWow64\oledb32r.dll
[2011.06.20 14:54:38 | 000,033,280 | R--- | C] () -- C:\Windows\SysWow64\SP32W.DLL
[2011.06.20 14:54:38 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\bcbmm.dll
[2011.06.20 14:54:38 | 000,005,392 | R--- | C] () -- C:\Windows\SysWow64\oledb32x.dll
[2011.06.08 11:34:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2011.06.08 11:34:56 | 012,006,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2011.06.08 11:34:56 | 000,151,552 | ---- | C] ( ) -- C:\Windows\rsnp2std.dll
[2011.06.08 11:34:56 | 000,077,824 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp2std.dll
[2011.06.08 11:34:56 | 000,024,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2011.06.07 11:13:38 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.06.07 11:13:38 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.06.07 11:13:38 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.06.07 11:13:38 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.06.07 11:13:38 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.04.09 09:41:29 | 000,000,132 | ---- | C] () -- C:\Users\František\AppData\Roaming\Adobe Formát PNG CS5 – předvolby

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011.04.04 16:06:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\.winstrom
[2011.03.08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\3M
[2011.01.07 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Acronis
[2013.04.30 15:03:07 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\AIMP3
[2011.01.10 17:35:25 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\AMPSoft
[2013.05.28 11:16:21 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Ann
[2011.09.05 15:39:53 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Astroburn Lite
[2011.02.10 13:01:18 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\BlackBean
[2011.09.05 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Canneverbe Limited
[2011.04.06 10:39:42 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.03.28 15:00:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\CrazyPixels
[2011.01.03 12:22:51 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
[2013.05.28 13:42:00 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Dropbox
[2013.03.01 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\FileZilla
[2012.12.11 10:24:57 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\GLS Connect
[2013.02.05 14:31:47 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\HellSpy.cz Download Manager
[2013.04.02 09:23:51 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\iSpy
[2013.03.21 17:45:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\ManyCam
[2013.05.28 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Nipiag
[2011.07.20 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Nokia
[2011.01.31 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\OpenOffice.org
[2011.07.20 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\PC Suite
[2012.09.18 09:20:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Posta
[2011.01.10 17:49:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Proxima Software
[2010.11.20 14:18:02 | 000,000,000 | -HSD | M] -- C:\Users\František\AppData\Roaming\rwvteucb
[2011.07.20 14:19:50 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Samsung
[2011.05.17 15:19:42 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.22 11:30:06 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\TeamViewer
[2010.12.28 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Thunderbird
[2011.06.13 10:14:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Tracker Software
[2013.03.20 10:20:33 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Vimisoft Studio
[2012.01.04 14:13:44 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\XMedia Recode
[2012.06.04 13:46:56 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Zoner
[2011.07.26 13:56:58 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\3M
[2013.03.30 10:04:02 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\CrazyPixels
[2013.03.20 17:08:56 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\HellSpy.cz Download Manager
[2013.05.22 10:56:43 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\iSpy
[2013.03.22 10:12:20 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\ManyCam
[2011.07.26 14:00:37 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\OpenOffice.org
[2011.07.26 13:56:28 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\PC Suite
[2011.07.26 13:59:56 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\Thunderbird
[2012.01.31 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jožka\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,588 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.28 08:59:20 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.28 08:59:21 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.07.07 11:38:50 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011.06.21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010.06.14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013.01.04 07:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013.01.03 07:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012.08.22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2010.04.09 13:06:28 | 001,898,376 | ---- | M] (Microsoft Corporation) MD5=7FC877A25796D8ADF539E64703FCA7E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16569_none_0f2ca8c580036f65\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010.06.14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.06.21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2010.04.09 09:56:29 | 001,892,232 | ---- | M] (Microsoft Corporation) MD5=A9C0F786AC1F736891D05CE0A1D29DEB -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20687_none_0f9ea52499331463\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\ERDNT\cache64\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.01.03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013.01.04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011.06.21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.06.21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012.08.22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[23 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[5 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.02.29 17:26:03 | 004,422,703 | R--- | M] (Swearware) -- C:\ComboFix.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.04.04 16:06:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\.winstrom
[2011.03.08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\3M
[2011.01.07 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Acronis
[2011.04.28 10:42:50 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Adobe
[2011.05.17 15:19:42 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Adobe Mini Bridge CS5
[2013.04.30 15:03:07 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\AIMP3
[2011.01.10 17:35:25 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\AMPSoft
[2013.05.28 11:16:21 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Ann
[2011.09.05 15:39:53 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Astroburn Lite
[2010.12.19 22:23:51 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\ATI
[2011.02.10 13:01:18 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\BlackBean
[2011.09.05 14:40:19 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Canneverbe Limited
[2011.04.06 10:39:42 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.03.28 15:00:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\CrazyPixels
[2011.01.03 12:22:51 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\DAEMON Tools Lite
[2013.05.28 13:42:00 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Dropbox
[2013.03.01 18:24:25 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\FileZilla
[2012.12.11 10:24:57 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\GLS Connect
[2011.10.25 10:56:26 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\GRETECH
[2013.02.05 14:31:47 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\HellSpy.cz Download Manager
