Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Firefox otvírá samovolně nové záložky

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#16 Příspěvek od JirkaL. »

Tak nevím, jestli jsem někde neudělal chybu. Přesunul jsem do kořenového adresáře C:\ jak combofix, tak script (původně byl na C:\User\...), po přetažení scriptu na Combofix si zažádal o správcovské heslo, spustil se, objevila se hláška o vytváření bodu obnovy, potom o hledání napadených souborů, proběhlo 50 fází, potom hláška o mazání nějakého log souboru a restart. Po restartu normálně Windows naběhly a začalo mi problikávat prázdné okno nastřídačku od příkazového řádku a od Combofixu v různé frekvenci a to se děje už přes půl hodiny. I když mi antivir hlásil, že nejsem chráněn, asi po restartu naběhl a Identity Protection po asi dvaceti, pětadvaceti minutách začala hlásit neznámý nebezpečný objekt na C:\Combofix\CF2467.3XE. Zkusil jsem dát povolit, ale nejsem si jistý, jestli to mělo smysl, počítač je evidentně plně vytížen a asi na nic nereaguje. Nechci nic pokud možno spouštět, pokud k tomu nedostanu pokyn. Teď píšu z druhého počítače a celou dobu hledím, že situace se nemění a je to už cca 45 minut od restartu
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#17 Příspěvek od vyosek »

Fajn, nekde se CF zacykloval...Udelejte restart PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#18 Příspěvek od JirkaL. »

Takže počítač je po restartu, Windows naběhly, co teď?
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#19 Příspěvek od vyosek »

Mrknete jestli na c:\combofix.txt neni log
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#20 Příspěvek od JirkaL. »

Včera jsem se díval a podle data vytvoření byl jen ten původní :( , teď nejsem u svého počítače, takže mohu pokračovat až později odpoledne (po 16:00)
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#21 Příspěvek od vyosek »

OK, pak mi tedy dejte log z DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#22 Příspěvek od JirkaL. »

Log z DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_26
Run by Jirka at 15:37:36 on 2013-01-08
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3582.2319 [GMT 1:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\atwtusb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\Pixart\Pac7302\Monitor.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\AVG\AVG2013\avgcfgex.exe
C:\Windows\system32\atwtusb.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.cz/
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [NUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
mRun: [WD Quick View] c:\program files\western digital\wd smartware\WDDMStatus.exe
mRun: [ROC_ROC_NT] "c:\program files\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [combofix] c:\combofix\cf2467.3xe /c c:\combofix\Combobatch.bat
mRunOnce: [DeleteOnReboot] c:\windows\DeleteOnReboot.bat
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [combofix] c:\combofix\cf2467.3xe /c c:\ComboFixCombobatch.bat
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\powerchute personal edition\Display.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_Win32.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/s ... ab_nvd.cab
DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/cs-cz/wlscctrl2.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1280502199023
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: NameServer = 192.168.1.20
TCP: Interfaces\{63BA57FC-E926-4877-8BDE-CB47A3FFA839} : DHCPNameServer = 192.168.1.20
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jirka\appdata\roaming\mozilla\firefox\profiles\iz06pd72.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-10-5 93536]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-12 50296]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-13 26984]
R2 APC Data Service;APC Data Service;c:\program files\apc\powerchute personal edition\dataserv.exe [2012-1-24 21880]
R2 avgfws;AVG Firewall;c:\program files\avg\avg2013\avgfws.exe [2012-11-2 1340976]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-6 5814392]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 McNeelUpdate;McNeel Update Service 5.0;c:\program files\mcneelupdate\5.0\McNeelUpdateService.exe [2012-10-25 67752]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2012-12-20 3467768]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\WDDMService.exe [2011-12-15 265624]
R2 WDFMEService;WDFME;c:\program files\western digital\wd smartware\WDFME.exe [2011-12-15 1591176]
R2 WDRulesService;WDRules;c:\program files\western digital\wd smartware\WDRulesEngine.exe [2011-12-15 1091992]
R2 WTService;WTService;c:\windows\system32\atwtusb.exe -s --> c:\windows\system32\atwtusb.exe -s [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2012-4-17 73344]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2012-4-17 164736]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2012-4-17 197224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1caabdd421d8683;Služba Google Update (gupdate1caabdd421d8683);c:\program files\google\update\GoogleUpdate.exe [2010-2-12 133104]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-6 682344]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-6 398184]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-3-23 1025352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IT9135BDA;IT9135 BDA Devices;c:\windows\system32\drivers\IT9135BDA.sys [2011-5-22 94336]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-6 21104]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-8 14848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-1 139776]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-8 49664]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-19 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
.
=============== Created Last 30 ================
.
2013-01-07 14:47:12 -------- d-----w- c:\users\jirka\appdata\local\temp
2013-01-07 14:40:16 -------- d-sh--w- C:\$RECYCLE.BIN
2013-01-07 14:38:36 -------- d-s---w- C:\ComboFix
2013-01-07 14:31:50 5019547 ------r- C:\ComboFix.exe
2013-01-06 17:35:23 -------- d-----w- c:\users\jirka\appdata\roaming\Malwarebytes
2013-01-06 17:35:17 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-06 17:35:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-06 17:35:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-06 17:35:01 -------- d-----w- c:\users\jirka\appdata\local\Programs
2013-01-06 17:21:34 165 ----a-w- c:\windows\DeleteOnReboot.bat
2013-01-06 11:07:25 98816 ----a-w- c:\windows\sed.exe
2013-01-06 11:07:25 256000 ----a-w- c:\windows\PEV.exe
2013-01-06 11:07:25 208896 ----a-w- c:\windows\MBR.exe
2013-01-05 12:20:58 -------- d-----w- c:\program files\trend micro
2012-12-21 12:13:18 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 12:13:17 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-13 16:16:58 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 14:55:22 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 14:54:54 376832 ----a-w- c:\windows\system32\dpnet.dll
.
==================== Find3M ====================
.
2012-12-12 18:58:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-12 18:58:25 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-08 14:10:40 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-10-22 12:02:46 179936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2012-10-16 07:39:52 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 02:48:52 55776 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2012-10-10 20:15:04 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 20:15:00 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 20:14:50 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-10 20:14:50 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-10 20:14:46 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 20:14:44 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-10 20:14:42 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 20:14:28 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 20:14:22 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-10 20:14:22 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-10-10 20:14:16 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 20:14:16 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
.
============= FINISH: 15:37:51,20 ===============
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#23 Příspěvek od vyosek »

