Prosím o kontrolu logu - problém s BetterSurf

Zpráva

Jarda1974 · #1 Příspěvek od **Jarda1974** » 15 lis 2013 09:07

Mám problém s reklamou v prohlížeči, kdy se běžná bannerová reklama nahradí reklamou BetterSurf. Ve složce Program Files jsem našel adresář BetterSurf. Zkoušel jsem Malwarebytes, ale bez úspěchu. Dochází navíc k podtrhávání slov v prohlížeči.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Petr (administrator) on PETR-PC on 15-11-2013 09:11:22
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\ColorMunki Design Tray.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files (x86)\Total CMA Pack\TOTALCMD.EXE
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Update\Install\{6EEB0204-1FAD-45CD-9267-05CCBAE14286}\31.0.1650.57_30.0.1599.101_chrome_updater.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Temp\CR_B2931.tmp\setup.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11545192 2010-11-02] (Realtek Semiconductor)
HKCU\...\Run: [Total CMA Pack] - C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe [43255 2009-09-01] (CMA®)
HKCU\...\Run: [Google Update] - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-03] (Google Inc.)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] - C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\registration.exe [729088 2003-11-25] (Corel Corporation)

==================== Internet (Whitelisted) ====================

URLSearchHook: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={searchTe ... 8037110300
SearchScopes: HKCU - {6ABDE812-228C-446B-BDE7-5D640209F01D} URL = http://search.conduit.com/ResultsExt.as ... 3982908095
SearchScopes: HKCU - {84BB8AAC-D83B-48a6-B354-405BC200892C} URL = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
BHO-x32: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?affID=44444&babsr ... e549693677"
CHR DefaultSearchURL: (Seznam) - http://search.seznam.cz/?q={searchTerms}
CHR DefaultSuggestURL: (Seznam) - http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Petr\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Petr\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Petr\AppData\Local\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Users\Petr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (BetterSurf) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dedmngkbaffkenlfdcbganndoghblmap\1.0_0
CHR Extension: (Norton Identity Protection) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0
CHR Extension: (Google Wallet) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\Exts\Chrome.crx

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ColorMunkiService; C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe [147968 2009-10-21] (X-Rite Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 xritedeviced; C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe [130048 2009-10-21] (X-Rite Inc.)
S2 Yontoo Desktop Updater; "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Petr\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131101.003\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S3 colormunki; C:\Windows\System32\Drivers\colormunki_x64.sys [51600 2007-10-02] (Thesycon GmbH, Germany)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-09-30] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-30] (Symantec Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-06-12] ()
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131114.001\IDSvia64.sys [521816 2013-10-29] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2011-04-04] (Marvell Semiconductor, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131114.016\ENG64.SYS [126040 2013-11-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131114.016\EX64.SYS [2099288 2013-11-06] (Symantec Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-08-16] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-08-16] ()
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-11-15 08:58 - 2013-11-15 09:13 - 00015788 _____ C:\Users\Petr\Desktop\FRST.txt
2013-11-15 08:57 - 2013-11-15 08:57 - 00029696 _____ C:\Users\Petr\AppData\Local\MSGBOX.EXE
2013-11-15 08:57 - 2013-11-15 08:57 - 00000000 ____D C:\FRST
2013-11-15 08:55 - 2013-11-15 08:55 - 00112128 _____ C:\Users\Petr\Downloads\FRSTLauncher.exe
2013-11-15 08:51 - 2013-11-15 08:51 - 01957794 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2013-11-15 08:51 - 2013-11-15 08:51 - 01957794 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2013-11-15 08:04 - 2013-11-15 08:04 - 00001144 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Malwarebytes
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-15 08:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-15 03:58 - 2013-11-15 03:58 - 00000000 _____ C:\extensions.sqlite
2013-11-15 03:57 - 2013-11-15 03:57 - 00000000 ____D C:\Program Files (x86)\BetterSurf
2013-11-15 03:31 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-15 03:31 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-15 03:31 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-15 03:31 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-15 03:31 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-15 03:31 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-15 03:31 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-15 03:31 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-15 03:30 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-15 03:30 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-15 03:30 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-15 03:30 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-15 03:30 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-15 03:30 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-15 03:30 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-15 03:30 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-15 03:30 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-15 03:30 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-15 03:30 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-15 03:30 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 07:36 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:36 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 07:36 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 07:35 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:35 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:35 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:35 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 07:35 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 07:35 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 07:35 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:35 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:35 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:35 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:35 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:35 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:35 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:35 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:35 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 07:35 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 07:35 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 07:35 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 07:35 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:35 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 07:34 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:34 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:34 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:34 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 07:34 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 07:34 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:34 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 03:03 - 2013-11-13 03:04 - 00004662 _____ C:\Windows\IE11_main.log
2013-11-02 08:23 - 2013-11-06 06:04 - 00002061 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-10-19 06:11 - 2013-10-19 06:11 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360