[2010.12.19 21:42:09 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Identities
[2011.09.05 16:05:49 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Intelli-studio
[2013.04.02 09:23:51 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\iSpy
[2010.12.19 22:13:48 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Macromedia
[2013.03.21 17:45:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\ManyCam
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Media Center Programs
[2011.06.08 15:30:27 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Media Player Classic
[2013.05.28 11:01:49 | 000,000,000 | --SD | M] -- C:\Users\František\AppData\Roaming\Microsoft
[2010.12.19 23:21:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Mozilla
[2013.03.18 16:54:52 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\NCH Software
[2011.01.03 13:15:39 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Nero
[2013.05.28 11:01:02 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Nipiag
[2011.07.20 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Nokia
[2011.01.31 12:45:12 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\OpenOffice.org
[2011.07.20 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\PC Suite
[2012.09.18 09:20:28 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Posta
[2011.01.10 17:49:22 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Proxima Software
[2011.09.27 13:50:39 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Real
[2010.11.20 14:18:02 | 000,000,000 | -HSD | M] -- C:\Users\František\AppData\Roaming\rwvteucb
[2011.07.20 14:19:50 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Samsung
[2013.02.28 18:10:04 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Skype
[2011.05.17 15:19:42 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.04.22 11:30:06 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\TeamViewer
[2010.12.28 18:03:01 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Thunderbird
[2011.06.13 10:14:13 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Tracker Software
[2013.03.20 10:20:33 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Vimisoft Studio
[2010.12.27 16:54:57 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\WinRAR
[2010.12.27 16:25:37 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\WTablet
[2012.01.04 14:13:44 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\XMedia Recode
[2012.06.04 13:46:56 | 000,000,000 | ---D | M] -- C:\Users\František\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\František\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2013.03.12 09:06:32 | 000,206,904 | ---- | M] (Dropbox, Inc.) -- C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\František\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\František\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2007.03.22 12:46:40 | 000,126,976 | ---- | M] () -- C:\Users\František\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2011.09.05 10:40:42 | 017,983,128 | ---- | M] () -- C:\Users\František\AppData\Roaming\Intelli-studio\iUpdate.exe
[2011.01.07 16:28:33 | 000,038,784 | ---- | M] () -- C:\Users\František\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.11.09 09:58:36 | 000,012,862 | R--- | M] () -- C:\Users\František\AppData\Roaming\Microsoft\Installer\{C5E92542-D7C0-4711-B979-BF1FA23A48E5}\_17617A4C202162D6D7A6DE.exe
[2012.11.09 09:58:36 | 000,012,862 | R--- | M] () -- C:\Users\František\AppData\Roaming\Microsoft\Installer\{C5E92542-D7C0-4711-B979-BF1FA23A48E5}\_6FEFF9B68218417F98F549.exe
[2012.11.09 09:58:36 | 000,012,862 | R--- | M] () -- C:\Users\František\AppData\Roaming\Microsoft\Installer\{C5E92542-D7C0-4711-B979-BF1FA23A48E5}\_DBEDBCD184EE07E7E9E561.exe
[2013.02.03 07:10:16 | 000,226,072 | ---- | M] (Hilgraeve, Inc.) -- C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe
[2012.09.22 09:47:10 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2012.12.27 10:18:59 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\temp\~Upg6\rnupgagent.exe
[2013.03.28 10:13:56 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\temp\~Upg8\rnupgagent.exe
[2013.03.28 10:13:56 | 000,448,592 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\rnupgagent.exe
[2013.03.28 13:21:56 | 038,454,704 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\RealPlayer.exe
[2013.03.28 13:15:21 | 000,766,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\František\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_exe\RealPlayer.exe
[2010.11.20 14:18:02 | 000,044,312 | -HS- | M] (Hilgraeve, Inc.) -- C:\Users\František\AppData\Roaming\rwvteucb\gercrhfj.exe
[2011.08.19 09:32:07 | 003,154,792 | ---- | M] (Microsoft Corporation) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\NDP40-KB2461678-x64.exe
[2011.06.24 15:54:30 | 000,941,968 | ---- | M] (Samsung) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.06.24 15:54:38 | 000,278,928 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.06.24 15:54:36 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.06.07 11:14:06 | 000,140,800 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\ConnectionManager.exe
[2011.06.07 11:14:04 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.06.09 18:45:38 | 000,660,992 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.06.24 15:54:40 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.06.07 11:13:54 | 000,100,352 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.06.07 11:13:54 | 000,095,232 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.06.24 15:54:44 | 000,131,984 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.06.24 15:54:46 | 000,020,880 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.06.24 15:54:48 | 004,661,464 | ---- | M] () -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.06.20 10:33:24 | 020,677,600 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.06.24 15:54:50 | 000,358,800 | ---- | M] (ml) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2011.08.01 05:32:24 | 000,362,384 | ---- | M] (ml) -- C:\Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2011.01.10 16:12:58 | 012,451,104 | ---- | M] (ZONER software ) -- C:\Users\František\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build03.exe
[2011.02.01 11:23:25 | 012,482,080 | ---- | M] (ZONER software ) -- C:\Users\František\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build05.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\Tasks\*.job >
[2013.05.28 13:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.05.28 14:24:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.05.28 14:24:01 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.05.27 17:11:29 | 001,569,252 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2012.02.29 17:26:03 | 004,422,703 | R--- | M] (Swearware) -- C:\ComboFix.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"KiesPDLR" = D:\System\program files\Kies\External\FirmwareUpdate\KiesPDLR.exe -- [2011.08.01 05:32:20 | 000,020,880 | ---- | M] ()
"KiesHelper" = D:\System\program files\Kies\KiesHelper.exe /s -- [2011.08.01 05:32:08 | 000,958,352 | ---- | M] (Samsung)
"ManyCam" = "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent -- [2013.02.12 10:35:36 | 005,402,960 | ---- | M] (ManyCam LLC)
"{7765C81C-AA3A-CA33-8C53-5FE214C41B28}" = C:\Users\František\AppData\Roaming\Nipiag\ymkoapi.exe -- [2013.02.03 07:10:16 | 000,226,072 | ---- | M] (Hilgraeve, Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2013.05.24 12:14:07 | 000,920,472 | ---- | M] (Mozilla Corporation) MD5=95110A1C5A1D228AC1DDF6AB67D00BEB -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013.04.05 08:02:26 | 000,770,608 | ---- | M] (Microsoft Corporation) MD5=AAD90795E84E710543C6C7C2F7048E30 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.05.28 14:07:33 | 000,000,512 | ---- | M] () MD5=CB67174AF90107B568B964D20356E8F3 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >
[2013.03.16 11:24:08 | 000,003,072 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygen-0day.ws_0.localstorage
[2013.03.16 11:24:08 | 000,003,608 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_keygen-0day.ws_0.localstorage-journal

