Re: Spousta havěti
Napsal: 16 črc 2013 13:40
ok, tak to bude chvilku trvat, skočím koupit flashku....
Stránka 2 z 3
Re: Spousta havěti
Napsal: 16 črc 2013 13:53
To zas nemusite, staci jej ulozit na ten disk
Re: Spousta havěti
Napsal: 16 črc 2013 14:58
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-07-2013 02
Ran by Marty (administrator) on 16-07-2013 15:47:51
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6963744 2009-01-20] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [4816896 2010-11-20] ()
HKCU\...\Run: [Mikogo] - "C:\Users\Marty\AppData\Roaming\Mikogo 4\mikogo-host.exe" -asp [5420408 2011-08-04] ()
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKCU\...\Run: [supertintin_skype] - C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto [999936 2011-01-10] (Imtiger Software Inc.)
HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [ASUSGamerOSD] - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [380928 2009-07-30] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Nikon Transfer Monitor] - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Logitech G930] - C:\Program Files (x86)\Logitech\G930\G930.exe [1516888 2011-03-23] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\elephant\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\elephant\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\elephant\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\elephant\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.)
HKU\elephant\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
HKU\elephant\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres.Marty-PC\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres.Marty-PC.000\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\postgres.Marty-PC.000\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\postgres.Marty-PC.000\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\postgres.Marty-PC.000\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.)
HKU\postgres.Marty-PC.000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
HKU\postgres.Marty-PC.000\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: (No Name) - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - No File
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
HKLM-x32 SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2117678
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2117678
HKCU SearchScopes: DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214 ... 2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ffa4db18e9
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {7C053627-1C30-43F6-98CD-AEE69CCE26F3} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214 ... 2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.com/toolbarv/askRedi ... oolbar=VZ2
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM-x32 - NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKCU - No Name - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
Toolbar: HKCU - No Name - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: HKLM-x32 {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/gom/receiver/tc/FMSI.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default
FF user.js: detected! => C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\user.js
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://isearch.avg.com/?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=hp
FF Keyword.URL: hxxp://isearch.avg.com/search?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&pid=avg&sg=0&v=15.3.0.11&sap=ku&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Users\Marty\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Babylon - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\ffxtlbr@babylon.com
FF Extension: brothersoft afc Community Toolbar - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{0b7430e9-e659-4555-ac67-be3340aaa519}
FF Extension: No Name - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR RestoreOnStartup: "hxxp://us.yahoo.com?fr=fpc-comodo"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.1.0.32_0
CHR Extension: (Gmail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 ASDR; C:\Windows\SysWOW64\ASDR.exe [61440 2009-07-27] ()
S2 ASKService; C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [464264 2009-04-02] ()
S2 ASKUpgrade; C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [234888 2009-04-02] ()
S2 ATKFUSService; C:\Windows\system32\ATKFUSService.exe [62464 2009-05-06] (ASUSTeK COMPUTER INC.)
S3 B-Service; C:\Users\Marty\AppData\Roaming\Mikogo\B-Service.exe [185640 2011-02-20] ()
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-02-05] ()
S2 gupdate1ca9a6f3d2f71c0; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-01-21] (Google Inc.)
S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [246520 2010-03-28] ()
S2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe [143928 2012-08-19] (Symantec Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-04-22] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [93336 2009-08-24] (SiSoftware)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1025408 2013-06-27] (Enigma Software Group USA, LLC.)
S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [47160 2008-04-28] (AMD, Inc.)
S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [14904 2009-02-23] ()
S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [14904 2009-02-23] ()
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.)
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [35624 2007-08-08] ()
S3 atkdisplf; C:\Windows\System32\Drivers\atkdisplowfilter.sys [39424 2009-02-17] (ASUSTeK Computer Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2011-06-04] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation)
S1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD01000.020\ccSetx64.sys [168096 2012-08-07] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
S1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2009-12-11] (ASUSTeK Computer Inc.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-18] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 etdrv; C:\Windows\etdrv.sys [25640 2009-12-24] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2009-12-24] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [23080 2013-07-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [23080 2013-07-16] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-12] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-12] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [30080 2009-07-16] (REALiX(tm))
S1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [30080 2009-07-16] (REALiX(tm))
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-13] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-13] (Symantec Corporation)
S3 LADF_BakerCOnly; C:\Windows\System32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\System32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2010-02-27] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-05-05] (Duplex Secure Ltd.)
S1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-16] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 ALSysIO; \??\C:\Users\Marty\AppData\Local\Temp\ALSysIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; \??\C:\Users\Marty\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 EraserUtilDrv11220; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\acedrv11.sys 6CE02D42183CDF31315F208AE35F153F
C:\Windows\system32\drivers\acedrv11.sys 6CE02D42183CDF31315F208AE35F153F
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AmdTools64.sys DEDA72A4AB5416AD0A09FAECFA6056C2
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys F160ECCE1500A5A5877C123584E86B17
C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys F160ECCE1500A5A5877C123584E86B17
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\drivers\asusgsb.sys A4398A8914C32F18EC2AB562CBA3CAAF
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 506934DF94E3197F4A1BBE8FBEAB0CCD
C:\Windows\System32\DRIVERS\atikmdag.sys 79CEB8D4F25CABE69F3762C90F5B06B8