==================== One Month Modified Files and Folders =======

2013-11-15 09:13 - 2013-11-15 08:58 - 00015788 _____ C:\Users\Petr\Desktop\FRST.txt
2013-11-15 09:01 - 2012-07-03 08:56 - 00000958 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83945213-2830042870-2556876473-1000UA.job
2013-11-15 08:57 - 2013-11-15 08:57 - 00029696 _____ C:\Users\Petr\AppData\Local\MSGBOX.EXE
2013-11-15 08:57 - 2013-11-15 08:57 - 00000000 ____D C:\FRST
2013-11-15 08:55 - 2009-07-14 05:45 - 00013440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 08:55 - 2009-07-14 05:45 - 00013440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 08:51 - 2013-11-15 08:51 - 01957794 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2013-11-15 08:51 - 2013-11-15 08:51 - 01957794 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2013-11-15 08:44 - 2012-07-03 08:56 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83945213-2830042870-2556876473-1000Core.job
2013-11-15 08:39 - 2012-07-03 09:02 - 00001806 _____ C:\Windows\wcx_ftp.ini
2013-11-15 08:27 - 2012-06-11 17:44 - 01298744 _____ C:\Windows\WindowsUpdate.log
2013-11-15 08:23 - 2013-08-06 04:57 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-15 08:23 - 2012-11-20 00:09 - 00000000 ____D C:\ProgramData\NVIDIA
2013-11-15 08:23 - 2012-06-26 15:14 - 01071294 _____ C:\Windows\PFRO.log
2013-11-15 08:23 - 2012-06-21 20:29 - 00108381 _____ C:\Windows\setupact.log
2013-11-15 08:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-15 08:20 - 2013-03-05 12:22 - 00000000 ____D C:\Users\Petr\AppData\Local\SwvUpdater
2013-11-15 08:16 - 2012-12-19 13:39 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 08:15 - 2013-08-06 04:57 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-15 08:04 - 2013-11-15 08:04 - 00001144 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Malwarebytes
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-15 08:04 - 2013-11-15 08:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-15 03:58 - 2013-11-15 03:58 - 00000000 _____ C:\extensions.sqlite
2013-11-15 03:57 - 2013-11-15 03:57 - 00000000 ____D C:\Program Files (x86)\BetterSurf
2013-11-15 03:29 - 2012-06-28 08:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 03:19 - 2013-08-14 19:39 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 03:08 - 2012-06-15 19:24 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 21:10 - 2013-06-05 08:42 - 00000600 _____ C:\Users\Petr\AppData\Roaming\winscp.rnd
2013-11-13 03:04 - 2013-11-13 03:03 - 00004662 _____ C:\Windows\IE11_main.log
2013-11-11 12:12 - 2013-04-11 07:49 - 00000000 ____D C:\Program Files (x86)\SignCut
2013-11-11 11:30 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-11-08 11:56 - 2012-06-11 18:25 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2013-11-07 14:32 - 2012-06-28 08:53 - 00000000 ___SD C:\Program Files (x86)\Total CMA Pack
2013-11-06 06:04 - 2013-11-02 08:23 - 00002061 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-11-06 06:04 - 2013-03-27 07:30 - 00406980 _____ C:\Windows\DPINST.LOG
2013-11-06 06:04 - 2012-06-11 18:15 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-03 16:44 - 2012-06-11 18:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2013-10-30 08:55 - 2009-07-14 16:18 - 00881730 _____ C:\Windows\system32\perfh005.dat
2013-10-30 08:55 - 2009-07-14 16:18 - 00206680 _____ C:\Windows\system32\perfc005.dat
2013-10-30 08:55 - 2009-07-14 06:13 - 00005390 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-28 20:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-28 12:27 - 2012-07-11 10:50 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-10-24 14:17 - 2012-06-26 23:12 - 00000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2013-10-20 09:48 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-19 06:11 - 2013-10-19 06:11 - 00000000 ____D C:\Windows\System32\Tasks\Norton 360
2013-10-19 06:04 - 2013-10-01 11:35 - 00002354 _____ C:\Users\Public\Desktop\Norton 360.lnk
2013-10-19 06:04 - 2012-09-10 07:21 - 00003206 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-10-19 06:04 - 2012-09-10 07:19 - 00000000 ____D C:\Windows\system32\Drivers\N360x64
2013-10-17 17:00 - 2012-09-20 08:57 - 00000000 ____D C:\EasyPHP5.3.0
2013-10-16 19:27 - 2012-07-03 08:57 - 00002358 _____ C:\Users\Petr\Desktop\Google Chrome.lnk
2013-10-16 09:14 - 2013-03-28 14:42 - 00000000 ____D C:\Program Files (x86)\PC Connectivity Solution

Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\InternetTurboSetup__1814_i1675065_il1537.exe
C:\Users\Petr\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Petr\AppData\Local\Temp\siinst.exe
C:\Users\Petr\AppData\Local\Temp\strings.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-11-11 15:30

==================== End Of Log ============================

#2 Příspěvek od **vyosek** » 15 lis 2013 09:28

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Jarda1974 · #3 Příspěvek od **Jarda1974** » 15 lis 2013 09:45

Log s Junkware

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Petr on p 15.11.2013 at 9:34:45,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-83945213-2830042870-2556876473-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15d2d75c-9cb2-4efd-bad7-b9b4cb4bc693}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3220468
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6ABDE812-228C-446B-BDE7-5D640209F01D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Petr\AppData\Roaming\splashtop"
Successfully deleted: [Folder] "C:\Users\Petr\AppData\Roaming\yontoo"
Successfully deleted: [Folder] "C:\Users\Petr\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Petr\appdata\local\swvupdater"
Successfully deleted: [Folder] "C:\Users\Petr\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Petr\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Petr\appdata\locallow\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol_v2"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 15.11.2013 at 9:43:11,55
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Jarda1974 · #4 Příspěvek od **Jarda1974** » 15 lis 2013 09:52

Log z AdwCleaner

# AdwCleaner v3.012 - Report created 15/11/2013 at 09:47:33
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Petr - PETR-PC
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

File Deleted : C:\Users\Petr\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BrowserProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKCU\Software\58f8ddde138be41
Key Deleted : HKLM\SOFTWARE\58f8ddde138be41
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8564D033-F834-42D2-A43F-CE504E013255}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{502A889B-E16B-44A5-847B-BF99AD41E9F0}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Google Chrome v

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [4427 octets] - [15/11/2013 09:47:05]
AdwCleaner[S0].txt - [3722 octets] - [15/11/2013 09:47:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3782 octets] ##########

Jarda1974 · #5 Příspěvek od **Jarda1974** » 15 lis 2013 10:41

Nalezl jsem následující

http://www.thecraftynerd.com/2013/11/14 ... ettersurf/

U chrome jsem to našel dle návodu a odstranil
U IE to mám doplňcích, což jsem zakázal, ale nevím jak odinstalovat doplněk trvale?