< *loader* /s >
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2010.03.09 04:28:40 | 005,297,608 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\Photodownloader.exe
[2010.03.09 01:38:58 | 000,011,161 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2010.03.09 01:38:58 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\de_de\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\en_us\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\es_es\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\it_it\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\no_no\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,308 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2010.03.09 01:39:00 | 000,000,011 | ---- | M] () -- \Program Files (x86)\illustrator\Adobe Bridge CS5\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2013.02.12 10:35:34 | 000,160,480 | ---- | M] () -- \Program Files (x86)\ManyCam\Bin\effectsdownloader.exe
[2010.06.07 22:11:08 | 000,006,262 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.py
[2011.01.31 12:37:51 | 000,021,504 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.dll
[2010.06.07 22:19:10 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\Basis\program\pythonloader.uno.ini
[2011.01.31 12:38:03 | 000,029,184 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\bin\javaloader.uno.dll
[2010.06.09 17:21:40 | 000,003,874 | ---- | M] () -- \Program Files (x86)\OpenOffice.org 3\URE\java\unoloader.jar
[2012.12.03 15:54:38 | 000,134,456 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderATA.xss
[2012.12.03 15:54:38 | 000,112,520 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderSCSI.xss
[2012.11.29 10:34:00 | 000,117,352 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderUSB.xss
[2012.01.05 11:18:14 | 000,321,344 | ---- | M] () -- \Program Files (x86)\SourceTec\Sothink Web Video Downloader\web-video-downloader.xpi
[2010.03.15 12:27:20 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2011.10.24 09:12:55 | 000,007,715 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.10.24 09:12:55 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.11.08 16:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.11.08 16:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.11.08 16:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.10.24 09:12:55 | 000,007,715 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2011.10.24 09:12:55 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012.11.08 16:16:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.11.08 16:16:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.08 16:16:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012.10.23 11:20:20 | 000,003,072 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.flashvideodownloader.org_0.localstorage
[2013.01.18 11:46:12 | 000,000,121 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DYWXTZWZ\fr-advideum.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013.04.25 09:53:38 | 000,000,121 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DYWXTZWZ\no-vg.cdn.videoplaza.tv\com.videoplaza.bootloader.sol
[2013.02.21 12:18:25 | 000,000,121 | ---- | M] () -- \Users\František\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\DYWXTZWZ\service.cdn.videoplaza.com\com.videoplaza.bootloader.sol
[2010.12.27 17:27:32 | 000,057,728 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2010.12.27 17:27:33 | 000,057,728 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2010.12.27 17:27:33 | 000,057,728 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2011.03.09 11:50:33 | 000,008,438 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\3CXPWTDR\loaders-pop[1].gif
[2011.04.19 13:05:51 | 000,005,797 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GKO3JVOH\loader_5[1].js
[2011.03.09 11:48:02 | 000,011,994 | ---- | M] () -- \Users\František\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NE7S7I0S\loaders-gen[1].gif
[2013.02.28 16:23:14 | 000,000,121 | ---- | M] () -- \Users\František\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VL6T56TK\service.cdn.videoplaza.com\com.videoplaza.bootloader.sol
[2011.06.23 11:43:38 | 000,069,120 | ---- | M] () -- \Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2011.06.24 15:54:44 | 000,131,984 | ---- | M] () -- \Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.08.19 09:33:31 | 000,028,622 | ---- | M] () -- \Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll.cab
[2011.08.19 09:33:24 | 000,058,837 | ---- | M] () -- \Users\František\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\CabFile\External\FirmwareUpdate\BinaryLoaderMgr.exe.cab
[2010.12.28 12:49:05 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011.02.05 15:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 15:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 19:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 15:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2010.10.22 13:43:22 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.10.22 13:46:42 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2007.06.19 08:59:36 | 000,070,400 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2010.10.22 13:43:22 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2010.10.22 13:46:42 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:18:33 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 08:23:09 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:26:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 16:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.07.21 09:29:40 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.07.21 09:29:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.07.21 09:29:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.07.21 09:29:42 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.07.21 09:29:42 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:22:35 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 07:45:50 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

ballanc · #13 Příspěvek od **ballanc** » 28 kvě 2013 13:46

Extras:

OTL Extras logfile created on: 28.5.2013 14:04:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\František\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 55,02% Memory free
6,99 Gb Paging File | 4,58 Gb Available in Paging File | 65,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 22,85 Gb Free Space | 23,43% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 481,71 Gb Free Space | 57,77% Space Free | Partition Type: NTFS

Computer Name: FRANTISEK | User Name: František | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\illustrator\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE prezentace fotografií] -- "D:\System\program files\Fotostar Offline client\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client] -- "D:\System\program files\Fotostar Offline client\Fotostar Offline client.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\illustrator\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [CEWE prezentace fotografií] -- "D:\System\program files\Fotostar Offline client\CEWE prezentace fotografií.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotostar Offline client] -- "D:\System\program files\Fotostar Offline client\Fotostar Offline client.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05AE1BCA-298A-4706-A6E6-A4A440A2E6E8}" = lport=1935 | protocol=6 | dir=out | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{0F84C55E-43A2-4683-81AE-40934E377B14}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{12CC14A5-E626-45BE-9E59-87ED7023FA13}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1878722F-016A-4D7B-A4DA-CF3D02FFC9FB}" = lport=138 | protocol=17 | dir=in | app=system |
"{1914C208-1C0A-426C-98F7-92310E316F03}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{1E6000C1-DD4D-4C29-8FB4-1575F82A01C0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1FF073F3-D2E2-4E25-BC09-2CE819329D1E}" = lport=137 | protocol=17 | dir=in | app=system |
"{2B69F353-8E1C-4886-A8F1-A6EA89F15285}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2C979E00-5C8D-4567-9955-87A1B529EEA1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3053495A-AEDE-4AA6-8595-67688EEC1B01}" = lport=86 | protocol=6 | dir=in | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{30B32309-19E9-44E2-8831-F9C9163659FB}" = lport=86 | protocol=6 | dir=out | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{3AD797EE-BB94-4FD8-9494-0B83A9CBC896}" = rport=445 | protocol=6 | dir=out | app=system |
"{4148D7C7-BC11-4E3F-97AB-3D2258D49A20}" = rport=139 | protocol=6 | dir=out | app=system |
"{45639794-F0C3-4FE8-AC20-74C4A3B1D09D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47AC1250-554A-4939-A618-FCAE63F86CC8}" = lport=86 | protocol=6 | dir=in | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{48A89DB8-E196-4A82-97DF-097574176727}" = rport=137 | protocol=17 | dir=out | app=system |
"{4D6774EC-0592-4F28-8B92-AC5AD87F0B7E}" = lport=445 | protocol=6 | dir=in | app=system |
"{5C6CB037-A360-4CF7-9A25-E8A1BDB7E9E7}" = lport=4100 | protocol=17 | dir=in | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{61BA5382-B88D-4930-995B-82215903080D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6554139F-0632-4FA2-8062-F5D4BF8FD46F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67DB1C30-1900-4D9F-80FD-9705D36F6442}" = lport=1935 | protocol=6 | dir=in | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{6F0689F7-CF7C-45E5-804B-94ED14C43324}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71657222-8D90-41D7-8405-C90D248E962F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7371E08E-A179-4FEA-AD6B-C3A59BED77AC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{7C97F6EA-6F7D-4CC0-85D9-EE1643BD222F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{817E208A-73DD-4BC6-BC65-78ED47A2226C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{862944D1-7CA7-427D-96A3-F0F59F231663}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94D0E2A4-4C4A-4E68-832C-73F252AC6AE4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{956460B2-30A6-47DC-A2D7-E8EE9AD0E45A}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9A044CBE-9043-413D-B9F7-5AA90A3A7CDC}" = rport=138 | protocol=17 | dir=out | app=system |
"{9FF81663-ADCD-47E0-B094-167BB4C7ED93}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A72E7DF6-F008-4F02-95EE-B8CC71E4C99A}" = lport=139 | protocol=6 | dir=in | app=system |
"{B70F4D5C-0086-4772-8F46-0857BA848BB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0DB5D41-FA8E-44A5-AA0C-22CEBBCCE4FA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0EE78E9-1780-4F51-B3D8-C587D155F921}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DC5BF9F0-DCE8-4E8A-8BFE-78A6B4DCADAC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E13DAA90-ED34-4E01-8469-2C0D376205B7}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{E582105E-F3AB-48D5-948A-D4717D17F578}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE6906F1-B817-42E0-80E6-09908EB1F7D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F08DC79C-65E8-4D75-BE1C-7D91FA0DB4DF}" = lport=4100 | protocol=17 | dir=out | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |
"{F39B4BB7-E9A5-4CD4-80CA-FEFC7D4CE4C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3FE360D-5880-45FD-A809-C0F468E0434B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC2001D8-3F2A-49D4-8B9B-F0EC8F49EAE4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FE66B58E-3C1C-4CD6-82B8-ECB516AE7AE7}" = lport=86 | protocol=6 | dir=out | app=c:\program files (x86)\nch software\broadcam\broadcam.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0166279C-FD08-4719-A7CC-274BED8389A4}" = protocol=17 | dir=in | app=d:\system\program files\wlite\wservice.exe |
"{03ADC8C1-DCDA-4F41-B6A5-79652BD080D0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1C63B697-0249-40BA-A94B-0AE09616C672}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F7CE6C6-D99B-4C71-BAD5-1B4FA0E09250}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{250EFC1F-8C3A-4C4E-88D2-DE28F5A6D2A1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{26BF5683-2182-469A-BB40-25A189FAB11B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2C98BDF6-052E-4A07-AAE4-FD4A75D8803E}" = protocol=6 | dir=in | app=d:\system\program files\wlite\wservice.exe |
"{3571BC2C-E382-408B-A228-3B4DB14EE050}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{403C82BB-251A-4411-93F0-2D774D79EEF1}" = dir=in | app=c:\users\františek\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{49E4EB73-3C8C-43F0-B84E-28BC050BE931}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{4C528875-F7EB-40FC-9544-4A7655893D9B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{51520F03-47F9-42D9-92F9-ADAA68297E66}" = protocol=6 | dir=in | app=c:\users\františek\appdata\roaming\dropbox\bin\dropbox.exe |
"{52A49A54-6951-43A6-86B4-C30760EB2BAF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57198BC7-0A41-4F7D-8E5D-D9FF00137EB6}" = protocol=17 | dir=in | app=c:\users\františek\appdata\roaming\dropbox\bin\dropbox.exe |
"{61DA2700-A0D1-4B5D-A48F-D4EE7D079F55}" = protocol=17 | dir=in | app=d:\system\program files\wlite\wlite.exe |
"{680CD287-D684-4FA8-B7AF-D59EBA760EBF}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6B296FD8-E06C-43E2-AB20-0F5016272C74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{719A0A83-9C4C-431D-9D5B-881F2570397E}" = protocol=6 | dir=out | app=system |