C:\Windows\System32\DRIVERS\ATITool64.sys A6FAD7A5ADA4675BA9C9FEAF4E0542BA
C:\Windows\System32\Drivers\atkdisplowfilter.sys FB4187C282CB467E5E606913A1FA79A3
C:\Windows\System32\DRIVERS\atksgt.sys 09149D03629A44F4773E621C432D1D89
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys 6E10DB69DB1AA96207F4B14B18FF12F8
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys 6E10DB69DB1AA96207F4B14B18FF12F8
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys 56685951208AC81CF923B9B08BEDF3B7
C:\Windows\system32\drivers\NSTx64\7DD01000.020\ccSetx64.sys A5C13600F63EB92F8D15123D64BA9895
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\system32\drivers\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Windows\System32\DRIVERS\EIO64.sys 343ADA10D948DB29251F2D9C809AF204
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys C5BCCB378D0A896304A3E71BE7215983
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys DF96C3CD6AE15F6D0A6BCB70F9C1E88D
C:\Windows\System32\DRIVERS\EsgScanner.sys 3B32CAA07D672F8A2E0DF5CB3A873F45
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\gdrv.sys 46E2828BCA26B31FA5A1DD4D84DF633D
C:\Windows\gdrv.sys 46E2828BCA26B31FA5A1DD4D84DF633D
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewdcsc.sys 84D3088475BD9BC56ED76D6E0F740A63
C:\Windows\System32\DRIVERS\ewusbmdm.sys 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB
C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS 417AD08FBC87B350ADC12BD2361932CE
C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS 417AD08FBC87B350ADC12BD2361932CE
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbdev.sys B45B3647BA32749B94FA689175EC8C26
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 4B071AEBBC13D60430EE0371B262F681
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jraid.sys DB85FE8D6CBAA2047CB4DA1B2C193D76
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\KMWDFILTER.sys 07071C1E3CD8F0F9114AAC8B072CA1E5
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ladfBakerCamd64.sys 86F06574763A0E7CDCD57DD85632E44F
C:\Windows\System32\DRIVERS\ladfBakerRamd64.sys 89B4981F949A14148365DE8D98A310B5
C:\Windows\System32\DRIVERS\lirsgt.sys 5EA407821BB3104C31A705175AB4F309
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIVX.sys 67C7695D3B18682ADDF8419EDA4BBFB8
C:\Windows\System32\DRIVERS\Rt64win7.sys BAEFEE35D27A5440D35092CE10267BEC
C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\Sandra.sys 5EFBBFCC6ADAC121C8E2FE76641ED329
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 5F9785E7535F8F602CB294A54962C9E7
C:\Windows\SysWow64\speedfan.sys 5F9785E7535F8F602CB294A54962C9E7
C:\Windows\System32\Drivers\sptd.sys A15860E920B02C9A7CE8F3A6C2FF1E3A
C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS 2FD9346F9D76CB4192D37329CFA47A82
C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS 0E76CEF892C45734F7AED09FDDF35D4D
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS 52DC0048D667757A8A2E4C87182890AC
C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS 599872BAD7CFB45C7CE47CDED4B726D8
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS F19E5E37ED8134B9E5F6287F2D3A75D7
C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS ADF37F1A715D6C56C8E065FD8569A9A4
C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS 9CDCA70485BD6B9D230365F67C31F132
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\teamviewervpn.sys F5520DBB47C60EE83024B38720ABDA24
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-16 15:47 - 2013-07-16 15:47 - 00000000 ____D C:\FRST
2013-07-16 14:46 - 2013-07-16 14:46 - 01778135 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2013-07-16 13:45 - 2013-07-16 13:45 - 00042747 _____ C:\ComboFix.txt
2013-07-16 13:43 - 2013-07-16 13:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-16 13:26 - 2013-07-16 13:46 - 00000000 ____D C:\ComboFix
2013-07-16 13:26 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-16 13:26 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-16 13:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-16 13:20 - 2013-07-16 13:46 - 00000000 ____D C:\Qoobox
2013-07-16 13:20 - 2013-07-16 13:42 - 00000000 ____D C:\Windows\erdnt
2013-07-16 13:10 - 2013-07-16 13:10 - 05089088 ____R (Swearware) C:\Users\Marty\Desktop\ComboFix.exe
2013-07-16 13:04 - 2013-07-16 13:04 - 00891022 _____ C:\Users\Marty\Desktop\SecurityCheck.exe
2013-07-16 13:03 - 2013-07-16 13:03 - 00001796 _____ C:\sc-cleaner.txt
2013-07-16 13:02 - 2013-07-16 13:02 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\sc-cleaner.exe
2013-07-16 12:58 - 2013-07-16 13:00 - 00026082 _____ C:\Users\Marty\Desktop\Rkill.txt
2013-07-16 12:58 - 2013-07-16 12:58 - 00000000 ____D C:\Users\Marty\Desktop\rkill
2013-07-16 12:57 - 2013-07-16 12:58 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\rkill.exe
2013-07-16 04:27 - 2013-07-16 04:27 - 00025696 _____ C:\Users\Marty\Desktop\log.odt
2013-07-16 02:09 - 2013-07-16 02:09 - 00023542 _____ C:\Users\Marty\Downloads\a5769e0eb8112b45e397eea2db8eee84cddd232d.zip
2013-07-16 01:31 - 2013-07-16 01:31 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-16 00:47 - 2013-07-16 00:47 - 00017891 _____ C:\Users\Marty\Downloads\Dexter.S08E03.HDTV.x264-ASAP-CZ.zip
2013-07-15 23:58 - 2013-07-15 23:58 - 00014077 _____ C:\Users\Marty\Downloads\[kickass.to]dexter.s08e03.hdtv.x264.asap.eztv.torrent
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\rsit
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\Program Files\trend micro
2013-07-15 23:28 - 2013-07-15 23:29 - 00935175 _____ C:\Users\Marty\Downloads\RSITx64.exe
2013-07-15 23:07 - 2013-07-15 23:07 - 00000000 __SHD C:\$$PendingFiles
2013-07-15 23:00 - 2013-07-15 23:00 - 00002975 _____ C:\Users\Marty\Desktop\HiJackThis.lnk
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-15 22:59 - 2013-07-15 22:59 - 01402880 _____ C:\Users\Marty\Downloads\HiJackThis.msi
2013-07-15 22:44 - 2013-07-15 22:44 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981 (1).msi
2013-07-15 22:43 - 2013-07-15 22:43 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981.msi
2013-07-15 22:10 - 2013-07-16 15:44 - 00008834 _____ C:\Windows\PFRO.log
2013-07-15 21:43 - 2013-07-15 21:43 - 87602968 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\msert.exe
2013-07-15 20:24 - 2013-07-15 20:24 - 00003340 _____ C:\Windows\System32\Tasks\RegHunterStartup
2013-07-15 20:23 - 2013-07-15 20:23 - 00001163 _____ C:\Users\Public\Desktop\RegHunter.lnk
2013-07-15 20:21 - 2013-07-15 20:21 - 00916928 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\RegHunter-Installer.exe
2013-07-15 20:02 - 2013-07-15 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-15 20:02 - 2013-07-15 20:02 - 00057886 _____ C:\Windows\SysWOW64\epfwdata.bin
2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\sh4ldr
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 _____ C:\autoexec.bat
2013-07-15 20:02 - 2012-06-22 12:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2013-07-15 20:01 - 2013-07-15 20:02 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-15 20:00 - 2013-07-15 20:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-installer.com
2013-07-15 18:45 - 2013-07-16 15:42 - 00159355 _____ C:\Windows\WindowsUpdate.log
2013-07-15 18:41 - 2013-07-16 13:37 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-15 18:41 - 2013-07-16 13:00 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-15 18:41 - 2013-07-16 13:00 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-15 18:41 - 2013-07-16 12:59 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Symantec
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-15 18:40 - 2013-07-16 13:37 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-15 18:40 - 2013-07-15 18:41 - 00000000 ____D C:\ProgramData\Norton
2013-07-15 18:40 - 2013-07-15 18:40 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-07-15 18:39 - 2013-07-15 18:40 - 161426312 _____ (Symantec Corporation) C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe
2013-07-15 17:53 - 2013-07-15 17:53 - 00000000 ____D C:\VTRoot