:arrow: Uploadnete mi prosim nekam soubor c:\windows\DeleteOnReboot.bat
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#24 Příspěvek od JirkaL. »

Tady je: http://www.airplanephoto.net/download/D ... Reboot.zip
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#25 Příspěvek od vyosek »

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
  • Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#26 Příspěvek od JirkaL. »

OTL logfile created on: 8.1.2013 18:53:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiří Látal\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 49,08% Memory free
7,00 Gb Paging File | 4,66 Gb Available in Paging File | 66,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 923,70 Gb Total Space | 728,30 Gb Free Space | 78,85% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC-NOVY | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013.01.08 18:50:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jiří Látal\Desktop\OTL.exe
PRC - [2012.12.25 08:41:58 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.12.12 19:58:25 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgfws.exe
PRC - [2012.10.30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012.10.25 01:05:50 | 000,067,752 | ---- | M] (Robert McNeel & Associates) -- C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2012.10.22 13:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgex.exe
PRC - [2012.10.22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2012.10.02 20:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012.10.02 20:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.01.24 16:21:22 | 000,021,880 | ---- | M] (Schneider Electric) -- C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
PRC - [2012.01.24 16:11:56 | 000,705,912 | ---- | M] (Schneider Electric) -- C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
PRC - [2012.01.24 16:06:48 | 000,673,144 | ---- | M] (Schneider Electric) -- C:\Program Files\APC\PowerChute Personal Edition\apcsystray.exe
PRC - [2011.12.15 08:25:30 | 001,091,992 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe
PRC - [2011.12.15 08:25:28 | 003,998,616 | R--- | M] (Western Digital Technologies, Inc.) -- C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
PRC - [2011.12.15 08:25:28 | 001,591,176 | R--- | M] (Western Digital ) -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe
PRC - [2011.12.15 08:25:26 | 000,265,624 | R--- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
PRC - [2011.04.14 17:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.11.26 13:48:10 | 000,515,816 | ---- | M] () -- C:\Windows\System32\atwtusb.exe
PRC - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2006.11.03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\Pixart\Pac7302\Monitor.exe


========== Modules (No Company Name) ==========

MOD - [2012.12.25 08:41:57 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.12.12 19:58:25 | 014,586,296 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2011.12.15 08:25:24 | 000,070,040 | R--- | M] () -- C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll
MOD - [2010.03.21 19:19:50 | 000,094,208 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2008.09.03 15:28:24 | 000,319,488 | ---- | M] () -- C:\Program Files\WinRAR\rarlng.dll
MOD - [2008.08.29 10:55:00 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - [2012.12.25 08:41:58 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.12.13 14:26:20 | 003,290,896 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.12.12 19:58:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.11.02 00:08:48 | 001,340,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgfws.exe -- (avgfws)
SRV - [2012.10.25 01:05:50 | 000,067,752 | ---- | M] (Robert McNeel & Associates) [Auto | Running] -- C:\Program Files\McNeelUpdate\5.0\McNeelUpdateService.exe -- (McNeelUpdate)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.10.10 21:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.04.22 12:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.24 16:21:22 | 000,021,880 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe -- (APC Data Service)
SRV - [2012.01.24 16:11:56 | 000,705,912 | ---- | M] (Schneider Electric) [Auto | Running] -- C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe -- (APC UPS Service)
SRV - [2011.12.15 08:25:30 | 001,091,992 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe -- (WDRulesService)
SRV - [2011.12.15 08:25:28 | 001,591,176 | R--- | M] (Western Digital ) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDFME.exe -- (WDFMEService)
SRV - [2011.12.15 08:25:26 | 000,265,624 | R--- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe -- (WDDMService)
SRV - [2011.09.01 08:17:00 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010.05.19 19:41:10 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.11.26 13:48:10 | 000,515,816 | ---- | M] () [Auto | Running] -- C:\Windows\System32\atwtusb.exe -- (WTService)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.05.15 07:35:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Jirka\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jirka\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.11.08 15:10:40 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.10.22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.10.15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.10.10 21:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012.10.05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.10.02 03:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.21 03:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.21 03:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.09.21 03:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.09.14 03:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.09.04 10:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012.08.23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012.04.22 12:51:38 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012.01.09 16:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012.01.09 16:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012.01.09 16:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.09.13 15:14:00 | 000,164,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011.09.13 15:13:58 | 000,073,344 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011.09.08 16:40:24 | 000,363,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2011.05.22 10:06:45 | 000,094,336 | ---- | M] (ITE ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IT9135BDA.sys -- (IT9135BDA)
DRV - [2011.01.30 16:57:44 | 000,431,672 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.11.20 13:30:17 | 000,296,064 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcvmm.sys -- (vpcvmm)
DRV - [2010.11.20 13:30:17 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpchbus.sys -- (vpcbus)
DRV - [2010.11.20 11:50:38 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vpcusb.sys -- (vpcusb)
DRV - [2010.11.20 11:50:37 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.10.29 16:11:08 | 000,197,224 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2010.08.01 19:00:39 | 000,006,144 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\walvhid.sys -- (vhidmini)
DRV - [2010.08.01 19:00:39 | 000,006,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2009.10.22 16:11:14 | 000,057,800 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2009.10.22 16:09:34 | 000,072,520 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2009.02.13 11:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007.10.29 16:25:46 | 000,458,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PAC7302.SYS -- (PAC7302)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certified-toolbar.com?si= ... earchTerms}


IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 98 D0 51 F6 AF CA 01 [binary data]
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... BG_csCZ367
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\..\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 48 55 38 BF 37 CA 01 [binary data]
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{02006D6A-A169-48F0-8F1B-EC52AE8A1AAE}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{1A8B053D-DC95-49C7-8C73-5C8E7505B7EA}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... BG_csCZ367
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\Live Search: "URL" = http://search.live.com/results.aspx?q={ ... ORM=MICPCZ
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\Yahoo!: "URL" = http://www.webhledani.cz/results.aspx?i ... earchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#27 Příspěvek od JirkaL. »

Druhá část OTL:

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: false
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:13.2.0.5
FF - prefs.js..extensions.enabledAddons: %7B82AF8DCA-6DE9-405D-BD5E-43525BDAD38A%7D:6.5.0.11422
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.25 08:41:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.25 08:41:53 | 000,000,000 | ---D | M]