Teď otázka, zda tohle stačí? Přijde mi to moc snadné...

#6 Příspěvek od **vyosek** » 15 lis 2013 14:56

Stahnete WIGI http://tigzy.geekstogo.com/Tools/WhyIGotInfected.exe

Pokud pouzivate Win Vista ci W7, kliknete na WIGI pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Scan
Po dokonceni scanu (obdelnik vedle bude cely zeleny) kliknete na Report
Otevre se log, ten sem vlozte

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Jarda1974 · #7 Příspěvek od **Jarda1974** » 15 lis 2013 17:24

Sken z WIGI

WhyIGotInfected 1.9.0.0(by Tigzy)
********************************

Run : 15.11.2013 17:23:56 [Normal Mode]
Machine : PETR-PC (4 CPUs) [Petr : ADMIN]
OS: Windows 7 Service Pack 1 (x64)

~~ Plugins check: ~~

UPTODATE [Windows 7 Service Pack 1] Current : Service Pack 1 -- Latest : Service Pack 1
OUTDATED [Internet Explorer] Current : 9.10.9200.16736 -- Latest : 9.10.9200.16721
OUTDATED [Internet Explorer] Current : 9.10.9200.16736 -- Latest : 9.10.9200.16721
OUTDATED [Adobe Reader (x86)] Current : 9 -- Latest : 11
OUTDATED [Adobe Flash] Current : 11.9.900.117 -- Latest : 11.9.900.152
OUTDATED [Adobe Flash (x86)] Current : 11.9.900.117 -- Latest : 11.9.900.152
OUTDATED [Adobe Flash ActiveX] Current : 11.9.900.117 -- Latest : 11.9.900.152
OUTDATED [Adobe Flash ActiveX (x86)] Current : 11.9.900.117 -- Latest : 11.9.900.152

Finished
<C:\Users\Petr\Desktop\WIGIReport[1].txt>
WIGIReport[0].txt ; WIGIReport[1].txt

Jarda1974 · #8 Příspěvek od **Jarda1974** » 15 lis 2013 17:29

RogueKiller V8.7.8 [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Kontrola -- Datum : 11/15/2013 17:28:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD103SI ATA Device +++++
--- User ---
[MBR] 420e591b9890e66dfde276c68f56dee5
[BSP] a9c609f350e574a27a5f731bcbfcd7c9 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 457177 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 936300330 | Size: 496689 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11152013_172800.txt >>
RKreport[0]_D_10112013_073121.txt;RKreport[0]_S_10112013_072834.txt;RKreport[0]_S_10112013_073219.txt
RKreport[0]_S_10112013_073319.txt;RKreport[0]_S_10112013_073423.txt

#9 Příspěvek od **vyosek** » 15 lis 2013 18:00

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

Jarda1974 · #10 Příspěvek od **Jarda1974** » 16 lis 2013 09:56

Zdravím, provedu, ale zatím nevím od nikoho nic? Chápu, že to asi není snadné, ale už mám celou plochu otapetovanou programy na skenování pc.
Dnes mi zablokoval google vyhledávání a dokonce nenabídl ani captchu, prostě natvrdo Sorry váš PC je zdrojem neobvyklé vyhledávací aktivity...
Kdybych neměl pc jako pracovní a v něm mraky instalací, tak prostě jednoduše vše shodím a nainstaluji nový systém.

OTL mi právě zahlásil OUT OF MEMORY

#11 Příspěvek od **vyosek** » 16 lis 2013 09:58

Snazime se to lecit a jelikoz PC nemam u sebe, tak se do nej musim podivat skenery

Pokud nechcete, skenery smazte a tlacitko Odhlasit je vlevo nahore. Ja vas do niceho nenutim...

Jarda1974 · #12 Příspěvek od **Jarda1974** » 16 lis 2013 10:21

Dobrý den, já to určitě zle nemyslel... spustím poslední program znovu, protože mi z nějakého důvodu zahlásil Out of memory

#13 Příspěvek od **vyosek** » 16 lis 2013 10:22

Pokud zahlasi znovu, tak jej spustte bez toho doplnkoveho skriptu

Jarda1974 · #14 Příspěvek od **Jarda1974** » 16 lis 2013 10:57

OTL logfile created on: 16.11.2013 10:43:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,09% Memory free
7,99 Gb Paging File | 5,59 Gb Available in Paging File | 69,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,46 Gb Total Space | 179,81 Gb Free Space | 40,27% Space Free | Partition Type: NTFS
Drive D: | 485,05 Gb Total Space | 340,73 Gb Free Space | 70,25% Space Free | Partition Type: NTFS

Computer Name: PETR-PC | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.11.16 09:45:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
PRC - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2013.10.09 11:09:16 | 000,310,352 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2013.10.08 13:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\n360.exe
PRC - [2013.05.29 11:34:28 | 000,449,248 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.01.18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.21 17:56:44 | 001,090,040 | ---- | M] (Nokia) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
PRC - [2012.12.19 09:49:34 | 000,732,648 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
PRC - [2012.12.19 09:49:12 | 000,149,480 | ---- | M] (Nokia) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
PRC - [2009.10.23 09:26:54 | 001,921,024 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\ColorMunki Design Tray.exe
PRC - [2009.10.21 15:14:50 | 000,147,968 | ---- | M] (X-Rite Inc.) -- C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe
PRC - [2009.10.21 15:14:10 | 000,130,048 | ---- | M] (X-Rite Inc.) -- C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe
PRC - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