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\ProgramData\COMODO
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\Program Files\COMODO
2013-07-15 17:42 - 2013-07-15 17:44 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-15 17:42 - 2013-07-15 17:42 - 00000000 ____D C:\Users\Marty\AppData\Local\Comodo
2013-07-15 16:33 - 2013-07-16 02:10 - 00060632 _____ C:\Users\Marty\Desktop\Crossing.Lines.S01E05.HDTV.x264-LOL.HI.srt
2013-07-15 15:36 - 2013-07-15 15:36 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-15 14:54 - 2013-07-16 00:48 - 00040376 _____ C:\Users\Marty\Desktop\Dexter.S08E03.HDTV.x264-ASAP CZ.srt
2013-07-15 14:41 - 2013-07-15 16:08 - 00005075 _____ C:\Users\Marty\Documents\pgadmin.log
2013-07-15 14:41 - 2013-07-15 15:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\postgresql
2013-07-15 14:35 - 2013-07-15 14:35 - 122356298 _____ C:\Users\Marty\Downloads\Holdem_Manager_Setup_1.12.10b.exe
2013-07-15 14:19 - 2013-07-15 14:19 - 43561712 _____ (PostgreSQL Global Development Group) C:\Users\Marty\Downloads\postgresql-8.4.17-1-windows.exe
2013-07-15 01:00 - 2013-07-16 15:38 - 00001068 _____ C:\Windows\setupact.log
2013-07-15 01:00 - 2013-07-15 01:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-12 14:01 - 2013-07-12 14:01 - 00024672 _____ C:\Users\Marty\Downloads\f9f82ae98c32dff7034ae316f1f8a5ef2e9675e8.zip
2013-07-12 12:00 - 2013-07-12 12:00 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-07-12 11:55 - 2013-07-15 15:29 - 00546061 _____ C:\Users\Marty\Downloads\avgremover.log
2013-07-12 11:55 - 2013-07-12 11:55 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Marty\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\ProgramData\ESET
2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\Program Files\ESET
2013-07-12 11:18 - 2013-07-12 14:01 - 00063148 _____ C:\Users\Marty\Desktop\Graceland.S01E05.720p.HDTV.x264-EVOLVE.srt
2013-07-12 11:15 - 2013-07-12 11:15 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TuneUp Software
2013-07-11 23:04 - 2013-07-11 23:04 - 00002429 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng(1).srt
2013-07-11 23:03 - 2013-07-11 23:03 - 00002427 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng.srt
2013-07-11 22:30 - 2013-05-03 03:58 - 00000303 _____ C:\Users\Marty\Desktop\password.txt
2013-07-11 22:29 - 2013-07-03 01:35 - 839796263 _____ C:\Users\Marty\Desktop\Pacific Rim 2013 GreatQual-YXwil!.rar
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-07-11 20:41 - 2013-07-11 20:41 - 00016409 _____ C:\Users\Marty\Downloads\[isoHunt] A9FF8A9017D6DBBC3E22D430ED3CD510CF566D8F.torrent
2013-07-11 20:40 - 2013-07-11 20:40 - 00000000 _____ C:\Users\Marty\Downloads\Pacific_Rim_2013_CamRip_XviD_Thanole.torrent
2013-07-11 20:37 - 2013-07-11 20:37 - 00030880 _____ C:\Users\Marty\Downloads\Now You See Me 2013 English DVD [720p].torrent
2013-07-10 23:59 - 2013-07-10 23:59 - 00015642 _____ C:\Users\Marty\Downloads\3ea08bea04851c32e820e6da9bcda23c46e6966d.zip
2013-07-10 23:13 - 2013-07-10 23:13 - 00000000 ____D C:\Users\Marty\Desktop\Subs
2013-07-10 23:12 - 2013-07-09 21:24 - 963043168 _____ C:\Users\Marty\Desktop\luther.3x02.720p_hdtv_x264-fov.mkv
2013-07-10 22:55 - 2013-07-10 22:55 - 00048276 _____ C:\Users\Marty\Downloads\Perception-S02E03.zip
2013-07-10 22:41 - 2013-07-10 22:42 - 00075813 _____ C:\Users\Marty\Downloads\[isoHunt] 1E760728069BAA3A1F779C58A062A8B77C3E4E97.torrent
2013-07-10 21:11 - 2013-07-10 22:55 - 00057708 _____ C:\Users\Marty\Desktop\Perception.S02E03.HDTV.x264-LOL.srt
2013-07-09 23:07 - 2013-07-09 23:07 - 00017448 _____ C:\Users\Marty\Downloads\Ray.Donovan.S01E02.HDTV.x264-ASAP-CZ.zip
2013-07-09 22:44 - 2013-07-10 23:59 - 00040973 _____ C:\Users\Marty\Desktop\Luther - 03x02 - Series 3, Episode 2.x264-FoV.English.C.orig.srt
2013-07-09 21:16 - 2013-07-09 23:08 - 00040005 _____ C:\Users\Marty\Desktop\Ray.Donovan.S01E02.HDTV.x264-ASAP CZ.srt
2013-07-09 21:16 - 2013-07-09 21:16 - 00020950 _____ C:\Users\Marty\Downloads\ff04a751d829f2f08241977bbf1f61392ba170c0.zip
2013-07-09 21:13 - 2013-07-09 21:13 - 00047086 _____ C:\Users\Marty\Desktop\Under the Dome - 01x03 - Manhunt.HDTV.x264-LOL.Dutch.orig.Addic7ed.com.srt
2013-07-09 20:25 - 2013-07-09 20:25 - 00013106 _____ C:\Users\Marty\Downloads\6eb7a02ea017a490d322df92e8f535b994d27076.zip
2013-07-09 20:22 - 2013-07-09 20:23 - 00041166 _____ C:\Users\Marty\Desktop\Defiance_s01e12_Past Is Prologue_cz.srt
2013-07-09 20:22 - 2013-07-09 20:22 - 00019119 _____ C:\Users\Marty\Downloads\defiance.past.is.prologue.(2013).cze.1cd.(5073745).zip
2013-07-09 19:04 - 2013-07-09 20:25 - 00033827 _____ C:\Users\Marty\Desktop\Defiance.S01E12.HDTV.x264-EVOLVE.srt
2013-07-09 08:08 - 2013-07-09 21:16 - 00053553 _____ C:\Users\Marty\Desktop\Under.the.Dome.S01E03.HDTV.x264-LOL.HI.srt
2013-07-08 21:32 - 2013-07-08 21:32 - 00018108 _____ C:\Users\Marty\Downloads\f6ebc5f29a1268e9409f63ceb25a22b5a244a5e2.zip
2013-07-08 13:56 - 2013-07-08 21:32 - 00045382 _____ C:\Users\Marty\Desktop\Continuum.S02E09.HDTV.x264-2HD.srt
2013-07-03 21:56 - 2013-07-03 21:56 - 00018252 _____ C:\Users\Marty\Downloads\77295bb9b433884e9eb46622ca79e1131a8b8ccd.zip
2013-07-03 21:02 - 2013-07-03 21:02 - 00023223 _____ C:\Users\Marty\Downloads\Perception-02x02.Addic7ed.com.zip
2013-07-03 20:57 - 2013-07-03 20:57 - 00013875 _____ C:\Users\Marty\Downloads\Luther.3x01.HDTV.x264-FoV.mp4.torrent
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv].exe
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv] (1).exe
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english.zip
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english (1).zip
2013-07-02 23:04 - 2013-07-02 23:04 - 00029330 _____ C:\Users\Marty\Downloads\[Limetorrents.com]_Luther S03E01 Series 3 Episode 1 HDTV XviD FQM.torrent
2013-07-02 13:36 - 2013-07-02 13:36 - 00056331 _____ C:\Users\Marty\Downloads\King & Maxwell - 01x04 - King's Ransom.ASAP.English.HI.C.orig.Addic7ed.com (1).srt
2013-07-01 23:28 - 2013-07-01 23:28 - 00021201 _____ C:\Users\Marty\Downloads\Dexter.S08E01.HDTV.x264-2HD-CZ.zip
2013-07-01 22:20 - 2013-07-01 22:20 - 00021852 _____ C:\Users\Marty\Downloads\crossing.lines.desperate.desperadoes.(tv.episode).().eng.1cd.(5068083).zip
2013-07-01 21:33 - 2013-07-01 21:33 - 00035842 _____ C:\Users\Marty\Downloads\Falling-Skies (1).zip
2013-06-28 23:31 - 2013-06-28 23:31 - 00026884 _____ C:\Users\Marty\Downloads\16f63cf7ee012c3affb3e8655be332ab9c972f38.zip
2013-06-24 22:03 - 2013-06-24 22:03 - 00022373 _____ C:\Users\Marty\Downloads\Falling.Skies.S03E04.HDTV.x264-EVOLVE.zip
2013-06-22 23:03 - 2013-06-22 23:03 - 00000047 _____ C:\Program Files (x86)\log_hud.txtlog_hud.t
2013-06-22 00:54 - 2013-06-22 00:54 - 00025549 _____ C:\Users\Marty\Downloads\graceland.heat.run.(2013).eng.1cd.(5051580).zip
2013-06-20 23:55 - 2013-06-20 23:55 - 00680412 _____ C:\Users\Marty\Desktop\huhyperthisyear.emf
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Users\Marty\AppData\Local\Sharkystrator
2013-06-19 23:08 - 2013-07-15 20:29 - 00001320 _____ C:\Users\Marty\Downloads\MARTIN_G.R.R._-_Pisen_ledu_a_ohne_-_3._Boure_mecu_-_cast_02.lnk
2013-06-19 01:36 - 2013-06-19 01:36 - 00020734 _____ C:\Users\Marty\Downloads\d2c68dce870df216fb021601a8cdc8684301379a.zip
2013-06-16 14:44 - 2013-07-15 19:02 - 00000000 ____D C:\Program Files (x86)\Sharkystrator
2013-06-16 14:44 - 2013-06-16 14:44 - 00001071 _____ C:\Users\Marty\Desktop\Sharkystrator.lnk
2013-06-16 00:22 - 2013-06-16 00:22 - 16067937 _____ (Sharkystrator ) C:\Users\Marty\Downloads\Sharkystrator_ins.exe
Ran by Marty (administrator) on 16-07-2013 15:47:51
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6963744 2009-01-20] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKCU\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [4816896 2010-11-20] ()
HKCU\...\Run: [Mikogo] - "C:\Users\Marty\AppData\Roaming\Mikogo 4\mikogo-host.exe" -asp [5420408 2011-08-04] ()
HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKCU\...\Run: [supertintin_skype] - C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto [999936 2011-01-10] (Imtiger Software Inc.)
HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [ASUSGamerOSD] - C:\Program Files (x86)\ASUS\GamerOSD\GamerOSD.exe [380928 2009-07-30] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [98304 2009-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EasyTuneVI] - C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Nikon Transfer Monitor] - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Logitech G930] - C:\Program Files (x86)\Logitech\G930\G930.exe [1516888 2011-03-23] (Logitech(c))
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\elephant\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\elephant\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\elephant\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\elephant\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.)
HKU\elephant\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
HKU\elephant\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres.Marty-PC\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
HKU\postgres.Marty-PC.000\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.)
HKU\postgres.Marty-PC.000\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd)
HKU\postgres.Marty-PC.000\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\postgres.Marty-PC.000\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.)
HKU\postgres.Marty-PC.000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x]
HKU\postgres.Marty-PC.000\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: (No Name) - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - No File
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
HKLM-x32 SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2117678
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2117678
HKCU SearchScopes: DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214 ... 2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTer ... ffa4db18e9
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... &ch_id=osd
SearchScopes: HKCU - {7C053627-1C30-43F6-98CD-AEE69CCE26F3} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214 ... 2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.com/toolbarv/askRedi ... oolbar=VZ2
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
Toolbar: HKLM-x32 - NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKCU - No Name - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File
Toolbar: HKCU - No Name - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: HKLM-x32 {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://service.futuremark.com/gom/receiver/tc/FMSI.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default
FF user.js: detected! => C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\user.js
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://isearch.avg.com/?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=hp
FF Keyword.URL: hxxp://isearch.avg.com/search?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&pid=avg&sg=0&v=15.3.0.11&sap=ku&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Users\Marty\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Babylon - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\ffxtlbr@babylon.com
FF Extension: brothersoft afc Community Toolbar - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{0b7430e9-e659-4555-ac67-be3340aaa519}
FF Extension: No Name - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2013.1.0.32\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\IPSFFPlgn\
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: hxxp://www.google.cz/
CHR RestoreOnStartup: "hxxp://us.yahoo.com?fr=fpc-comodo"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (AVG Internet Security) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Norton Identity Protection) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2013.1.0.32_0
CHR Extension: (Gmail) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 ASDR; C:\Windows\SysWOW64\ASDR.exe [61440 2009-07-27] ()
S2 ASKService; C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [464264 2009-04-02] ()
S2 ASKUpgrade; C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [234888 2009-04-02] ()
S2 ATKFUSService; C:\Windows\system32\ATKFUSService.exe [62464 2009-05-06] (ASUSTeK COMPUTER INC.)
S3 B-Service; C:\Users\Marty\AppData\Roaming\Mikogo\B-Service.exe [185640 2011-02-20] ()
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-02-05] ()
S2 gupdate1ca9a6f3d2f71c0; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-01-21] (Google Inc.)
S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [246520 2010-03-28] ()
S2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\ccSvcHst.exe [143928 2012-08-19] (Symantec Corporation)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2012-04-22] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\RpcAgentSrv.exe [93336 2009-08-24] (SiSoftware)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1025408 2013-06-27] (Enigma Software Group USA, LLC.)
S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe" [x]
==================== Drivers (Whitelisted) ====================
S3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [47160 2008-04-28] (AMD, Inc.)
S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [14904 2009-02-23] ()
S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [14904 2009-02-23] ()
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.)
S3 ATITool; C:\Windows\System32\DRIVERS\ATITool64.sys [35624 2007-08-08] ()
S3 atkdisplf; C:\Windows\System32\Drivers\atkdisplowfilter.sys [39424 2009-02-17] (ASUSTeK Computer Inc.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2011-06-04] ()
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-07-02] (Symantec Corporation)
S1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
S1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DD01000.020\ccSetx64.sys [168096 2012-08-07] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-18] (Symantec Corporation)
S1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2009-12-11] (ASUSTeK Computer Inc.)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2007-08-20] (EnTech Taiwan)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-18] (Symantec Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
S3 etdrv; C:\Windows\etdrv.sys [25640 2009-12-24] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2009-12-24] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [23080 2013-07-16] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [23080 2013-07-16] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-12] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-07-12] ()
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
S1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [30080 2009-07-16] (REALiX(tm))
S1 HWiNFO32; C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [30080 2009-07-16] (REALiX(tm))
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-13] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys [513184 2013-07-13] (Symantec Corporation)
S3 LADF_BakerCOnly; C:\Windows\System32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\System32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2010-02-27] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS [126040 2013-07-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS [2098776 2013-07-15] (Symantec Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [14104 2007-02-07] (Windows (R) Server 2003 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-05-05] (Duplex Secure Ltd.)