"{72B3975D-C974-4B18-B96A-01085FCEF7E5}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8C2DCF86-8907-4939-B3A9-542B95296240}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{8F6ABDEF-EA4A-482D-AE7B-56654855538D}" = dir=in | app=c:\users\františek\appdata\roaming\nipiag\ymkoapi.exe |
"{8FA73D09-3B23-4266-BE3B-8D619A01A874}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{93AD0598-EBE5-4D05-9C85-8F07B0AEAEB4}" = protocol=17 | dir=in | app=d:\system\program files\ispy\ispy.exe |
"{980DC0BE-25DE-4B91-A464-A8964FF39A1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9963CD6B-F11E-44FE-9C90-0CD0DABFEE19}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9DE79939-2215-49FB-94B5-21B3D1EEEA84}" = dir=in | app=c:\users\františek\appdata\local\microsoft\skydrive\skydrive.exe |
"{A219EE07-5012-4AD0-97E5-96099B6DACFC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A5D44B81-A3D0-4E7B-B2B6-339004C0544B}" = protocol=6 | dir=in | app=d:\system\program files\ispy\ispy.exe |
"{A5E90B66-3CF8-4622-B671-468F520D8E95}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A6D3174A-CCDB-46D1-A38F-AE4DEE5F6ABB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AC403206-4E77-4A9B-9261-38F2F6EFDDB7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFFFA68F-CB27-4B50-87DC-4772A37B69A7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B956F999-A432-4BCA-A00D-54697BB323C4}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe |
"{B9AAFA93-E2EA-4ABF-A010-BAB35C527375}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe |
"{BB572BF2-1504-49E8-8243-9E9C49C6EB8F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{C6D13B96-8A32-48F7-94B2-18C6693F01C0}" = protocol=6 | dir=in | app=d:\system\program files\medal of honor\unrealengine3\binaries\moha.exe |
"{C7534A80-80DC-4776-9351-64DA1F7D8E03}" = protocol=6 | dir=in | app=d:\system\program files\wlite\wlite.exe |
"{CD814E6F-825E-4A71-8DBC-5C03850D56E7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CDB7CA48-038B-43CA-919F-AB59C01CCDB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D06B2465-74FE-43E3-B2B2-15BAD0ABA366}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D6626D51-998C-44A9-9F4B-581F10AB1474}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3C6AF9B-0084-4933-B0CD-50638889B170}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E5635A11-2EE9-4478-960A-20AA6F9DDDDC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EE3136C8-0650-4F92-B8E4-DCDCC5C2BC8C}" = protocol=17 | dir=in | app=d:\system\program files\medal of honor\unrealengine3\binaries\moha.exe |
"{F1E3CDF1-4ABB-4178-991E-A420C4E6AC95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F7AB3F9C-4544-421C-8708-ADABB064B8D3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{014E97BB-23CC-449A-A741-6909153FE6B0}D:\system\program files\ispy.exe" = protocol=6 | dir=in | app=d:\system\program files\ispy.exe |
"TCP Query User{13B22E2E-C2FE-443F-A724-CCB07E76BCF4}D:\system\w7_knihovny\dokumenty\downloads\camaster\camaster.exe" = protocol=6 | dir=in | app=d:\system\w7_knihovny\dokumenty\downloads\camaster\camaster.exe |
"TCP Query User{208A98A1-BF82-4332-B40D-10F51C1E9DD1}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"TCP Query User{280AB475-CB7F-42BD-9765-A2D80EECF69A}D:\system\program files\total cma pack\totalcmd.exe" = protocol=6 | dir=in | app=d:\system\program files\total cma pack\totalcmd.exe |
"TCP Query User{50213079-C618-4809-B256-D5D5CA0F850C}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe |
"TCP Query User{6F2CFB90-3F63-4BDD-A294-88C5162CFF5B}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=6 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"TCP Query User{750AE301-2823-4F71-BAF7-BC5EC0EBC997}D:\system\program files\camuniversal\camuniversal.exe" = protocol=6 | dir=in | app=d:\system\program files\camuniversal\camuniversal.exe |
"TCP Query User{93B619E1-05A5-4682-871D-94E1C2259E90}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{A8F3D54E-C034-47DB-9E98-EA19EADD93E7}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"TCP Query User{C10FDAE6-ED41-4404-8925-6C37215A03C7}D:\system\program files\ispy\ispy.exe" = protocol=6 | dir=in | app=d:\system\program files\ispy\ispy.exe |
"TCP Query User{CB6B9FDE-96B8-4BF2-88D0-D93A09FD2101}D:\system\program files\icamsource.exe" = protocol=6 | dir=in | app=d:\system\program files\icamsource.exe |
"TCP Query User{D2D6E890-E26D-45CB-A4E3-8A4E1C200A06}C:\users\františek\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\františek\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{0F8CFEF3-740E-41B3-BF88-2BE1CAEAFC28}D:\system\program files\icamsource.exe" = protocol=17 | dir=in | app=d:\system\program files\icamsource.exe |
"UDP Query User{23EA238A-4B07-4DCE-BC61-25A25773C43B}D:\system\program files\camuniversal\camuniversal.exe" = protocol=17 | dir=in | app=d:\system\program files\camuniversal\camuniversal.exe |
"UDP Query User{24F5DF78-5AD1-4B40-A7C0-BFF83342EF2F}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe |
"UDP Query User{31C16757-2786-419C-A1E9-82BF5A03C9E8}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe |
"UDP Query User{34535735-7252-4835-B16B-5C91574A89F0}D:\system\program files\ispy.exe" = protocol=17 | dir=in | app=d:\system\program files\ispy.exe |
"UDP Query User{4016382F-CBF5-472B-9037-59B320581DEC}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{5285684F-46F4-4FA3-8AE9-5E81D0C28FA7}C:\users\františek\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\františek\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{6CF13CD9-6DEB-43B0-97BA-4885BF3C622D}E:\easysetupassistant\wr741n\easysetupassistant.exe" = protocol=17 | dir=in | app=e:\easysetupassistant\wr741n\easysetupassistant.exe |
"UDP Query User{98A06F7B-0D4F-4773-B301-2770366FB98F}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"UDP Query User{A63E2F09-1D76-4E42-8763-EA6EC9403206}D:\system\w7_knihovny\dokumenty\downloads\camaster\camaster.exe" = protocol=17 | dir=in | app=d:\system\w7_knihovny\dokumenty\downloads\camaster\camaster.exe |
"UDP Query User{BE9C8486-A3AC-45B6-A605-57D21CC4EDC2}D:\system\program files\ispy\ispy.exe" = protocol=17 | dir=in | app=d:\system\program files\ispy\ispy.exe |
"UDP Query User{FAE58A92-E586-4E65-A6C1-E3872326EE66}D:\system\program files\total cma pack\totalcmd.exe" = protocol=17 | dir=in | app=d:\system\program files\total cma pack\totalcmd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Prostředí Windows XP Mode
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{47B188E2-2447-5C40-15B6-9D49DC90BF5B}" = ATI Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5F143175-13D3-5AE8-5AE9-262C6D60F994}" = AMD Fuel
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A61B820-598D-05B2-5F8D-7388E15AE2DB}" = AMD Drag and Drop Transcoding
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A9C6CA47-D937-D61D-4BD3-7CFAB7A5BA56}" = ATI Problem Report Wizard
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D7B6A47A-3DC9-64FE-BFD0-ED02F036D539}" = ccc-utility64
"{D954C6C2-544B-4091-A47F-11E77162883E}" = Microsoft Security Client
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{DE1B48FB-0EA4-6E6F-5335-9095994CB7EB}" = WMV9/VC-1 Video Playback
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9)
"Canon LBP5050" = Canon LBP5050
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"ffdshow64_is1" = ffdshow x64 v1.1.3940 [2011-07-14]
"KLiteCodecPack64_is1" = K-Lite Codec Pack (64-bit) v4.7.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Pen Tablet Driver" = Bamboo
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13
"ZonerPhotoStudio14_CZ_is1" = Zoner Photo Studio 14