========== Modules (No Company Name) ==========

MOD - [2013.11.14 12:29:31 | 000,399,312 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.11.14 12:29:29 | 004,055,504 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
MOD - [2013.11.14 12:28:37 | 000,702,416 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
MOD - [2013.11.14 12:28:36 | 000,099,792 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\libegl.dll
MOD - [2013.11.14 12:28:34 | 001,619,408 | ---- | M] () -- C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
MOD - [2013.10.31 11:35:46 | 000,070,880 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2013.09.13 10:02:30 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
MOD - [2013.05.20 11:58:08 | 000,620,718 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
MOD - [2013.01.09 13:11:40 | 000,599,040 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.12.21 17:57:44 | 000,276,984 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
MOD - [2012.12.21 17:57:44 | 000,093,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
MOD - [2012.12.21 17:57:28 | 002,653,176 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
MOD - [2012.12.21 17:57:28 | 000,364,536 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
MOD - [2012.12.21 17:57:26 | 011,166,712 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
MOD - [2012.12.21 17:57:24 | 000,206,328 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
MOD - [2012.12.21 17:57:22 | 001,347,064 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
MOD - [2012.12.21 17:57:22 | 001,014,776 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
MOD - [2012.12.21 17:57:22 | 000,720,888 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
MOD - [2012.12.21 17:57:20 | 008,507,384 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
MOD - [2012.12.21 17:57:20 | 000,520,696 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
MOD - [2012.12.21 17:57:18 | 002,481,144 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
MOD - [2012.12.21 17:57:18 | 002,354,168 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
MOD - [2012.12.21 17:57:14 | 000,446,456 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
MOD - [2012.12.21 17:57:10 | 000,207,352 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qjpeg4.dll
MOD - [2012.12.21 17:57:10 | 000,035,832 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qico4.dll
MOD - [2012.12.21 17:57:08 | 000,033,272 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\Imageformats\qgif4.dll
MOD - [2012.12.21 17:56:40 | 000,438,264 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
MOD - [2012.12.21 17:56:00 | 000,606,200 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
MOD - [2012.12.21 15:29:52 | 000,391,600 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
MOD - [2012.12.21 15:29:52 | 000,059,280 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
MOD - [2012.12.21 15:29:14 | 000,110,080 | ---- | M] () -- C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
MOD - [2012.04.30 10:57:42 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
MOD - [2010.01.11 15:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
MOD - [2009.10.23 09:26:54 | 001,921,024 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\ColorMunki Design Tray.exe
MOD - [2009.10.22 14:33:04 | 001,970,176 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\QtCore4.dll
MOD - [2009.10.22 14:33:02 | 007,053,312 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\QtGui4.dll
MOD - [2009.10.22 14:29:44 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\imageformats\qtiff4.dll
MOD - [2009.10.22 14:29:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\X-Rite\ColorMunki Design\Tools\imageformats\qjpeg4.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.05.11 12:21:41 | 000,126,520 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2013.10.08 18:19:11 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.08 13:05:13 | 000,264,360 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\N360.exe -- (N360)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.02.25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2013.01.18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.12.19 09:49:34 | 000,732,648 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.07.11 10:46:23 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.21 15:14:50 | 000,147,968 | ---- | M] (X-Rite Inc.) [Auto | Running] -- C:\Program Files (x86)\X-Rite\Devices\Services\ColorMunki\ColorMunkiDeviceService.exe -- (ColorMunkiService)
SRV - [2009.10.21 15:14:10 | 000,130,048 | ---- | M] (X-Rite Inc.) [Auto | Running] -- C:\Program Files (x86)\X-Rite\Devices\Services\xritedeviced.exe -- (xritedeviced)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.10.01 11:35:58 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.09.27 04:18:30 | 001,147,480 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.09.27 03:26:03 | 000,858,200 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.09.26 04:28:00 | 000,590,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.09.26 03:50:25 | 000,162,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2013.08.29 02:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.08.01 04:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\symds64.sys -- (SymDS)
DRV:64bit: - [2013.07.31 05:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.07.31 04:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1501000.012\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.07.25 12:32:08 | 000,086,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.11.09 15:33:30 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2012.11.09 15:33:30 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2012.11.09 15:33:30 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.11.09 15:33:30 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2012.11.09 15:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.11.09 15:33:30 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 13:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.04 15:25:18 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2011.03.18 12:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.01.13 12:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 17:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.16 14:31:18 | 000,019,936 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2010.08.16 14:31:16 | 000,013,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.10.21 10:22:44 | 000,145,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017unic.sys -- (s0017unic)
DRV:64bit: - [2008.10.21 10:22:44 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017obex.sys -- (s0017obex)
DRV:64bit: - [2008.10.21 10:22:44 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017nd5.sys -- (s0017nd5)
DRV:64bit: - [2008.10.21 10:22:42 | 000,152,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdm.sys -- (s0017mdm)
DRV:64bit: - [2008.10.21 10:22:42 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mgmt.sys -- (s0017mgmt)
DRV:64bit: - [2008.10.21 10:22:42 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017mdfl.sys -- (s0017mdfl)
DRV:64bit: - [2008.10.21 10:22:40 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s0017bus.sys -- (s0017bus)
DRV:64bit: - [2007.10.02 08:26:52 | 000,051,600 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\colormunki_x64.sys -- (colormunki)
DRV:64bit: - [2006.11.16 17:26:44 | 000,019,248 | ---- | M] (Portrait Displays, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pdiports.sys -- (PdiPorts)
DRV - [2013.11.06 11:19:43 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131115.017\ex64.sys -- (NAVEX15)
DRV - [2013.11.06 11:19:43 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\VirusDefs\20131115.017\eng64.sys -- (NAVENG)
DRV - [2013.10.29 06:23:48 | 000,521,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\IPSDefs\20131115.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.10.23 00:11:13 | 001,524,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.0.2.1\Definitions\BASHDefs\20131101.003\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.09.30 00:00:00 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.09.30 00:00:00 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.06.12 15:17:24 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2010.03.12 04:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\GIGABYTE\ET6\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\SearchScopes\{84BB8AAC-D83B-48a6-B354-405BC200892C}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\SearchScopes\{CBBFE0F9-1CDD-45bb-B203-481A9EAE4B37}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Petr\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\coFFPlgn\ [2013.11.16 09:32:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF [2013.10.09 18:20:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\xz123@ya456.com: C:\Program Files (x86)\BetterSurf\ff