[2010.02.17 20:57:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\mozilla\Extensions
[2012.11.01 17:09:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jirka\AppData\Roaming\mozilla\Firefox\Profiles\iz06pd72.default\extensions
[2012.12.25 08:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.12.25 08:41:52 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5
[2012.12.25 08:41:59 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.11.26 16:17:48 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.11.26 16:17:48 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.11.26 16:17:48 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.11.26 16:17:48 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.11.01 17:04:58 | 000,003,269 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Web Search.xml
[2012.11.26 16:17:48 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/sea ... utEncoding}
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1829_0\plugins/avgnpss.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - homepage: http://www.google.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Ji\u0159\u00ED L\u00E1tal\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Ji\u0159\u00ED L\u00E1tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Ji\u0159\u00ED L\u00E1tal\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Skype Click to Call = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.5.0.11422_0\
CHR - Extension: AVG Secure Search = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\
CHR - Extension: AVG Secure Search = C:\Users\Jirka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak

O1 HOSTS File: ([2013.01.07 15:47:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF2467.3XE /c C:\ComboFix\Combobatch.bat File not found
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\Windows\Pixart\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WD Quick View] C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Western Digital Technologies, Inc.)
O4 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003..\Run: [BlazeServoTool] "C:\Program Files\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe" File not found
O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF2467.3XE /c C:\ComboFixCombobatch.bat File not found
O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab (20-20 3D Viewer)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDow ... ab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resour ... cctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 0502199023 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63BA57FC-E926-4877-8BDE-CB47A3FFA839}: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013.01.07 15:47:12 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\temp
[2013.01.07 15:40:16 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.01.07 15:38:36 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.01.07 15:31:50 | 005,019,547 | R--- | C] (Swearware) -- C:\ComboFix.exe
[2013.01.06 18:35:23 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Roaming\Malwarebytes
[2013.01.06 18:35:17 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.01.06 18:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.06 18:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.01.06 18:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.06 18:35:01 | 000,000,000 | ---D | C] -- C:\Users\Jirka\AppData\Local\Programs
[2013.01.06 12:07:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.01.06 12:07:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.01.06 12:07:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.01.06 12:07:18 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.01.06 12:07:08 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.01.05 13:20:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.01.05 13:20:57 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.01 19:02:38 | 000,019,832 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\zh_res.dll
[2011.12.10 12:58:04 | 013,923,704 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\PCPE Setup.exe
[2011.12.10 12:58:04 | 001,079,808 | ---- | C] (Microsoft Corporation) -- C:\Users\Jirka\mfc80u.dll
[2011.12.10 12:58:04 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Users\Jirka\msvcr80.dll
[2011.12.10 12:58:04 | 000,021,368 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\en_res.dll
[2011.12.10 12:58:04 | 000,020,856 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\ru_res.dll
[2011.12.10 12:58:03 | 000,021,880 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\grm_res.dll
[2011.12.10 12:58:03 | 000,021,880 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\fr_res.dll
[2011.12.10 12:58:03 | 000,021,368 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\pt_res.dll
[2011.12.10 12:58:03 | 000,021,368 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\it_res.dll
[2011.12.10 12:58:03 | 000,021,368 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\es_res.dll
[2011.12.10 12:58:03 | 000,020,344 | ---- | C] (Schneider Electric) -- C:\Users\Jirka\jp_res.dll
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013.01.08 18:54:48 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.01.08 18:28:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.08 17:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.08 15:28:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.08 15:24:22 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2013.01.08 15:24:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.07 21:02:21 | 005,366,342 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.01.07 21:02:21 | 001,778,088 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.01.07 21:02:21 | 000,300,300 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.07 21:02:21 | 000,038,164 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.07 16:47:38 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 16:47:38 | 000,015,008 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 16:40:15 | 2817,380,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.07 15:47:13 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.01.06 18:35:17 | 000,001,077 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.06 18:21:45 | 000,000,165 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.06 09:36:33 | 005,019,547 | R--- | M] (Swearware) -- C:\ComboFix.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.01.08 18:54:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.01.06 18:35:17 | 000,001,077 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.01.06 18:21:34 | 000,000,165 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.01.06 12:07:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.01.06 12:07:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.01.06 12:07:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.01.06 12:07:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.01.06 12:07:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.11.16 16:37:14 | 000,000,400 | ---- | C] () -- C:\Windows\i_lfolqn992.ini
[2012.11.16 16:37:14 | 000,000,400 | ---- | C] () -- C:\Windows\System32\drivers\ffrpsej650.dat
[2012.11.01 17:04:41 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.10.28 14:04:39 | 000,042,333 | ---- | C] () -- C:\ProgramData\Autosave.3dm
[2012.04.17 09:39:57 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2012.04.17 09:37:25 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2011.12.10 12:58:06 | 013,338,112 | ---- | C] () -- C:\Users\Jirka\PCPE_3.0.1.msi
[2011.06.21 15:03:02 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.05.22 10:08:50 | 000,000,014 | ---- | C] () -- C:\Windows\System32\systeminfo.dll
[2011.05.22 10:06:52 | 000,000,356 | ---- | C] () -- C:\Windows\System32\AF15IRTBL.bin
[2011.04.28 17:32:08 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.03.17 06:27:01 | 006,918,144 | ---- | C] () -- C:\Users\Jirka\PCPE_3.0.msi
[2010.05.30 13:08:33 | 000,007,640 | ---- | C] () -- C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
[2010.02.20 18:32:42 | 000,000,600 | ---- | C] () -- C:\Users\Jirka\AppData\Roaming\winscp.rnd
[2010.02.18 19:58:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012.10.13 08:18:01 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.10.13 08:18:01 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2012.04.17 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVG
[2012.11.25 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVG2013
[2011.08.18 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\GlarySoft
[2012.03.30 21:15:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\HD Tune Pro
[2010.05.10 19:37:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\OfficeRecovery
[2011.11.22 16:49:48 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\PC Suite
[2012.01.27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TeamViewer
[2012.05.04 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TuneUp Software
[2010.11.04 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Zoner
[2011.06.08 15:55:35 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Ashampoo
[2012.04.17 19:28:18 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\AVG
[2012.11.25 14:01:45 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\AVG2013
[2010.03.06 20:03:32 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\AVG9
[2010.02.18 16:00:04 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Canon
[2010.02.23 17:46:46 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.02.19 13:33:19 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Disruptive Innovations SARL
[2010.05.13 12:12:25 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\FileZilla
[2010.03.06 17:25:20 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\KompoZer
[2010.03.06 17:29:42 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\kompozer.net
[2012.11.16 16:37:56 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\McNeel
[2011.11.22 17:49:30 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\PC Suite
[2011.03.05 14:23:36 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\PDFCreator
[2012.12.21 08:57:33 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\TeamViewer
[2010.02.19 17:19:15 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Template
[2012.05.04 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\TuneUp Software
[2010.02.28 12:12:04 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Western Digital
[2010.10.20 16:31:19 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Windows Live Writer
[2010.10.17 16:09:41 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\Zoner