S1 SRTSP; C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-16] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
S3 ALSysIO; \??\C:\Users\Marty\AppData\Local\Temp\ALSysIO64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz130; \??\C:\Users\Marty\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 EraserUtilDrv11220; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys [x]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\system32\drivers\acedrv11.sys 6CE02D42183CDF31315F208AE35F153F
C:\Windows\system32\drivers\acedrv11.sys 6CE02D42183CDF31315F208AE35F153F
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AmdTools64.sys DEDA72A4AB5416AD0A09FAECFA6056C2
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys F160ECCE1500A5A5877C123584E86B17
C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys F160ECCE1500A5A5877C123584E86B17
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\drivers\asusgsb.sys A4398A8914C32F18EC2AB562CBA3CAAF
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 506934DF94E3197F4A1BBE8FBEAB0CCD
C:\Windows\System32\DRIVERS\atikmdag.sys 79CEB8D4F25CABE69F3762C90F5B06B8
C:\Windows\System32\DRIVERS\ATITool64.sys A6FAD7A5ADA4675BA9C9FEAF4E0542BA
C:\Windows\System32\Drivers\atkdisplowfilter.sys FB4187C282CB467E5E606913A1FA79A3
C:\Windows\System32\DRIVERS\atksgt.sys 09149D03629A44F4773E621C432D1D89
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys 6E10DB69DB1AA96207F4B14B18FF12F8
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\BASHDefs\20130702.001\BHDrvx64.sys 6E10DB69DB1AA96207F4B14B18FF12F8
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\NAVx64\1404000.028\ccSetx64.sys 56685951208AC81CF923B9B08BEDF3B7
C:\Windows\system32\drivers\NSTx64\7DD01000.020\ccSetx64.sys A5C13600F63EB92F8D15123D64BA9895
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\system32\drivers\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Windows\System32\DRIVERS\EIO64.sys 343ADA10D948DB29251F2D9C809AF204
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Windows\system32\DRIVERS\ENTECH64.sys 12C061D9F9621BE916D58191872EC281
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys C5BCCB378D0A896304A3E71BE7215983
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys DF96C3CD6AE15F6D0A6BCB70F9C1E88D
C:\Windows\System32\DRIVERS\EsgScanner.sys 3B32CAA07D672F8A2E0DF5CB3A873F45
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\etdrv.sys 84486624268E078255BC7AA47F0960BC
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\gdrv.sys 46E2828BCA26B31FA5A1DD4D84DF633D
C:\Windows\gdrv.sys 46E2828BCA26B31FA5A1DD4D84DF633D
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\GVTDrv64.sys 8126331FBD4ED29EB3B356F9C905064D
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewdcsc.sys 84D3088475BD9BC56ED76D6E0F740A63
C:\Windows\System32\DRIVERS\ewusbmdm.sys 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB
C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS 417AD08FBC87B350ADC12BD2361932CE
C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS 417AD08FBC87B350ADC12BD2361932CE
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbdev.sys B45B3647BA32749B94FA689175EC8C26
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\IPSDefs\20130713.001\IDSvia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 4B071AEBBC13D60430EE0371B262F681
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jraid.sys DB85FE8D6CBAA2047CB4DA1B2C193D76
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\KMWDFILTER.sys 07071C1E3CD8F0F9114AAC8B072CA1E5
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ladfBakerCamd64.sys 86F06574763A0E7CDCD57DD85632E44F
C:\Windows\System32\DRIVERS\ladfBakerRamd64.sys 89B4981F949A14148365DE8D98A310B5
C:\Windows\System32\DRIVERS\lirsgt.sys 5EA407821BB3104C31A705175AB4F309
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_20.1.0.24\Definitions\VirusDefs\20130715.033\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\drivers\RtHDMIVX.sys 67C7695D3B18682ADDF8419EDA4BBFB8
C:\Windows\System32\DRIVERS\Rt64win7.sys BAEFEE35D27A5440D35092CE10267BEC
C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010\WNt500x64\Sandra.sys 5EFBBFCC6ADAC121C8E2FE76641ED329
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 5F9785E7535F8F602CB294A54962C9E7
C:\Windows\SysWow64\speedfan.sys 5F9785E7535F8F602CB294A54962C9E7
C:\Windows\System32\Drivers\sptd.sys A15860E920B02C9A7CE8F3A6C2FF1E3A
C:\Windows\System32\Drivers\NAVx64\1404000.028\SRTSP64.SYS 2FD9346F9D76CB4192D37329CFA47A82
C:\Windows\system32\drivers\NAVx64\1404000.028\SRTSPX64.SYS 0E76CEF892C45734F7AED09FDDF35D4D
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\NAVx64\1404000.028\SYMDS64.SYS 52DC0048D667757A8A2E4C87182890AC
C:\Windows\System32\drivers\NAVx64\1404000.028\SYMEFA64.SYS 599872BAD7CFB45C7CE47CDED4B726D8
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS F19E5E37ED8134B9E5F6287F2D3A75D7
C:\Windows\system32\drivers\NAVx64\1404000.028\Ironx64.SYS ADF37F1A715D6C56C8E065FD8569A9A4
C:\Windows\System32\Drivers\NAVx64\1404000.028\SYMNETS.SYS 9CDCA70485BD6B9D230365F67C31F132
C:\Windows\System32\drivers\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\DRIVERS\tcpip.sys 9849EA3843A2ADBDD1497E97A85D8CAE
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\teamviewervpn.sys F5520DBB47C60EE83024B38720ABDA24
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-16 15:47 - 2013-07-16 15:47 - 00000000 ____D C:\FRST
2013-07-16 14:46 - 2013-07-16 14:46 - 01778135 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2013-07-16 13:45 - 2013-07-16 13:45 - 00042747 _____ C:\ComboFix.txt
2013-07-16 13:43 - 2013-07-16 13:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-16 13:26 - 2013-07-16 13:46 - 00000000 ____D C:\ComboFix
2013-07-16 13:26 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-16 13:26 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-16 13:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-16 13:26 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-16 13:20 - 2013-07-16 13:46 - 00000000 ____D C:\Qoobox
2013-07-16 13:20 - 2013-07-16 13:42 - 00000000 ____D C:\Windows\erdnt
2013-07-16 13:10 - 2013-07-16 13:10 - 05089088 ____R (Swearware) C:\Users\Marty\Desktop\ComboFix.exe
2013-07-16 13:04 - 2013-07-16 13:04 - 00891022 _____ C:\Users\Marty\Desktop\SecurityCheck.exe
2013-07-16 13:03 - 2013-07-16 13:03 - 00001796 _____ C:\sc-cleaner.txt
2013-07-16 13:02 - 2013-07-16 13:02 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\sc-cleaner.exe
2013-07-16 12:58 - 2013-07-16 13:00 - 00026082 _____ C:\Users\Marty\Desktop\Rkill.txt
2013-07-16 12:58 - 2013-07-16 12:58 - 00000000 ____D C:\Users\Marty\Desktop\rkill
2013-07-16 12:57 - 2013-07-16 12:58 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\rkill.exe
2013-07-16 04:27 - 2013-07-16 04:27 - 00025696 _____ C:\Users\Marty\Desktop\log.odt
2013-07-16 02:09 - 2013-07-16 02:09 - 00023542 _____ C:\Users\Marty\Downloads\a5769e0eb8112b45e397eea2db8eee84cddd232d.zip
2013-07-16 01:31 - 2013-07-16 01:31 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-16 00:47 - 2013-07-16 00:47 - 00017891 _____ C:\Users\Marty\Downloads\Dexter.S08E03.HDTV.x264-ASAP-CZ.zip