========== Chrome ==========

CHR - default_search_provider: Seznam (Enabled)
CHR - default_search_provider: search_url = http://search.seznam.cz/?q={searchTerms}
CHR - default_search_provider: suggest_url = http:///suggest.fulltext.seznam.cz/?dict=fulltext_ff&phrase={searchTerms}&encoding={inputEncoding}&response_encoding=utf-8,
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Petr\AppData\Local\Google\Chrome\Application\31.0.1650.57\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Petr\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.0.27_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
CHR - Extension: Gmail = C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (BetterSurf) - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.1.0.18\coieplg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-83945213-2830042870-2556876473-1000\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe (Corel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-83945213-2830042870-2556876473-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-83945213-2830042870-2556876473-1000..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\S-1-5-21-83945213-2830042870-2556876473-1000..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-83945213-2830042870-2556876473-1000..\Run: [Total CMA Pack] C:\Program Files (x86)\Total CMA Pack\Total CMA Pack.exe (CMA®)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6388EA9-8635-4BB2-B10E-9B44763BDDEB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2013.11.16 09:45:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013.11.15 17:22:25 | 000,980,992 | ---- | C] (Adlice) -- C:\Users\Petr\Desktop\WIGI.exe
[2013.11.15 09:47:00 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.11.15 09:34:43 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.11.15 09:33:01 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\Petr\Desktop\JRT.exe
[2013.11.15 08:57:54 | 000,000,000 | ---D | C] -- C:\FRST
[2013.11.15 08:51:42 | 001,957,794 | ---- | C] (Farbar) -- C:\Users\Petr\Desktop\FRST64.exe
[2013.11.15 08:04:37 | 000,000,000 | ---D | C] -- C:\Users\Petr\AppData\Roaming\Malwarebytes
[2013.11.15 08:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.11.15 08:04:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.11.15 08:04:21 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.11.15 08:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.11.15 03:31:07 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.11.15 03:31:07 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.11.15 03:31:06 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.11.15 03:31:06 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.11.15 03:31:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.11.15 03:31:06 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.11.15 03:31:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.11.15 03:31:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.11.15 03:31:05 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.11.15 03:31:04 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.11.15 03:31:04 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.11.15 03:31:01 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.11.15 03:31:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.11.15 03:31:00 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.11.15 03:30:59 | 003,959,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.11.14 07:36:39 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.11.14 07:35:42 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.11.14 07:35:42 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.11.14 07:35:42 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013.11.14 07:35:42 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013.11.14 07:35:42 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013.11.14 07:35:12 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.11.14 07:35:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.11.14 07:35:12 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.11.14 07:35:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.11.14 07:35:12 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.11.14 07:34:42 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.11.14 07:34:14 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.11.14 07:34:14 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.11.14 07:34:14 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.11.14 07:34:14 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.11.16 10:44:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-83945213-2830042870-2556876473-1000UA.job
[2013.11.16 10:24:10 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.11.16 10:16:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.16 10:14:30 | 000,000,600 | ---- | M] () -- C:\Users\Petr\AppData\Roaming\winscp.rnd
[2013.11.16 10:14:15 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.11.16 09:45:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Petr\Desktop\OTL.exe
[2013.11.16 09:41:00 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.11.16 09:41:00 | 000,013,440 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.11.16 09:32:13 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.11.16 09:32:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.11.16 09:31:57 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.11.15 17:25:15 | 003,679,744 | ---- | M] () -- C:\Users\Petr\Desktop\RogueKiller.exe
[2013.11.15 17:21:41 | 000,544,590 | ---- | M] () -- C:\Users\Petr\Desktop\WhyIGotInfected.exe
[2013.11.15 10:51:09 | 000,001,806 | ---- | M] () -- C:\Windows\wcx_ftp.ini
[2013.11.15 09:33:15 | 001,085,542 | ---- | M] () -- C:\Users\Petr\Desktop\adwcleaner.exe
[2013.11.15 09:32:46 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\Petr\Desktop\JRT.exe
[2013.11.15 09:22:54 | 000,002,358 | ---- | M] () -- C:\Users\Petr\Desktop\Google Chrome.lnk
[2013.11.15 09:17:05 | 000,005,929 | ---- | M] () -- C:\Users\Petr\Desktop\Addition.zip
[2013.11.15 08:57:40 | 000,029,696 | ---- | M] () -- C:\Users\Petr\AppData\Local\MSGBOX.EXE
[2013.11.15 08:51:18 | 001,957,794 | ---- | M] (Farbar) -- C:\Users\Petr\Desktop\FRST64.exe
[2013.11.15 08:44:12 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-83945213-2830042870-2556876473-1000Core.job
[2013.11.15 08:04:30 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.11.15 03:58:12 | 000,000,000 | ---- | M] () -- C:\extensions.sqlite
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.11.16 09:50:32 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.11.15 17:25:15 | 003,679,744 | ---- | C] () -- C:\Users\Petr\Desktop\RogueKiller.exe
[2013.11.15 17:21:40 | 000,544,590 | ---- | C] () -- C:\Users\Petr\Desktop\WhyIGotInfected.exe
[2013.11.15 09:33:29 | 001,085,542 | ---- | C] () -- C:\Users\Petr\Desktop\adwcleaner.exe
[2013.11.15 09:17:05 | 000,005,929 | ---- | C] () -- C:\Users\Petr\Desktop\Addition.zip
[2013.11.15 08:57:38 | 000,029,696 | ---- | C] () -- C:\Users\Petr\AppData\Local\MSGBOX.EXE
[2013.11.15 08:04:29 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.11.15 03:58:12 | 000,000,000 | ---- | C] () -- C:\extensions.sqlite
[2013.06.05 08:42:16 | 000,000,600 | ---- | C] () -- C:\Users\Petr\AppData\Roaming\winscp.rnd
[2013.06.05 06:44:58 | 000,000,600 | ---- | C] () -- C:\Users\Petr\AppData\Local\PUTTY.RND
[2013.03.27 07:50:15 | 001,495,094 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.03.22 20:03:18 | 000,380,928 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2013.03.14 19:50:40 | 000,000,368 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.extra_cmyk_measurement.lic
[2013.03.14 19:50:40 | 000,000,365 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.extra_rgb_measurement.lic
[2013.03.14 19:50:40 | 000,000,358 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.extra_proofing.lic
[2013.03.14 19:50:40 | 000,000,357 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.printers_all.lic
[2013.03.14 19:50:40 | 000,000,354 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.plugin_all.lic
[2013.03.14 19:50:40 | 000,000,353 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.control4.lic
[2013.03.14 19:50:40 | 000,000,352 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.droprgb.lic
[2013.03.14 19:50:40 | 000,000,352 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.cmykick.lic
[2013.03.14 19:50:40 | 000,000,349 | -H-- | C] () -- C:\Users\Petr\AppData\Roaming\dinax.mirage.lic
[2012.07.03 09:02:34 | 000,001,806 | ---- | C] () -- C:\Windows\wcx_ftp.ini
[2012.06.12 05:10:56 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.06.11 18:12:54 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.05.31 14:28:18 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Audacity
[2013.03.14 19:50:15 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\dinax
[2012.06.18 13:32:50 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Guitar Pro 6
[2013.04.02 17:18:10 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nokia
[2013.03.28 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Nokia Suite
[2013.03.28 14:46:43 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PC Suite
[2012.06.14 09:11:38 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\PhotoScape
[2012.06.29 09:42:01 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\scLauncher
[2013.04.11 07:52:40 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\SignCut
[2013.03.27 07:45:31 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Sony
[2012.06.18 14:25:49 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Tific
[2013.04.04 08:38:06 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\uTorrent
[2013.03.14 18:43:56 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\Visan
[2013.03.11 15:39:42 | 000,000,000 | ---D | M] -- C:\Users\Petr\AppData\Roaming\X-Rite