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 05:53:46 | 000,032,584 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.02.12 13:15:46 | 000,000,960 | ---- | C] () -- C:\Windows\Tasks\Google Software Updater.job
[2010.02.17 18:30:10 | 000,000,936 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.02.17 18:30:11 | 000,000,940 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.06.11 14:24:02 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\erdnt\cache\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SVCHOST.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\erdnt\cache\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\System32\drivers\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.12.14 16:49:28 | 000,216,424 | ---- | M] () MD5=22101A85B3CA2FE2BE05FE9A61A7A83D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\erdnt\cache\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< >

< %systemroot%*.* /U /s >
[206 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp files -> C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp -> ]
[7 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7261CB1455493726A09F1D3FCEB822F6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7261CB1455493726A09F1D3FCEB822F6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\75A2DA66C9044D39B77E90258857A330\*.tmp files -> C:\Windows\SoftwareDistribution\Download\75A2DA66C9044D39B77E90258857A330\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\cd5a7cf3194a338c377f20fbe939b657\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cd5a7cf3194a338c377f20fbe939b657\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\CEF2B1E2B38EE00AB220F0D2807F622E\*.tmp files -> C:\Windows\SoftwareDistribution\Download\CEF2B1E2B38EE00AB220F0D2807F622E\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\EA9BCBC973E5F2A91187BD18437F2462\*.tmp files -> C:\Windows\SoftwareDistribution\Download\EA9BCBC973E5F2A91187BD18437F2462\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2013.01.06 09:36:33 | 005,019,547 | R--- | M] (Swearware) -- C:\ComboFix.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.02.17 20:58:59 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Adobe
[2012.04.17 17:05:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVG
[2012.11.25 13:58:56 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\AVG2013
[2010.04.21 15:19:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Corel
[2011.04.28 17:38:40 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\CyberLink
[2011.08.18 14:51:45 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\GlarySoft
[2010.02.17 18:26:19 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Google
[2012.03.30 21:15:49 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\HD Tune Pro
[2010.05.10 14:46:26 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Help
[2010.02.17 18:10:06 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Identities
[2010.07.03 08:45:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\InstallShield
[2010.02.17 20:58:59 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Macromedia
[2013.01.06 18:35:23 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Malwarebytes
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Media Center Programs
[2012.06.15 19:16:22 | 000,000,000 | --SD | M] -- C:\Users\Jirka\AppData\Roaming\Microsoft
[2010.02.17 20:57:06 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Mozilla
[2010.05.29 14:27:09 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Nero
[2010.05.10 19:37:38 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\OfficeRecovery
[2011.11.22 16:49:48 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\PC Suite
[2012.12.09 18:42:13 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Skype
[2012.01.27 16:27:46 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TeamViewer
[2012.05.04 16:58:42 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\TuneUp Software
[2010.11.04 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\Jirka\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2010.03.21 13:10:47 | 000,010,134 | R--- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\ARPPRODUCTICON.exe
[2010.03.21 13:10:47 | 000,008,854 | R--- | M] () -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\Uninstall_WD_Diagnos_0AB76F69E7614CFAB9B0A1906B4E9E4B.exe
[2010.03.21 13:10:47 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}\WinDlg.exe_0AB76F69E7614CFAB9B0A1906B4E9E4B_3.exe
[2011.11.22 16:45:34 | 000,053,248 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}\ARPPRODUCTICON.exe
[2011.11.22 16:45:34 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
[2011.11.22 16:45:34 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}\NewShortcut46_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.11.22 16:45:34 | 000,073,728 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}\NewShortcut47_74B9CE5DF1F4447F982DCA29A461B529.exe
[2011.11.22 16:45:34 | 000,049,152 | R--- | M] (Flexera Software, Inc.) -- C:\Users\Jirka\AppData\Roaming\Microsoft\Installer\{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
[2010.11.04 15:46:17 | 012,452,064 | ---- | M] (ZONER software ) -- C:\Users\Jirka\AppData\Roaming\Zoner\NLMDB\product.0034\autoupdate.cz\ZPS13_Update_Build02.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.03.21 07:45:47 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.03.21 07:45:47 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\Tasks\*.job >
[2013.01.08 18:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.08 15:24:22 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2013.01.08 15:28:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.08 18:28:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.01.30 16:57:44 | 000,431,672 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2011.03.21 07:45:47 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.03.21 07:45:47 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013.01.07 16:47:38 | 000,015,008 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.07 16:47:38 | 000,015,008 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.06 18:22:35 | 000,095,919 | ---- | M] () -- C:\Windows\system32\PCPELog.txt
[2013.01.07 21:02:21 | 001,778,088 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2013.01.07 21:02:21 | 000,038,164 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2013.01.07 21:02:21 | 005,366,342 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2013.01.07 21:02:21 | 000,300,300 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2013.01.07 21:02:21 | 000,337,006 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >
[2013.01.06 09:36:33 | 005,019,547 | R--- | M] (Swearware) -- C:\ComboFix.exe
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.12.25 08:41:58 | 000,916,960 | ---- | M] (Mozilla Corporation) MD5=5744FFF8E72D105C138DAE9E17BB29FE -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.11.16 17:33:24 | 000,757,280 | ---- | M] (Microsoft Corporation) MD5=B201AF83DF2E85323E29EB83E4046810 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.12.05 02:15:17 | 001,242,728 | ---- | M] (Google Inc.) MD5=2D08AC1443FFA7FBED9A5EA5FD49AEB3 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.01.08 18:54:48 | 000,000,512 | ---- | M] () MD5=C9F92FD234D992F97E9B36B9755F7D0A -- C:\PhysicalMBR.bin
[1 C:\*.tmp files -> C:\*.tmp -> ]