2013-07-15 23:58 - 2013-07-15 23:58 - 00014077 _____ C:\Users\Marty\Downloads\[kickass.to]dexter.s08e03.hdtv.x264.asap.eztv.torrent
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\rsit
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\Program Files\trend micro
2013-07-15 23:28 - 2013-07-15 23:29 - 00935175 _____ C:\Users\Marty\Downloads\RSITx64.exe
2013-07-15 23:07 - 2013-07-15 23:07 - 00000000 __SHD C:\$$PendingFiles
2013-07-15 23:00 - 2013-07-15 23:00 - 00002975 _____ C:\Users\Marty\Desktop\HiJackThis.lnk
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-15 22:59 - 2013-07-15 22:59 - 01402880 _____ C:\Users\Marty\Downloads\HiJackThis.msi
2013-07-15 22:44 - 2013-07-15 22:44 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981 (1).msi
2013-07-15 22:43 - 2013-07-15 22:43 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981.msi
2013-07-15 22:10 - 2013-07-16 15:44 - 00008834 _____ C:\Windows\PFRO.log
2013-07-15 21:43 - 2013-07-15 21:43 - 87602968 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\msert.exe
2013-07-15 20:24 - 2013-07-15 20:24 - 00003340 _____ C:\Windows\System32\Tasks\RegHunterStartup
2013-07-15 20:23 - 2013-07-15 20:23 - 00001163 _____ C:\Users\Public\Desktop\RegHunter.lnk
2013-07-15 20:21 - 2013-07-15 20:21 - 00916928 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\RegHunter-Installer.exe
2013-07-15 20:02 - 2013-07-15 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-15 20:02 - 2013-07-15 20:02 - 00057886 _____ C:\Windows\SysWOW64\epfwdata.bin
2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\sh4ldr
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 _____ C:\autoexec.bat
2013-07-15 20:02 - 2012-06-22 12:01 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2013-07-15 20:01 - 2013-07-15 20:02 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-15 20:00 - 2013-07-15 20:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-installer.com
2013-07-15 18:45 - 2013-07-16 15:42 - 00159355 _____ C:\Windows\WindowsUpdate.log
2013-07-15 18:41 - 2013-07-16 13:37 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-15 18:41 - 2013-07-16 13:00 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-15 18:41 - 2013-07-16 13:00 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-15 18:41 - 2013-07-16 12:59 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Symantec
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-15 18:40 - 2013-07-16 13:37 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-15 18:40 - 2013-07-15 18:41 - 00000000 ____D C:\ProgramData\Norton
2013-07-15 18:40 - 2013-07-15 18:40 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-07-15 18:39 - 2013-07-15 18:40 - 161426312 _____ (Symantec Corporation) C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe
2013-07-15 17:53 - 2013-07-15 17:53 - 00000000 ____D C:\VTRoot
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\ProgramData\COMODO
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\Program Files\COMODO
2013-07-15 17:42 - 2013-07-15 17:44 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-15 17:42 - 2013-07-15 17:42 - 00000000 ____D C:\Users\Marty\AppData\Local\Comodo
2013-07-15 16:33 - 2013-07-16 02:10 - 00060632 _____ C:\Users\Marty\Desktop\Crossing.Lines.S01E05.HDTV.x264-LOL.HI.srt
2013-07-15 15:36 - 2013-07-15 15:36 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-15 14:54 - 2013-07-16 00:48 - 00040376 _____ C:\Users\Marty\Desktop\Dexter.S08E03.HDTV.x264-ASAP CZ.srt
2013-07-15 14:41 - 2013-07-15 16:08 - 00005075 _____ C:\Users\Marty\Documents\pgadmin.log
2013-07-15 14:41 - 2013-07-15 15:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\postgresql
2013-07-15 14:35 - 2013-07-15 14:35 - 122356298 _____ C:\Users\Marty\Downloads\Holdem_Manager_Setup_1.12.10b.exe
2013-07-15 14:19 - 2013-07-15 14:19 - 43561712 _____ (PostgreSQL Global Development Group) C:\Users\Marty\Downloads\postgresql-8.4.17-1-windows.exe
2013-07-15 01:00 - 2013-07-16 15:38 - 00001068 _____ C:\Windows\setupact.log
2013-07-15 01:00 - 2013-07-15 01:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-12 14:01 - 2013-07-12 14:01 - 00024672 _____ C:\Users\Marty\Downloads\f9f82ae98c32dff7034ae316f1f8a5ef2e9675e8.zip
2013-07-12 12:00 - 2013-07-12 12:00 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-07-12 11:55 - 2013-07-15 15:29 - 00546061 _____ C:\Users\Marty\Downloads\avgremover.log
2013-07-12 11:55 - 2013-07-12 11:55 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Marty\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\ProgramData\ESET
2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\Program Files\ESET
2013-07-12 11:18 - 2013-07-12 14:01 - 00063148 _____ C:\Users\Marty\Desktop\Graceland.S01E05.720p.HDTV.x264-EVOLVE.srt
2013-07-12 11:15 - 2013-07-12 11:15 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TuneUp Software
2013-07-11 23:04 - 2013-07-11 23:04 - 00002429 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng(1).srt
2013-07-11 23:03 - 2013-07-11 23:03 - 00002427 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng.srt
2013-07-11 22:30 - 2013-05-03 03:58 - 00000303 _____ C:\Users\Marty\Desktop\password.txt
2013-07-11 22:29 - 2013-07-03 01:35 - 839796263 _____ C:\Users\Marty\Desktop\Pacific Rim 2013 GreatQual-YXwil!.rar
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-07-11 20:41 - 2013-07-11 20:41 - 00016409 _____ C:\Users\Marty\Downloads\[isoHunt] A9FF8A9017D6DBBC3E22D430ED3CD510CF566D8F.torrent
2013-07-11 20:40 - 2013-07-11 20:40 - 00000000 _____ C:\Users\Marty\Downloads\Pacific_Rim_2013_CamRip_XviD_Thanole.torrent
2013-07-11 20:37 - 2013-07-11 20:37 - 00030880 _____ C:\Users\Marty\Downloads\Now You See Me 2013 English DVD [720p].torrent
2013-07-10 23:59 - 2013-07-10 23:59 - 00015642 _____ C:\Users\Marty\Downloads\3ea08bea04851c32e820e6da9bcda23c46e6966d.zip
2013-07-10 23:13 - 2013-07-10 23:13 - 00000000 ____D C:\Users\Marty\Desktop\Subs
2013-07-10 23:12 - 2013-07-09 21:24 - 963043168 _____ C:\Users\Marty\Desktop\luther.3x02.720p_hdtv_x264-fov.mkv
2013-07-10 22:55 - 2013-07-10 22:55 - 00048276 _____ C:\Users\Marty\Downloads\Perception-S02E03.zip
2013-07-10 22:41 - 2013-07-10 22:42 - 00075813 _____ C:\Users\Marty\Downloads\[isoHunt] 1E760728069BAA3A1F779C58A062A8B77C3E4E97.torrent
2013-07-10 21:11 - 2013-07-10 22:55 - 00057708 _____ C:\Users\Marty\Desktop\Perception.S02E03.HDTV.x264-LOL.srt
2013-07-09 23:07 - 2013-07-09 23:07 - 00017448 _____ C:\Users\Marty\Downloads\Ray.Donovan.S01E02.HDTV.x264-ASAP-CZ.zip
2013-07-09 22:44 - 2013-07-10 23:59 - 00040973 _____ C:\Users\Marty\Desktop\Luther - 03x02 - Series 3, Episode 2.x264-FoV.English.C.orig.srt
2013-07-09 21:16 - 2013-07-09 23:08 - 00040005 _____ C:\Users\Marty\Desktop\Ray.Donovan.S01E02.HDTV.x264-ASAP CZ.srt
2013-07-09 21:16 - 2013-07-09 21:16 - 00020950 _____ C:\Users\Marty\Downloads\ff04a751d829f2f08241977bbf1f61392ba170c0.zip
2013-07-09 21:13 - 2013-07-09 21:13 - 00047086 _____ C:\Users\Marty\Desktop\Under the Dome - 01x03 - Manhunt.HDTV.x264-LOL.Dutch.orig.Addic7ed.com.srt
2013-07-09 20:25 - 2013-07-09 20:25 - 00013106 _____ C:\Users\Marty\Downloads\6eb7a02ea017a490d322df92e8f535b994d27076.zip
2013-07-09 20:22 - 2013-07-09 20:23 - 00041166 _____ C:\Users\Marty\Desktop\Defiance_s01e12_Past Is Prologue_cz.srt