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis True Image Home 2011
"{064BA90A-C58A-498F-950F-370A3471C1B9}" = iCamSource
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17FB91BD-37AA-48F0-A6AF-E2422C3286FA}" = STORMWARE POHODA CZ Start
"{18C95060-0BD9-420F-8F01-EC2486B582AA}" = iSpy
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{214C847B-6E35-439C-9DF6-119FC18D6269}" = BricsCad 6.2
"{25F28E39-FDBB-11DB-8314-0800200C9A66}" = Medal of Honor Airborne
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31187E06-E131-4709-9285-7D105D77AA89}" = Components Setup
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{553E24F0-09FD-4BCB-9CF0-4FC0F6DB95D1}_is1" = HellSpy Klient verze 0.8.0
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65F1CF63-31E0-450B-96F3-4A88BE7361A6}" = AGEIA PhysX v7.07.09
"{66DB6D91-BF91-480B-933D-7CB8B1E64D74}" = Windows Live Messenger
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = Trust Webcam 14830
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{807130E2-347B-4BE8-9D31-07076F40A6E2}_is1" = CamUniversal verze 4.8
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E884205-E3A3-55F3-2EE2-0E39F8E6CCED}" = Catalyst Control Center Graphics Previews Common
"{8FE96B14-E1F9-47BF-8BA1-A81467CD259B}_is1" = Yawcam 0.4.0
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{901C0405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Access 2003 Runtime
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9329BA0E-DD91-D33E-B73F-AA5179C53736}" = Catalyst Control Center
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95D78710-DEE9-4577-9FC6-35BE431898DC}" = Windows Live Family Safety
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9B5B11A-ABFD-49E0-850E-690BE86C3A9E}_is1" = Type light 3.1.014
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{BD5D6437-94F6-C8F4-AF1B-B1658E0CB8F7}" = CCC Help English
"{BDDEE95D-0671-4A38-AAF3-2A7D5801B323}" = Components Setup
"{C0959742-5DEB-453B-A55C-528AA0EBA103}" = Zoner Barcode Studio 2
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C5E92542-D7C0-4711-B979-BF1FA23A48E5}" = GLS Connect
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EFEDD205-43FE-4208-B682-0937E803E19E}_is1" = NexusFont 2.5 (ver 2.5.6.1478)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F38556C1-486C-C07B-4655-2F1BCF18C68A}" = Catalyst Control Center InstallProxy
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP3" = AIMP3
"Altus Vario 12.0" = Altus Vario 12.0
"Astroburn Lite" = Astroburn Lite
"AUTOPLAN START verze_is1" = AUTOPLAN 2011 START verze
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DtsFilter" = DTS+AC3 ÇĘĹÍ
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ExpressBurn" = Express Burn Disc Burning Software
"Fotostar Offline client" = Fotostar Offline client
"GOM Player" = GOM Player
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Intelli-studio" = SAMSUNG Intelli-studio
"Mafia II_is1" = Mafia II
"ManyCam" = ManyCam 3.1.43
"McAfee Security Scan" = McAfee Security Scan Plus
"Medal of Honor Airborne" = Medal of Honor Airborne
"Mozilla Firefox 21.0 (x86 cs)" = Mozilla Firefox 21.0 (x86 cs)
"Mozilla Thunderbird 17.0.6 (x86 cs)" = Mozilla Thunderbird 17.0.6 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"Nokia PC Suite" = Nokia PC Suite
"Pošta a kancelář 3_is1" = Pošta a kancelář 3.3
"PSN" = Post-it® Software Notes Lite
"RealPlayer 12.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.93
"szn-software-listicka" = Seznam Lištička (Všichni uživatelé tohoto počítače.)
"Total CMA Pack" = Total CMA Pack 0.50
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WinLiveSuite" = Windows Live Essentials
"wLite" = webcamXP Lite
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"XMedia Recode" = XMedia Recode 3.0.1.6
"Zoner Panorama Maker_is1" = Zoner Panorama Maker