========== Purity Check ==========

< End of report >

Jarda1974 · #15 Příspěvek od **Jarda1974** » 16 lis 2013 10:58

OTL Extras logfile created on: 16.11.2013 10:43:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Petr\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 54,09% Memory free
7,99 Gb Paging File | 5,59 Gb Available in Paging File | 69,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,46 Gb Total Space | 179,81 Gb Free Space | 40,27% Space Free | Partition Type: NTFS
Drive D: | 485,05 Gb Total Space | 340,73 Gb Free Space | 70,25% Space Free | Partition Type: NTFS

Computer Name: PETR-PC | User Name: Petr | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00BC1867-1E87-4F49-A4A9-7A8733B98E75}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{02759A02-9161-4378-BD9B-0EC640460763}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{05A64042-244E-4F73-8CF3-C950B2E28004}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{0CF363D7-15C4-4465-9637-A67820CB8930}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1372C82F-AA9C-4051-8398-9BADED26EFA4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{14A079DB-B992-4D04-8597-29092E41D6A8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{150C1F85-35E1-4F73-BFDC-51DF61046AF0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A784973-4140-49F3-86D8-DB7E04091896}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1F6671EC-4C82-4976-B7A8-7614777F961B}" = rport=138 | protocol=17 | dir=out | app=system |
"{204EEDD6-332F-4FC0-9592-B8B8B77026E9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{20E04676-0380-4D05-9378-4C0EA60C1926}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{21B91607-BD11-4E2B-AB37-CD298879627E}" = rport=445 | protocol=6 | dir=out | app=system |
"{2541406F-6F1D-4877-BB58-92CD1CEF2C39}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{27BCBA28-5C47-42C8-9AF9-3636C88FF48D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{317BDCEB-2A76-42EF-A2D1-0DB795A21EDA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{31E85E53-D6AC-4EC5-97F5-D4A7CD10FBF5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{326D36EC-EB4E-4065-94F0-E78EB72CDADE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32930EDB-CC64-4533-B6DB-245E260017F2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{344F3B76-95B6-4AC5-9379-9B7D7540FA9D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{36778C01-9536-4E71-93C0-57F45DB04748}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{39DFA152-5C54-43BC-BB17-4885CF9DC1E3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{3CBC215C-CB4F-44E6-B42E-4CF1AE5522C3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{3CCDE529-3845-4120-BA17-E0C244546EF3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4377169F-DE8D-4420-AC36-0EEEFFBEB594}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{48DEF872-52B8-41F4-978D-99B125E253DB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4C733502-3920-4A4C-9DB8-FC475DADDC0D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{5169FCCE-3308-4032-8675-5DAF2E791CDC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{538E3EC5-CE3C-4F95-83DC-193AA90F063C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{56346737-EB62-4116-8F92-AAD0A976C0E9}" = rport=137 | protocol=17 | dir=out | app=system |
"{57FC882D-7DBE-47B7-8BF4-C2897F93D83A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5EFDADA0-3A1F-4E15-BBD7-BA7465F43300}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6705C028-6166-430B-84B1-67B777626DAB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6A1EE373-4520-41A8-921B-F8566F1C285D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6B91FE7B-8593-46C7-905B-ED1185CE895C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6BD42D13-DDC8-46A1-9A32-DE5E8D87B02F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6C8F9E9A-6B1C-4605-9EEB-BFEE6EC146B9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6D846F33-1D00-4E45-AB96-5AC4F9C615EB}" = lport=139 | protocol=6 | dir=in | app=system |
"{6D866330-40D1-4CD6-932F-DA086DD2C1C1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6FF0169E-BF51-4B44-916F-8017F2E0D80A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7131B1B5-647C-47D1-BA85-F5FD1D54E179}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{71D28D48-63CA-4F38-BF5C-29BE458E975D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{73D17005-1F23-4037-8E85-DEF8CB0BB9E0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{748350A7-5A49-4441-8297-75D4E969A6F8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe |
"{7695C9E8-D693-4F99-AEED-6F032CA5BFFA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{770A4209-809B-4471-8293-7D082AEAEBD2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{77166232-859C-496E-AA99-7348EFA219E0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{789B9579-5904-4B9B-960A-C43F4BFC91A0}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7BA2F8E1-6A5D-4FA3-AFF7-8DFAE8F8C89E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{80603591-56F2-4DB1-AE7B-304D2692EACB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A2D91F5-0823-46A0-A9A8-56EDD771ED49}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E90BF40-64C4-425E-999D-FE8B6609A115}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{90BE2482-01D1-4EE2-AB60-39680B24EF2B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{92084DDA-CD07-4A15-9A30-B65872DF3BF9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{924FCD8E-28AE-4B20-A29F-E6AA5E3B2CCA}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{951A2F0D-92D7-446A-8735-4259F867532B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9C1063C4-EBED-4299-A3F3-7BE97C7F36FF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A1BCE3C1-E2BF-40DB-900F-9FE822EE596A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A23D9AA6-EC82-4963-A026-0DEF18A0E885}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A4CADDE6-97D9-4B82-B4E6-7C4FB6E908FE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A621E567-CB86-4BC9-9F5F-860D0961E4DC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{A8B87464-B689-4CA4-BB82-BD8F2FDD2CA5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AD53CC4F-B819-400A-8F74-C155271A1F93}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AF15D6ED-0735-40AF-8B80-ACB36BC0DB46}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B1614B64-7D45-4004-B151-DC91B66D91F3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B198D6E5-6BBE-4957-AE6E-F971C9BEE738}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B8928BB1-EA62-4018-B9D5-648EA4FBF101}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BB7C0D1D-04CB-4239-8291-88A16675A885}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCBB240A-8A48-4FA1-9470-1D3F62D7613D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{BD283374-F6F9-4EF0-9C07-BFAFA40DA66F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BF9C23D8-0683-4FF2-B38D-05346F238B52}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C3F51E74-F638-4A9E-8449-58E62FC86D9F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7F068DB-70B3-44D3-8633-895FCDDDCCCE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CA14ED93-5FC5-46B9-80E7-1FA51D49444F}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CA3585B0-9093-4876-963E-D11598FC61DC}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{CBADFECA-CF15-44F3-AE2F-9EB1B242B716}" = lport=445 | protocol=6 | dir=in | app=system |
"{D4A63726-F4AD-4DFB-95EB-AAD20866B01F}" = rport=139 | protocol=6 | dir=out | app=system |
"{D67B34AE-9094-40B7-9765-A0C1CE563A7A}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DADD8491-819B-4C17-BF72-ABB7E7EA9830}" = lport=138 | protocol=17 | dir=in | app=system |