2013-07-09 20:22 - 2013-07-09 20:22 - 00019119 _____ C:\Users\Marty\Downloads\defiance.past.is.prologue.(2013).cze.1cd.(5073745).zip
2013-07-09 19:04 - 2013-07-09 20:25 - 00033827 _____ C:\Users\Marty\Desktop\Defiance.S01E12.HDTV.x264-EVOLVE.srt
2013-07-09 08:08 - 2013-07-09 21:16 - 00053553 _____ C:\Users\Marty\Desktop\Under.the.Dome.S01E03.HDTV.x264-LOL.HI.srt
2013-07-08 21:32 - 2013-07-08 21:32 - 00018108 _____ C:\Users\Marty\Downloads\f6ebc5f29a1268e9409f63ceb25a22b5a244a5e2.zip
2013-07-08 13:56 - 2013-07-08 21:32 - 00045382 _____ C:\Users\Marty\Desktop\Continuum.S02E09.HDTV.x264-2HD.srt
2013-07-03 21:56 - 2013-07-03 21:56 - 00018252 _____ C:\Users\Marty\Downloads\77295bb9b433884e9eb46622ca79e1131a8b8ccd.zip
2013-07-03 21:02 - 2013-07-03 21:02 - 00023223 _____ C:\Users\Marty\Downloads\Perception-02x02.Addic7ed.com.zip
2013-07-03 20:57 - 2013-07-03 20:57 - 00013875 _____ C:\Users\Marty\Downloads\Luther.3x01.HDTV.x264-FoV.mp4.torrent
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv].exe
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv] (1).exe
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english.zip
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english (1).zip
2013-07-02 23:04 - 2013-07-02 23:04 - 00029330 _____ C:\Users\Marty\Downloads\[Limetorrents.com]_Luther S03E01 Series 3 Episode 1 HDTV XviD FQM.torrent
2013-07-02 13:36 - 2013-07-02 13:36 - 00056331 _____ C:\Users\Marty\Downloads\King & Maxwell - 01x04 - King's Ransom.ASAP.English.HI.C.orig.Addic7ed.com (1).srt
2013-07-01 23:28 - 2013-07-01 23:28 - 00021201 _____ C:\Users\Marty\Downloads\Dexter.S08E01.HDTV.x264-2HD-CZ.zip
2013-07-01 22:20 - 2013-07-01 22:20 - 00021852 _____ C:\Users\Marty\Downloads\crossing.lines.desperate.desperadoes.(tv.episode).().eng.1cd.(5068083).zip
2013-07-01 21:33 - 2013-07-01 21:33 - 00035842 _____ C:\Users\Marty\Downloads\Falling-Skies (1).zip
2013-06-28 23:31 - 2013-06-28 23:31 - 00026884 _____ C:\Users\Marty\Downloads\16f63cf7ee012c3affb3e8655be332ab9c972f38.zip
2013-06-24 22:03 - 2013-06-24 22:03 - 00022373 _____ C:\Users\Marty\Downloads\Falling.Skies.S03E04.HDTV.x264-EVOLVE.zip
2013-06-22 23:03 - 2013-06-22 23:03 - 00000047 _____ C:\Program Files (x86)\log_hud.txtlog_hud.t
2013-06-22 00:54 - 2013-06-22 00:54 - 00025549 _____ C:\Users\Marty\Downloads\graceland.heat.run.(2013).eng.1cd.(5051580).zip
2013-06-20 23:55 - 2013-06-20 23:55 - 00680412 _____ C:\Users\Marty\Desktop\huhyperthisyear.emf
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Users\Marty\AppData\Local\Sharkystrator
2013-06-19 23:08 - 2013-07-15 20:29 - 00001320 _____ C:\Users\Marty\Downloads\MARTIN_G.R.R._-_Pisen_ledu_a_ohne_-_3._Boure_mecu_-_cast_02.lnk
2013-06-19 01:36 - 2013-06-19 01:36 - 00020734 _____ C:\Users\Marty\Downloads\d2c68dce870df216fb021601a8cdc8684301379a.zip
2013-06-16 14:44 - 2013-07-15 19:02 - 00000000 ____D C:\Program Files (x86)\Sharkystrator
2013-06-16 14:44 - 2013-06-16 14:44 - 00001071 _____ C:\Users\Marty\Desktop\Sharkystrator.lnk
2013-06-16 00:22 - 2013-06-16 00:22 - 16067937 _____ (Sharkystrator ) C:\Users\Marty\Downloads\Sharkystrator_ins.exe
Re: Spousta havěti
Napsal: 16 črc 2013 14:59
==================== One Month Modified Files and Folders =======
2013-07-16 15:47 - 2013-07-16 15:47 - 00000000 ____D C:\FRST
2013-07-16 15:44 - 2013-07-15 22:10 - 00008834 _____ C:\Windows\PFRO.log
2013-07-16 15:42 - 2013-07-15 18:45 - 00159355 _____ C:\Windows\WindowsUpdate.log
2013-07-16 15:42 - 2009-12-11 03:47 - 00000216 _____ C:\service.log
2013-07-16 15:39 - 2009-07-14 17:18 - 00675116 _____ C:\Windows\system32\perfh005.dat
2013-07-16 15:39 - 2009-07-14 17:18 - 00145070 _____ C:\Windows\system32\perfc005.dat
2013-07-16 15:39 - 2009-07-14 07:13 - 01604530 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-16 15:38 - 2013-07-15 01:00 - 00001068 _____ C:\Windows\setupact.log
2013-07-16 15:34 - 2009-12-20 15:42 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Skype
2013-07-16 15:31 - 2010-01-21 10:06 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 14:46 - 2013-07-16 14:46 - 01778135 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2013-07-16 14:46 - 2013-02-26 22:13 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 14:39 - 2009-07-14 06:45 - 00015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 14:39 - 2009-07-14 06:45 - 00015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 14:31 - 2010-01-21 10:06 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 14:28 - 2009-12-11 03:46 - 00023080 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-07-16 14:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 14:04 - 2010-01-28 17:12 - 00000000 ____D C:\Users\Marty\AppData\Local\PokerStars
2013-07-16 13:46 - 2013-07-16 13:26 - 00000000 ____D C:\ComboFix
2013-07-16 13:46 - 2013-07-16 13:20 - 00000000 ____D C:\Qoobox
2013-07-16 13:46 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-16 13:45 - 2013-07-16 13:45 - 00042747 _____ C:\ComboFix.txt
2013-07-16 13:43 - 2013-07-16 13:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-16 13:42 - 2013-07-16 13:20 - 00000000 ____D C:\Windows\erdnt
2013-07-16 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-16 13:37 - 2013-07-15 18:41 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-16 13:37 - 2013-07-15 18:40 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-16 13:35 - 2012-05-16 23:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 13:35 - 2012-05-16 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 13:26 - 2009-12-20 16:12 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Azureus
2013-07-16 13:10 - 2013-07-16 13:10 - 05089088 ____R (Swearware) C:\Users\Marty\Desktop\ComboFix.exe
2013-07-16 13:04 - 2013-07-16 13:04 - 00891022 _____ C:\Users\Marty\Desktop\SecurityCheck.exe
2013-07-16 13:03 - 2013-07-16 13:03 - 00001796 _____ C:\sc-cleaner.txt
2013-07-16 13:02 - 2013-07-16 13:02 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\sc-cleaner.exe
2013-07-16 13:00 - 2013-07-16 12:58 - 00026082 _____ C:\Users\Marty\Desktop\Rkill.txt
2013-07-16 13:00 - 2013-07-15 18:41 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-16 13:00 - 2013-07-15 18:41 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-16 12:59 - 2013-07-15 18:41 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-16 12:58 - 2013-07-16 12:58 - 00000000 ____D C:\Users\Marty\Desktop\rkill
2013-07-16 12:58 - 2013-07-16 12:57 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\rkill.exe
2013-07-16 04:27 - 2013-07-16 04:27 - 00025696 _____ C:\Users\Marty\Desktop\log.odt
2013-07-16 02:10 - 2013-07-15 16:33 - 00060632 _____ C:\Users\Marty\Desktop\Crossing.Lines.S01E05.HDTV.x264-LOL.HI.srt
2013-07-16 02:09 - 2013-07-16 02:09 - 00023542 _____ C:\Users\Marty\Downloads\a5769e0eb8112b45e397eea2db8eee84cddd232d.zip
2013-07-16 01:31 - 2013-07-16 01:31 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-16 00:48 - 2013-07-15 14:54 - 00040376 _____ C:\Users\Marty\Desktop\Dexter.S08E03.HDTV.x264-ASAP CZ.srt
2013-07-16 00:47 - 2013-07-16 00:47 - 00017891 _____ C:\Users\Marty\Downloads\Dexter.S08E03.HDTV.x264-ASAP-CZ.zip
2013-07-15 23:58 - 2013-07-15 23:58 - 00014077 _____ C:\Users\Marty\Downloads\[kickass.to]dexter.s08e03.hdtv.x264.asap.eztv.torrent