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2670680469-1364093197-1783861760-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.6.0.2
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
"Torch" = Torch

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 26.11.2012 6:56:54 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: msaccess.exe, verze: 11.0.8321.0, časové
razítko: 0x4b4f9cfd Název chybujícího modulu: RPCRT4.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7ba59 Kód výjimky: 0xc0000005 Posun chyby: 0x00020691 ID chybujícího
procesu: 0xb74 Čas spuštění chybující aplikace: 0x01cdcbb73519f644 Cesta k chybující
aplikaci: C:\Program Files (x86)\Microsoft Office\OFFICE11\msaccess.exe Cesta k
chybujícímu modulu: C:\Windows\syswow64\RPCRT4.dll ID zprávy: fc879fdd-37b7-11e2-af6b-1c6f6581ad91

Error - 16.12.2012 4:09:32 | Computer Name = Frantisek | Source = TabletServicePen | ID = 1
Description =

Error - 20.12.2012 11:59:27 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 17.0.1.4715, časové
razítko: 0x50b71a4b Název chybujícího modulu: xul.dll, verze: 17.0.1.4715, časové
razítko: 0x50b7198b Kód výjimky: 0xc0000005 Posun chyby: 0x00144ed8 ID chybujícího
procesu: 0x1554 Čas spuštění chybující aplikace: 0x01cdde8aeba87796 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: 3afcc92a-4abe-11e2-ae5b-1c6f6581ad91

Error - 3.1.2013 11:46:34 | Computer Name = Frantisek | Source = Application Hang | ID = 1002
Description = Program msaccess.exe verze 11.0.8321.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
4fc Čas spuštění: 01cde995bea71a51 Čas ukončení: 105 Cesta k aplikaci: C:\Program
Files (x86)\Microsoft Office\OFFICE11\msaccess.exe ID hlášení:

Error - 4.1.2013 7:56:34 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 8.0.7601.17514, časové
razítko: 0x4ce79912 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko:
0x00000000 Kód výjimky: 0xc0000005 Posun chyby: 0x00610065 ID chybujícího procesu:
0x16f4 Čas spuštění chybující aplikace: 0x01cdea72426379dd Cesta k chybující aplikaci:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Cesta k chybujícímu modulu:
unknown ID zprávy: c887048a-5665-11e2-954d-1c6f6581ad91