< >

< *crack* /s >
[2002.12.18 17:10:46 | 000,092,827 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Bumpmap\Cracks.cpt
[2002.12.16 18:44:50 | 000,016,068 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Canvas\cracks2c.pcx
[2002.12.16 18:44:30 | 000,010,560 | ---- | M] () -- \Program Files\Corel\Corel Graphics 12\Custom Data\Tiles\CRACKS2M.CPT

< *keygen* /s >

< *loader* /s >
[2012.11.08 15:10:39 | 000,019,497 | ---- | M] () -- \Program Files\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif
[2012.01.11 14:06:54 | 000,002,665 | ---- | M] () -- \Program Files\BlueGriffon\components\uriloader.xpt
[2002.09.25 21:05:38 | 000,113,664 | ---- | M] () -- \Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012.03.01 19:23:20 | 000,112,128 | ---- | M] () -- \Program Files\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.09.30 18:06:10 | 000,010,789 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\mm\MediaCtrl\ImageLoader.kc
[2009.09.30 18:06:18 | 000,003,500 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\langloader.kc
[2009.09.30 18:06:18 | 000,013,383 | ---- | M] () -- \Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\widget\layoutloader.kc
[2010.03.04 20:42:08 | 000,002,910 | ---- | M] () -- \Program Files\KompoZer\components\uriloader.xpt
[2011.10.17 13:10:26 | 000,071,528 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.11.06 10:09:52 | 000,083,816 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012.08.16 16:25:20 | 000,013,734 | ---- | M] () -- \Program Files\Rhinoceros 5.0 Zkušební verze\Plug-ins\IronPython\Lib\unittest\loader.py
[2010.02.05 19:19:02 | 000,293,376 | ---- | M] () -- \Program Files\Windows Live Safety Center\wlscuploader.exe
[2008.06.20 19:13:32 | 000,044,032 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2010.04.29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2010.04.29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Flickr\ZPSPluginLoader.exe
[2011.03.08 17:09:04 | 000,194,048 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPicasaUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Plugins\Picasa\ZPSPluginLoader.exe
[2011.06.08 14:20:02 | 000,102,792 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\8bfLoader.exe
[2011.06.08 14:20:16 | 000,019,336 | ---- | M] () -- \Program Files\Zoner\Photo Studio 13\Program32\WICLoader.exe
[2011.12.17 19:02:11 | 000,001,329 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2011.12.17 19:02:11 | 000,001,329 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2009.05.15 07:36:22 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.11.08 15:16:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.11.08 15:16:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.11.08 15:16:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2011.07.22 17:17:58 | 000,002,448 | ---- | M] () -- \Users\Jiří Látal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0OOPTCMJ\ajax_loader_bar[1].gif
[2011.04.09 17:58:59 | 000,001,423 | ---- | M] () -- \Users\Jiří Látal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0OOPTCMJ\loader[1].gif
[2013.01.04 18:08:53 | 000,000,673 | ---- | M] () -- \Users\Jiří Látal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\F4LL6ETX\ajax-loader[1].gif
[2013.01.04 18:08:53 | 000,010,819 | ---- | M] () -- \Users\Jiří Látal\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\GFC6W3QX\ajax-loader[1].gif
[2007.09.01 00:03:00 | 000,003,095 | ---- | M] () -- \Users\Jiří Látal\Documents\Kompozer\KompoZer 0.7.10\components\uriloader.xpt
[2011.09.01 12:13:30 | 000,112,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\8F0A3E8F4A358DF499689CA0E37A3C6B\3.0.560\ta_productapiloader..D321D6CC_DBBE_4AC3_8DBD_DFF82BB39BDC
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.02.23 17:30:24 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.02.23 17:30:24 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.02.23 17:30:24 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.02 06:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 07:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 06:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.05.14 08:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.06.03 07:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6536 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4

< End of report >
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#28 Příspěvek od JirkaL. »

OTL Extras logfile created on: 8.1.2013 18:53:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jiří Látal\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,50 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 49,08% Memory free
7,00 Gb Paging File | 4,66 Gb Available in Paging File | 66,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 923,70 Gb Total Space | 728,30 Gb Free Space | 78,85% Space Free | Partition Type: NTFS