"{DE06EB60-6B19-42CD-A12E-06E2C7E3B0C5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE548037-CCF7-4F0D-ADA8-DE98E60F835E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DF863134-A61C-4239-BC1F-86C8BFED48E5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{DF8DBFF4-A09E-4A72-B028-BBE810CF7BA1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E1F825EF-D37D-4D9F-AACA-6B9DD9E6CD38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4115819-6367-4E60-8C90-01FDDFEB46D3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E463AF68-9F69-4BBD-AD87-DA6B9811F616}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E5F130B7-84A9-46DB-9849-DBB40211A537}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E8045CAD-8544-4ABA-9552-52805D3EB7BD}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E90C8734-35F6-4AD1-9F63-BFAC23E2AEB8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EAA720D2-DAEE-4372-AFE3-1F033760E98C}" = lport=137 | protocol=17 | dir=in | app=system |
"{EC36DC70-F543-4F16-B4D1-83006CFB74CB}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{ECB9C14D-89BC-4A20-BE6C-F9C2D17A14BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EF4B9174-C290-4C0F-85F4-BE918317EF1A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F083ECF5-28F4-458C-B337-F6259FC3B575}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{FA726686-F5D0-4B6E-984C-3D961A4BB8F0}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe |
"{FD66DED4-03CB-45C8-BBDC-BB9E978E9858}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE9669D0-6D81-44EE-970A-DF998E133926}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021D5B45-4B86-45A0-B6B4-807CF7337B10}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{12ADCDEC-77FD-47ED-ADD2-E0A10A4F9B6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{14B149F8-FEEE-4B34-B7B9-1090865752EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1A7DFDC6-728F-4B69-A148-CA1B2BDEB009}" = dir=in | app=c:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe |
"{20E90A63-C55F-43EF-9563-1A26135F83C4}" = protocol=6 | dir=out | app=system |
"{216179ED-8E65-456E-BD43-1CFC2E3ADAF8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{23666584-CF87-4710-B66F-1FA899FD9156}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{269C2D14-721D-4FB6-A18B-CE5C3A439640}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{359FCB2D-0F74-42A1-9C3D-1D5223C73B80}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{379F7B88-57CF-455E-83F7-1648161105EE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{37A65052-5242-462D-9C8B-C613A424EA1F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E7C7DE0-5157-4F50-BB1E-0ABEA7AB3538}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4146BE2A-9F04-41E1-BB0B-65D3DD6B4AC3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4FA234D9-0DD1-43FC-831F-4C3438881365}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{527C6F15-38A2-4A6B-A050-95D8629CD454}" = protocol=6 | dir=in | app=c:\users\petr\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{5599E6C0-5582-4CAA-AB1F-7927DB4B49A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{648B5E7A-563A-4A3F-A9DD-94E5139C3036}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{6933F05F-F154-44C8-9C87-C812BDF16CF6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C0F55AA-1619-4F23-A923-05E03035CBFB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{6FC9E3F9-D396-4548-B373-C00ED1B5C005}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{70AB3442-96E6-4B65-A2F2-C98C99DF74A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{72911CC3-727E-4865-9F28-1B2C7D38D57A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{7CCB3FB2-3ACB-4F97-B286-82BBF91E5026}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{80ED3BEC-939C-4294-975D-A030DEB9A498}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8BFC88F3-362D-4C04-A89C-7CBA81F8D22A}" = protocol=17 | dir=in | app=c:\users\petr\appdata\local\temp\dsoclient\dlcache\app.n3app |
"{8C219C99-1D0B-4E77-A144-669E206E43DF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{924F9700-8174-4559-B706-91868362AE9F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{994F7007-A974-402F-897F-4BBEA89ECAA1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C4E38B4-B08D-4DB0-8FD0-C73377BE7ACA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{9D040837-D5CB-42D2-9B30-8A9533F7B355}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9DE5F93D-485D-4F6E-9E64-280AEC4241D4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A49DE60E-498F-4E79-BE24-3AD963D3024B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABBF5761-C5DF-4193-A408-84DBAC193A3D}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{AF18331B-CFE7-4FCE-A009-0A32E7A0E14C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{C05CCCF3-8057-41F4-B85A-6914DA9455A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C3D65865-1F8E-40CB-9E46-619C7C1B3FB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE1D636B-F30B-4939-878B-E284CFD92EED}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D1483F68-9DE1-494E-95D9-F30F9F58BD24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{D706C62C-59D6-4D05-BAC4-34EBD850A674}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D8EEE4F6-59E1-4BDB-8A1F-835A2F629681}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{D9732200-97DA-45A5-B498-F6FAF23A5954}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{E09C98A7-92BA-43F6-936C-A54F3BA0EDC0}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{E337F154-E62D-40C0-81AE-A707B00BB840}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E3FB1B13-B9CD-4929-B313-9BDF68F10A7D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E5CD521D-18BB-4EFB-8C9F-2754E717B69A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E940C44E-E7AB-4452-B325-A86237841094}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F05F4C38-F59B-43BC-B4D5-8B13B39B608D}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update engine\sony ericsson update engine.exe |
"{F66E9834-A2B6-4C9D-BA9C-5992CC5515B6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{F76ECC91-D88C-4A05-93A2-3936F20E2149}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 311.06
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"EPSON Printer and Utilities" = EPSON Printer Software
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}" = SDK
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{12FEC00C-027C-4A34-9AAB-562EDA43DC18}_is1" = MiniTool Partition Wizard Home Edition 5.2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{3EF7AD39-D8B5-4FAF-9177-42A00DDD2732}_is1" = Free File Recovery 1.1
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0120.1
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B722793-E77B-41F5-BAB3-6C9832274E75}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}" = Nokia Connectivity Cable Driver
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ACEA9CD-63B9-4784-807B-EA295E96A7C3}_is1" = X-Rite Device Manager
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3A0C45A-7EDB-48EB-AB86-2445E74FBFBB}" = Nokia Suite
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EAEFA1B2-64E3-4B8E-942F-F57A73BC1CAE}_is1" = X-Rite Device ColorMunki Service
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.181
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"Audacity_is1" = Audacity 2.0.3
"ColorMunki Design_is1" = ColorMunki Design 1.1.1
"DDC Driver_is1" = DDC Driver 1.5
"Drakensang Online" = Drakensang Online
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Inkscape" = Inkscape 0.46
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0120.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mirage" = Mirage 2.0.7
"N360" = Norton 360
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pizza Connection 2" = Pizza Connection 2
"PSPad editor_is1" = PSPad editor
"SignCut" = SignCut (remove only)
"Total CMA Pack" = Total CMA Pack 0.50
"UninstallDeviceDll_is1" = UninstallDeviceDll 1.1
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"winscp3_is1" = WinSCP 5.1.5
"ZMBV" = Zip Motion Block Video codec (Remove Only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-83945213-2830042870-2556876473-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.11.2013 11:22:15 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12043