Error - 17.1.2013 12:06:13 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: firefox.exe, verze: 17.0.1.4715, časové
razítko: 0x50b71a4b Název chybujícího modulu: xul.dll, verze: 17.0.1.4715, časové
razítko: 0x50b7198b Kód výjimky: 0xc0000005 Posun chyby: 0x00144ed8 ID chybujícího
procesu: 0x1230 Čas spuštění chybující aplikace: 0x01cdf49449d58527 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Cesta k chybujícímu
modulu: C:\Program Files (x86)\Mozilla Firefox\xul.dll ID zprávy: d068d6ec-60bf-11e2-8844-1c6f6581ad91

Error - 25.1.2013 11:58:24 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: EXCEL.EXE, verze: 12.0.6665.5003, časové
razítko: 0x5061d2a8 Název chybujícího modulu: EXCEL.EXE, verze: 12.0.6665.5003,
časové razítko: 0x5061d2a8 Kód výjimky: 0xc0000005 Posun chyby: 0x00013266 ID chybujícího
procesu: 0xec0 Čas spuštění chybující aplikace: 0x01cdfaf7eab3d5a6 Cesta k chybující
aplikaci: C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE Cesta k chybujícímu modulu: C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE
ID
zprávy: 0c596224-6708-11e2-b20b-1c6f6581ad91

Error - 28.1.2013 4:03:25 | Computer Name = Frantisek | Source = TabletServicePen | ID = 1
Description =

Error - 30.1.2013 4:14:26 | Computer Name = Frantisek | Source = TabletServicePen | ID = 1
Description =

Error - 6.2.2013 8:14:02 | Computer Name = Frantisek | Source = Application Error | ID = 1000
Description = Název chybující aplikace: GOM.EXE, verze: 2.1.39.5101, časové razítko:
0x4f6030c7 Název chybujícího modulu: GSFU.ax, verze: 0.0.0.0, časové razítko: 0x4f38ebd7
Kód
výjimky: 0xc0000005 Posun chyby: 0x00018308 ID chybujícího procesu: 0x11ac Čas spuštění
chybující aplikace: 0x01ce044709ac228a Cesta k chybující aplikaci: C:\PROGRA~1\GRETECH\GOMPLA~1\GOM.EXE
Cesta
k chybujícímu modulu: C:\Program Files\GRETECH\GomPlayer\GSFU.ax ID zprávy: b140a499-7056-11e2-a44c-1c6f6581ad91

[ OSession Events ]
Error - 21.4.2011 5:26:28 | Computer Name = Frantisek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 30.5.2011 9:48:36 | Computer Name = Frantisek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 6231
seconds with 420 seconds of active time. This session ended with a crash.

Error - 14.5.2012 8:26:44 | Computer Name = Frantisek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 9342 seconds with 2220 seconds of active time. This session ended with a
crash.

Error - 24.9.2012 11:10:45 | Computer Name = Frantisek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28395
seconds with 60 seconds of active time. This session ended with a crash.

Error - 25.1.2013 11:58:35 | Computer Name = Frantisek | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 12419
seconds with 480 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 28.5.2013 5:27:37 | Computer Name = Frantisek | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error - 28.5.2013 5:57:21 | Computer Name = Frantisek | Source = Microsoft Antimalware | ID = 2001
Description = %%860 zjistil chybu při pokusu o aktualizaci podpisů. Nová verze podpisu:
Předchozí verze podpisu: 1.151.990.0 Zdroj aktualizace: %%859 Fáze aktualizace: %%852

Zdrojová
cesta: Default URL Typ podpisu: %%800 Typ aktualizace: %%803 Uživatel: NT AUTHORITY\SYSTEM

Aktuální
verze modulu: Předchozí verze modulu: 1.1.9506.0 Kód chyby: 0x80070422 Popis chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné
povolené zařízení.

Error - 28.5.2013 6:46:28 | Computer Name = Frantisek | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 28.5.2013 6:48:57 | Computer Name = Frantisek | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 28.5.2013 6:48:58 | Computer Name = Frantisek | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 28.5.2013 6:49:44 | Computer Name = Frantisek | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 28.5.2013 6:51:15 | Computer Name = Frantisek | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 28.5.2013 6:52:25 | Computer Name = Frantisek | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.0 neuspěla při spuštění v důsledku následující chyby:
%%3

Error - 28.5.2013 7:39:24 | Computer Name = Frantisek | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 28.5.2013 7:39:53 | Computer Name = Frantisek | Source = Service Control Manager | ID = 7000
Description = Služba AODDriver4.0 neuspěla při spuštění v důsledku následující chyby:
%%3

< End of report >

ballanc · #14 Příspěvek od **ballanc** » 28 kvě 2013 14:09

skočil jsem dnes na MMS email od t-mobilu (jsem vůl)
Ted jsem zjistil, že obsahuje nejaký virus.
Normálně takove prilohy neoteviram, ale skrita pripona .exe (ve windowsech) u pdf souboru toho jsem si všiml asi vteřinu po tom co jsem na to klik.

ted mi nejde prijimat a posilat posta když chci napsat háček uděla toˇˇ (rovnou dva) a to se obávám, že to nebude to nejhorší.
Pomužou tyto kroky co ted delame k vycisteni pocitace i od tohodle hnusu.

každopadně dekuji za pomoc

#15 Příspěvek od **vyosek** » 29 kvě 2013 09:44

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

VIRY.CZ

Kontrola Logu - službu centrum zabezpečení windows nejde zap

Kontrola Logu - službu centrum zabezpečení windows nejde zap

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde

Re: Kontrola Logu - službu centrum zabezpečení windows nejde