Computer Name: JIRKA-PC-NOVY | User Name: Jirka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{117EA32F-8B7E-49F2-AFA3-43158DAAACEF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1CBFFD8A-E630-4D0D-A547-79B287358B61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{248941D4-F27D-4324-A7D8-B938257B5917}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{248DF8B9-5677-47A7-80AA-247E496650BE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{293EC41A-FC17-4D0E-A65B-41495E309B5C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4102B795-C608-4F2A-816E-6C145861CF27}" = rport=10243 | protocol=6 | dir=out | app=system |
"{490EB616-D723-4B3A-9451-4A5C75888136}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D78D55D-0CBE-494E-BF95-26555547E0B0}" = rport=138 | protocol=17 | dir=out | app=system |
"{5DE5BF0D-7646-47B0-B4DB-4A9E07568F82}" = lport=138 | protocol=17 | dir=in | app=system |
"{67B1B4E4-FD4E-4E58-A36D-D76FC24169FC}" = rport=445 | protocol=6 | dir=out | app=system |
"{6B2A2982-EBF9-4F56-8D1A-3D755A2E0688}" = rport=139 | protocol=6 | dir=out | app=system |
"{892A4874-9622-4F62-BA20-22325A185895}" = rport=137 | protocol=17 | dir=out | app=system |
"{8AA096AC-FE15-410F-852F-C7DC6D66E067}" = lport=137 | protocol=17 | dir=in | app=system |
"{8AB93780-6F28-47C0-BD7F-40867643F943}" = lport=139 | protocol=6 | dir=in | app=system |
"{9AD54D22-3B2E-4183-97D9-92E82BCCA423}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E72B991-3640-4BB4-AF79-BE1E8100B329}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9EF30B1A-D210-4079-89BE-0B3E98CA047E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9F3E2287-C174-4654-A538-A8F8C6FA97D5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5C6505B-7C96-47CC-AF62-5C8C7C2147F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A9C065F6-3100-4F5A-B2A9-C9D0A0F5CBF2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{ABD6BF6B-E37E-4D60-8BFC-D825ED80A31E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D01E7380-3426-4106-862E-9432934B5EE1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E14D25C3-3DE1-4F07-A9BD-10AD702566F7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E49E07A8-E4DA-4249-ACA8-6F75217D0E97}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EAC9C52B-4C09-45FC-884D-47B355CA2D6A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF37413A-0DF7-4B47-B00A-C47F88D33E77}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F6066DC8-2367-47C3-91BF-5FD848B965DB}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06F0CB60-4575-4469-88B5-F3F8CC1AD8CC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{0E1F30BA-138A-404A-8C45-E31439F0CF87}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{0E265977-1CFD-4861-8052-8CAFD13BDC66}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2544F736-2358-421F-B98F-CFBC37747634}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{25AD6CA3-9C98-411A-9E7D-750219C2EFE4}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{2F3C32E2-BDAA-457E-ADCC-9331D934552C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{32E57D40-FE9F-4373-814F-61473FC5F9D0}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{3647BD61-17C8-4925-9907-5CB0704862E5}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{38A97720-3E79-4CA0-8775-FF4C45AFFD3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A468139-A0D2-407E-91CC-328938A98D38}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{4B100A86-BDEF-494D-893E-FFFFB52994C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4ECCC50D-E5C8-4E9B-8F09-53E9D0DB7BD7}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{518D031C-AC6C-4FB6-8B27-B15DAB629E7A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{5741D27E-66D2-4EBA-996B-58345BA74420}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5F0C6AD7-B1E8-4D20-B7E5-83A410D6C205}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgnsx.exe |
"{62A8091D-8F76-421A-B906-DB812FA7109E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68B6446F-1865-48E9-9768-610558E85D44}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6EA6005B-C45F-494B-ACB2-5A65A1DB1260}" = dir=in | app=c:\program files\nokia\nokia suite\nokiasuite.exe |
"{76DF9DD9-B276-427E-AF8A-0D096C944FA3}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{791E7B0E-7ABD-4C50-A4BF-227AA03086AD}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7DAEFEF2-03C2-4647-80DC-F04F8C8FB618}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{7F321D40-EEBD-4CD8-A257-28774F1B6E10}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{93E9C95C-04F9-4F41-A6B9-1CCB8F135C5A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgmfapx.exe |
"{94D02479-EFA1-4714-A4C6-5A014A2AA216}" = dir=out | app=c:\program files\protected search\protectedsearch.exe |
"{A0C6B832-7123-4762-84D8-4B7FA9C0D4B4}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgdiagex.exe |
"{A4505EC6-DFB6-484A-A9FF-69F95ABC9211}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AAF23A75-EFF0-4AF9-99A0-B631E1D53DF0}" = protocol=6 | dir=out | app=system |
"{B13296A6-E26B-4E02-A100-D4CA42C017A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB909AF7-C2D6-4422-B7E2-BB4872DDA617}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C11F7292-A4B0-461F-9EDE-911DA51A858B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C3DDE2BC-6ADB-4BD3-A215-D42B62AABD21}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{D610C27E-70D6-4B9B-ADD9-BEF8F6B5717D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8BBE0CA-EAC6-4C50-BD01-E68B7B8FE63B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{D9D96E2A-8F6E-4D5A-9769-793F9B763029}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{DC6ED8E3-133A-4445-B0FE-867AB1267E01}" = dir=in | app=c:\program files\protected search\protectedsearch.exe |
"{DD176FD5-8CFD-4EAC-817E-D087BBE2F45E}" = dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"{F421A564-0BD7-4A3D-B3CF-60A61A870274}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F4B1374B-FA7F-421E-B7FA-DA25ADEA8443}" = dir=in | app=c:\program files\cyberlink\powerdvd9\powerdvd9.exe |
"{FFCBC455-520B-44A3-A45E-DE6B3F078202}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1407B87C-36E3-4FC1-9051-D08B21E1096F}" = Windows Live Sync
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26
"{2ed67cfd-f899-4047-af47-bd42d72aa66b}" = Nero 9 Essentials
"{3256C48C-78D0-4FC6-A0F5-81ADF3A9D7D4}" = AVG 2013
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40B6D0B4-301A-4020-869F-2E3936E02299}" = WebMate
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{5265664F-6128-405C-9225-9782A85954FD}" = Plustek OpticPro ST48
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D412B61-F3A7-42C6-9C07-29BBD3D442B1}" = AVG 2013
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85906B1C-FD0E-417A-BE43-C3A4E10CFAA0}" = Adobe Illustrator 10 CE
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ED262EE-FC73-47A9-BB86-D92223246881}" = PowerChute Personal Edition 3.0.2
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A9015334-10BE-4D64-A776-203336EFE806}_is1" = BlueGriffon version 1.4
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 296.10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD4B921E-5A26-4AD2-AD04-C1591443573A}" = iSlim 310
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C3AD9933-EF84-4226-B906-0E0578B14248}" = WD SmartWare
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C7CB2A99-BD22-4051-857B-BB5F624FC88F}" = Rhinoceros 5.0 Zkušební verze
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}" = Rhinoceros 4.0 Evaluation
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F8E3A0F8-53A4-4FD8-9986-C90A3EA7C3B6}" = Nokia Software Updater
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"AVG" = AVG 2013
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Canon RAW Codec" = Canon RAW Codec
"CANONIJINBOXADDON200" = Canon Inkjet Printer Driver Add-On Module V2.00
"CanonMyPrinter" = Canon Utilities My Printer
"DFM2HTML v4.5.2" = DFM2HTML v4.5.2
"DFM2HTML v6" = DFM2HTML v6
"DFM2HTML v6.1" = DFM2HTML v6.1
"DPP" = Canon Utilities Digital Photo Professional 3.9
"EOS Utility" = Canon Utilities EOS Utility
"ESET Online Scanner" = ESET Online Scanner v3
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"FileZilla Client" = FileZilla Client 3.3.2.1
"FLV Player" = FLV Player 2.0 (build 25)
"Glary Registry Repair_is1" = Glary Registry Repair 3.3.0.852
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"Labtec Keyboard/Desktop Software_is1" = Labtec Keyboard/Desktop Software 6.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Model Paint Database_is1" = Model Paint Database 0.80 Alpha
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"Nokia Suite" = Nokia Suite
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Rhinoceros 2.0" = Rhinoceros 2.0
"Rhinoceros 3.0" = Rhinoceros 3.0
"Rmtablet" = Pen Pad Driver with Macro Key Manager
"STANDARDR" = Microsoft Office Standard 2007
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 8" = TeamViewer 8
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 5.1
"ZonerPhotoStudio12_EASTER_CZ_is1" = Zoner Photo Studio 12 - Velikonoční obálky
"ZonerPhotoStudio13_CZ_is1" = Zoner Photo Studio 13
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.2.2012 14:38:01 | Computer Name = Jirka-PC-novy | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 16.2.2012 13:09:09 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 16.2.2012 13:10:55 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Plustek\opticpro
st48\Setup\DPInst64.exe se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 18.2.2012 4:25:47 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 18.2.2012 5:00:10 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 18.2.2012 5:02:31 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro c:\program files\Plustek\opticpro
st48\Setup\DPInst64.exe se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 19.2.2012 2:49:24 | Computer Name = Jirka-PC-novy | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 19.2.2012 4:23:48 | Computer Name = Jirka-PC-novy | Source = SideBySide | ID = 16842827
Description = Selhalo generování kontextu aktivace pro: C:\Program Files\Skype\Toolbars\Internet
Explorer\SkypeIEPluginBroker.exe. Chyba v souboru manifestu nebo zásad C:\Program
Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe na řádku 2. V manifestu
není povoleno více prvků requestedPrivileges.