Error - 15.11.2013 11:22:16 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.11.2013 11:22:16 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13041

Error - 15.11.2013 11:22:16 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13041

Error - 15.11.2013 11:22:17 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.11.2013 11:22:17 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14040

Error - 15.11.2013 11:22:17 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14040

Error - 15.11.2013 11:22:18 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 15.11.2013 11:22:18 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15038

Error - 15.11.2013 11:22:18 | Computer Name = Petr-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15038

[ OSession Events ]
Error - 23.6.2013 13:39:53 | Computer Name = Petr-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2774
seconds with 960 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 16.11.2013 3:16:31 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby N360 bylo dosaženo časového
limitu (30000 ms).

Error - 16.11.2013 4:13:47 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Dnscache bylo dosaženo časového
limitu (30000 ms).

Error - 16.11.2013 4:14:17 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Dnscache bylo dosaženo časového
limitu (30000 ms).

Error - 16.11.2013 4:22:57 | Computer Name = Petr-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:21:43, ?16.?11.?2013) bylo neočekávané.

Error - 16.11.2013 4:26:03 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 16.11.2013 4:26:03 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 16.11.2013 4:26:57 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby N360 bylo dosaženo časového
limitu (30000 ms).

Error - 16.11.2013 4:27:27 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby N360 bylo dosaženo časového
limitu (30000 ms).

Error - 16.11.2013 4:34:33 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 16.11.2013 4:34:33 | Computer Name = Petr-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

< End of report >

VIRY.CZ

Prosím o kontrolu logu - problém s BetterSurf

Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf

Re: Prosím o kontrolu logu - problém s BetterSurf