Error - 19.2.2012 12:40:00 | Computer Name = Jirka-PC-novy | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

Error - 19.2.2012 12:40:01 | Computer Name = Jirka-PC-novy | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota řetězce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostředkovatele čítače rozšíření. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové části. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje třetí hodnota DWORD datové části.

[ McNeel Events ]
Error - 17.11.2012 12:03:00 | Computer Name = Jirka-PC-novy | Source = McNeel Update Service (version 5.1) | ID = 0
Description = Error,Download failed permanently for '{{http://store.mcneel.com/api/v1/mcneelup ... 0927.2230/}}'
-> '{{C:\ProgramData\McNeel\McNeelUpdate\DownloadCache\3587d02a51e960b18ee0dc1bc67289ab\update.xml}}',5.1.20803.1059

Error - 12.12.2012 12:34:10 | Computer Name = Jirka-PC-novy | Source = McNeel Update Service (version 5.1) | ID = 0
Description = Error,Download failed permanently for '{{http://store.mcneel.com/api/v1/mcneelup ... 0927.2230/}}'
-> '{{C:\ProgramData\McNeel\McNeelUpdate\DownloadCache\3587d02a51e960b18ee0dc1bc67289ab\update.xml}}',5.1.20803.1059

[ Media Center Events ]
Error - 12.7.2010 12:01:21 | Computer Name = Jirka-PC-novy | Source = MCUpdate | ID = 0
Description = 18:01:21 - Chyba při připojování k Internetu 18:01:21 - Nelze kontaktovat
server..

[ OSession Events ]
Error - 15.10.2010 12:59:57 | Computer Name = Jirka-PC-novy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2805
seconds with 0 seconds of active time. This session ended with a crash.

Error - 17.10.2010 7:23:25 | Computer Name = Jirka-PC-novy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19399
seconds with 300 seconds of active time. This session ended with a crash.

Error - 3.1.2011 13:35:07 | Computer Name = Jirka-PC-novy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 81
seconds with 60 seconds of active time. This session ended with a crash.

Error - 6.1.2011 10:43:44 | Computer Name = Jirka-PC-novy | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6548.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 80
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 7.1.2013 10:48:35 | Computer Name = Jirka-PC-novy | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:46:47, ?7.?1.?2013) bylo neočekávané.

Error - 7.1.2013 10:48:36 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 10:48:37 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 10:50:47 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 7.1.2013 10:50:47 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 7.1.2013 11:39:05 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 11:40:19 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 11:40:19 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7006
Description = Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto
chybou: %%5

Error - 7.1.2013 11:42:24 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 7.1.2013 11:42:24 | Computer Name = Jirka-PC-novy | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Firefox otvírá samovolně nové záložky

#29 Příspěvek od vyosek »

:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Jirka\AppData\Local\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jirka\AppData\Local\Temp\catchme.sys -- (catchme)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://search.certified-toolbar.com?si= ... id=2937&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8B 98 D0 51 F6 AF CA 01 [binary data]
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\..\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F8 48 55 38 BF 37 CA 01 [binary data]
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{02006D6A-A169-48F0-8F1B-EC52AE8A1AAE}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{1A8B053D-DC95-49C7-8C73-5C8E7505B7EA}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PPBG_csCZ367
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\Live Search: "URL" = http://search.live.com/results.aspx?q={searchTerms}&mkt=cs-cz&FORM=MICPCZ
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\SearchScopes\Yahoo!: "URL" = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms}
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1
O3 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll File not found
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF2467.3XE /c C:\ComboFix\Combobatch.bat File not found
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:13.2.0.5
FF - prefs.js..extensions.enabledItems: avg@igeared:6.011.025.001
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.2.0.5
CHR - default_search_provider: AVG Secure Search (Enabled)
O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat ()
O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2010.03.06 20:03:32 | 000,000,000 | ---D | M] -- C:\Users\Jiří Látal\AppData\Roaming\AVG9
[6 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp files -> C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\*.tmp -> ]
[7 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7261CB1455493726A09F1D3FCEB822F6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7261CB1455493726A09F1D3FCEB822F6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\75A2DA66C9044D39B77E90258857A330\*.tmp files -> C:\Windows\SoftwareDistribution\Download\75A2DA66C9044D39B77E90258857A330\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\cd5a7cf3194a338c377f20fbe939b657\*.tmp files -> C:\Windows\SoftwareDistribution\Download\cd5a7cf3194a338c377f20fbe939b657\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\CEF2B1E2B38EE00AB220F0D2807F622E\*.tmp files -> C:\Windows\SoftwareDistribution\Download\CEF2B1E2B38EE00AB220F0D2807F622E\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\EA9BCBC973E5F2A91187BD18437F2462\*.tmp files -> C:\Windows\SoftwareDistribution\Download\EA9BCBC973E5F2A91187BD18437F2462\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2013.01.08 18:58:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.01.08 15:24:22 | 000,000,960 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2013.01.08 15:28:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.08 18:28:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
@Alternate Data Stream - 6536 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:0B4227B4

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
JirkaL.
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 05 led 2013 13:48

Re: Firefox otvírá samovolně nové záložky

#30 Příspěvek od JirkaL. »

Tak jsem to provedl, program si vyžádal restart pro dokončení mazání souborů, ale žádný log se neobjevil. Když jse ho začal hledat, našel jsem jedině tento na C:\_OTL\MovedFiles, který by časově odpovídal:


All processes killed
========== OTL ==========
Error: No service named mbr was found to stop!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr deleted successfully.
File C:\Users\Jirka\AppData\Local\Temp\mbr.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\Jirka\AppData\Local\Temp\catchme.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKU\S-1-5-21-1923069126-1021885443-1328852899-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}\ not found.
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{02006D6A-A169-48F0-8F1B-EC52AE8A1AAE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02006D6A-A169-48F0-8F1B-EC52AE8A1AAE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{1A8B053D-DC95-49C7-8C73-5C8E7505B7EA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A8B053D-DC95-49C7-8C73-5C8E7505B7EA}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF9C7CF6-56A4-41AF-A726-D21E80BFB264}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
Registry key HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\SearchScopes\{searchTerms}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{searchTerms}\ not found.
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_USERS\S-1-5-21-1923069126-1021885443-1328852899-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_ROC_NT deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\vProt deleted successfully.
C:\Program Files\AVG Secure Search\vprot.exe moved successfully.
Prefs.js: avg%40toolbar:13.2.0.5 removed from extensions.enabledAddons
Prefs.js: avg@igeared:6.011.025.001 removed from extensions.enabledItems
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\DeleteOnReboot deleted successfully.
C:\Windows\DeleteOnReboot.bat moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceEx\\flags deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll File not found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Users\Jiří Látal\AppData\Roaming\AVG9\cfgall folder moved successfully.
C:\Users\Jiří Látal\AppData\Roaming\AVG9 folder moved successfully.
C:\Windows\Installer\MSI15F4.tmp deleted successfully.
C:\Windows\Installer\MSI2227.tmp deleted successfully.
C:\Windows\Installer\MSI4DEC.tmp deleted successfully.
C:\Windows\Installer\MSI7751.tmp deleted successfully.
C:\Windows\Installer\MSI878E.tmp deleted successfully.
C:\Windows\Installer\MSIACDB.tmp deleted successfully.
C:\Windows\Installer\{E3355E5C-965C-4f67-8A8C-E9A0FA9FD80F}\GLFEDEE.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt3324.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt5447.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt7977.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt9ABD.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltBA5D.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltC18F.tmp deleted successfully.
C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltF644.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\7261CB1455493726A09F1D3FCEB822F6\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\75A2DA66C9044D39B77E90258857A330\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\cd5a7cf3194a338c377f20fbe939b657\$dpx$.tmp folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\CEF2B1E2B38EE00AB220F0D2807F622E\$DPX$.TMP folder deleted successfully.
C:\Windows\SoftwareDistribution\Download\EA9BCBC973E5F2A91187BD18437F2462\$DPX$.TMP folder deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\Google Software Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
ADS C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh deleted successfully.
ADS C:\ProgramData\Temp:0B4227B4 deleted successfully.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jirka
->Temp folder emptied: 26595 bytes
->Temporary Internet Files folder emptied: 328057 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 55776689 bytes
->Google Chrome cache emptied: 39962689 bytes
->Flash cache emptied: 908 bytes

User: Jiří Látal
->Temp folder emptied: 1186 bytes
->Temporary Internet Files folder emptied: 185398875 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 363848281 bytes
->Google Chrome cache emptied: 45620145 bytes
->Flash cache emptied: 45842 bytes

User: Public
->Temp folder emptied: 0 bytes

User: TEMP
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.000
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.001
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.002
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.003
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.004
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.005
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.006
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.007
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.008
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.009
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.010
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.011
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.012
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.013
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.014
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.015
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.016
->Temp folder emptied: 0 bytes

User: TEMP.JIRKA-PC-NOVY.017
->Temp folder emptied: 0 bytes

User: TEMPJI~1~003
->Temp folder emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41 bytes

%systemdrive% .tmp files removed: 2732016 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 130435428 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 786,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Jirka
->Flash cache emptied: 0 bytes

User: Jiří Látal
->Flash cache emptied: 0 bytes

User: Public

User: TEMP

User: TEMP.JIRKA-PC-NOVY

User: TEMP.JIRKA-PC-NOVY.000

User: TEMP.JIRKA-PC-NOVY.001

User: TEMP.JIRKA-PC-NOVY.002

User: TEMP.JIRKA-PC-NOVY.003

User: TEMP.JIRKA-PC-NOVY.004

User: TEMP.JIRKA-PC-NOVY.005

User: TEMP.JIRKA-PC-NOVY.006

User: TEMP.JIRKA-PC-NOVY.007

User: TEMP.JIRKA-PC-NOVY.008

User: TEMP.JIRKA-PC-NOVY.009

User: TEMP.JIRKA-PC-NOVY.010

User: TEMP.JIRKA-PC-NOVY.011

User: TEMP.JIRKA-PC-NOVY.012

User: TEMP.JIRKA-PC-NOVY.013

User: TEMP.JIRKA-PC-NOVY.014

User: TEMP.JIRKA-PC-NOVY.015

User: TEMP.JIRKA-PC-NOVY.016

User: TEMP.JIRKA-PC-NOVY.017

User: TEMPJI~1~003

User: UpdatusUser
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Jirka
->Java cache emptied: 0 bytes

User: Jiří Látal
->Java cache emptied: 0 bytes

User: Public

User: TEMP

User: TEMP.JIRKA-PC-NOVY

User: TEMP.JIRKA-PC-NOVY.000

User: TEMP.JIRKA-PC-NOVY.001

User: TEMP.JIRKA-PC-NOVY.002

User: TEMP.JIRKA-PC-NOVY.003

User: TEMP.JIRKA-PC-NOVY.004

User: TEMP.JIRKA-PC-NOVY.005

User: TEMP.JIRKA-PC-NOVY.006

User: TEMP.JIRKA-PC-NOVY.007

User: TEMP.JIRKA-PC-NOVY.008

User: TEMP.JIRKA-PC-NOVY.009

User: TEMP.JIRKA-PC-NOVY.010

User: TEMP.JIRKA-PC-NOVY.011

User: TEMP.JIRKA-PC-NOVY.012

User: TEMP.JIRKA-PC-NOVY.013

User: TEMP.JIRKA-PC-NOVY.014

User: TEMP.JIRKA-PC-NOVY.015

User: TEMP.JIRKA-PC-NOVY.016

User: TEMP.JIRKA-PC-NOVY.017

User: TEMPJI~1~003

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 01092013_151114
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“