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\rsit
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\Program Files\trend micro
2013-07-15 23:29 - 2013-07-15 23:28 - 00935175 _____ C:\Users\Marty\Downloads\RSITx64.exe
2013-07-15 23:07 - 2013-07-15 23:07 - 00000000 __SHD C:\$$PendingFiles
2013-07-15 23:00 - 2013-07-15 23:00 - 00002975 _____ C:\Users\Marty\Desktop\HiJackThis.lnk
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-15 22:59 - 2013-07-15 22:59 - 01402880 _____ C:\Users\Marty\Downloads\HiJackThis.msi
2013-07-15 22:44 - 2013-07-15 22:44 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981 (1).msi
2013-07-15 22:43 - 2013-07-15 22:43 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981.msi
2013-07-15 22:41 - 2011-10-13 14:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-15 22:35 - 2009-12-14 06:46 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-15 22:13 - 2012-10-11 09:06 - 00001355 _____ C:\Users\Public\Desktop\Centrum řešení HP.lnk
2013-07-15 21:43 - 2013-07-15 21:43 - 87602968 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\msert.exe
2013-07-15 20:29 - 2013-06-19 23:08 - 00001320 _____ C:\Users\Marty\Downloads\MARTIN_G.R.R._-_Pisen_ledu_a_ohne_-_3._Boure_mecu_-_cast_02.lnk
2013-07-15 20:24 - 2013-07-15 20:24 - 00003340 _____ C:\Windows\System32\Tasks\RegHunterStartup
2013-07-15 20:23 - 2013-07-15 20:23 - 00001163 _____ C:\Users\Public\Desktop\RegHunter.lnk
2013-07-15 20:23 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-15 20:21 - 2013-07-15 20:21 - 00916928 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\RegHunter-Installer.exe
2013-07-15 20:02 - 2013-07-15 20:02 - 00057886 _____ C:\Windows\SysWOW64\epfwdata.bin
2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\sh4ldr
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 _____ C:\autoexec.bat
2013-07-15 20:02 - 2013-07-15 20:01 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-15 20:00 - 2013-07-15 20:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-installer.com
2013-07-15 19:44 - 2011-10-13 19:31 - 00000000 ____D C:\Users\Marty\Documents\poker
2013-07-15 19:02 - 2013-06-16 14:44 - 00000000 ____D C:\Program Files (x86)\Sharkystrator
2013-07-15 19:02 - 2013-01-08 22:54 - 00000000 ____D C:\Users\Marty\Documents\Hitman Blood Money
2013-07-15 19:02 - 2011-09-03 13:11 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Mikogo 4
2013-07-15 19:02 - 2010-02-25 18:33 - 00000000 ____D C:\Users\postgres.Marty-PC.000
2013-07-15 19:02 - 2010-02-09 17:39 - 00000000 ____D C:\Users\postgres.Marty-PC
2013-07-15 19:02 - 2010-02-06 02:16 - 00000000 ____D C:\Users\elephant
2013-07-15 19:02 - 2010-02-06 02:01 - 00000000 ____D C:\Users\postgres
2013-07-15 19:02 - 2009-12-11 03:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-15 19:01 - 2013-01-08 22:38 - 00000000 ____D C:\Program Files (x86)\Eidos
2013-07-15 19:01 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-15 19:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Symantec
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-15 18:41 - 2013-07-15 18:40 - 00000000 ____D C:\ProgramData\Norton
2013-07-15 18:40 - 2013-07-15 18:40 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-07-15 18:40 - 2013-07-15 18:39 - 161426312 _____ (Symantec Corporation) C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe
2013-07-15 18:32 - 2013-07-12 11:21 - 00000000 ____D C:\ProgramData\ESET
2013-07-15 18:32 - 2013-07-12 11:21 - 00000000 ____D C:\Program Files\ESET
2013-07-15 18:13 - 2009-12-20 22:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-15 18:03 - 2009-12-11 03:37 - 00000000 ____D C:\Users\Marty
2013-07-15 17:53 - 2013-07-15 17:53 - 00000000 ____D C:\VTRoot
2013-07-15 17:44 - 2013-07-15 17:42 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\ProgramData\COMODO
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\Program Files\COMODO
2013-07-15 17:42 - 2013-07-15 17:42 - 00000000 ____D C:\Users\Marty\AppData\Local\Comodo
2013-07-15 16:08 - 2013-07-15 14:41 - 00005075 _____ C:\Users\Marty\Documents\pgadmin.log
2013-07-15 15:36 - 2013-07-15 15:36 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-15 15:29 - 2013-07-12 11:55 - 00546061 _____ C:\Users\Marty\Downloads\avgremover.log
2013-07-15 15:29 - 2009-12-25 15:42 - 00000000 ____D C:\ProgramData\avg9
2013-07-15 15:02 - 2013-07-15 14:41 - 00000000 ____D C:\Users\Marty\AppData\Roaming\postgresql
2013-07-15 14:35 - 2013-07-15 14:35 - 122356298 _____ C:\Users\Marty\Downloads\Holdem_Manager_Setup_1.12.10b.exe
2013-07-15 14:19 - 2013-07-15 14:19 - 43561712 _____ (PostgreSQL Global Development Group) C:\Users\Marty\Downloads\postgresql-8.4.17-1-windows.exe
2013-07-15 01:00 - 2013-07-15 01:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 08:50 - 2012-11-15 17:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TS3Client
2013-07-14 08:50 - 2009-12-20 16:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\DAEMON Tools Lite
2013-07-14 08:48 - 2012-10-31 20:52 - 00000000 ____D C:\Windows\Minidump
2013-07-14 08:48 - 2009-12-11 10:28 - 00000000 ____D C:\Windows\Panther
2013-07-12 14:01 - 2013-07-12 14:01 - 00024672 _____ C:\Users\Marty\Downloads\f9f82ae98c32dff7034ae316f1f8a5ef2e9675e8.zip
2013-07-12 14:01 - 2013-07-12 11:18 - 00063148 _____ C:\Users\Marty\Desktop\Graceland.S01E05.720p.HDTV.x264-EVOLVE.srt
2013-07-12 12:00 - 2013-07-12 12:00 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-07-12 12:00 - 2009-12-13 20:10 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-07-12 11:56 - 2011-03-01 16:13 - 00000000 ____D C:\ProgramData\MFAData
2013-07-12 11:55 - 2013-07-12 11:55 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Marty\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-07-12 11:34 - 2013-04-02 21:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TableNinja.v2
2013-07-12 11:31 - 2013-04-14 11:14 - 00000000 ____D C:\$AVG
2013-07-12 11:15 - 2013-07-12 11:15 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TuneUp Software
2013-07-12 00:26 - 2010-01-21 10:06 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 00:26 - 2010-01-21 10:06 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 23:04 - 2013-07-11 23:04 - 00002429 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng(1).srt
2013-07-11 23:03 - 2013-07-11 23:03 - 00002427 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng.srt
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-07-11 20:41 - 2013-07-11 20:41 - 00016409 _____ C:\Users\Marty\Downloads\[isoHunt] A9FF8A9017D6DBBC3E22D430ED3CD510CF566D8F.torrent
2013-07-11 20:40 - 2013-07-11 20:40 - 00000000 _____ C:\Users\Marty\Downloads\Pacific_Rim_2013_CamRip_XviD_Thanole.torrent
2013-07-11 20:37 - 2013-07-11 20:37 - 00030880 _____ C:\Users\Marty\Downloads\Now You See Me 2013 English DVD [720p].torrent
2013-07-11 20:15 - 2013-06-13 14:16 - 79962309 _____ C:\blitzerr.txt
2013-07-10 23:59 - 2013-07-10 23:59 - 00015642 _____ C:\Users\Marty\Downloads\3ea08bea04851c32e820e6da9bcda23c46e6966d.zip
2013-07-10 23:59 - 2013-07-09 22:44 - 00040973 _____ C:\Users\Marty\Desktop\Luther - 03x02 - Series 3, Episode 2.x264-FoV.English.C.orig.srt
2013-07-10 23:13 - 2013-07-10 23:13 - 00000000 ____D C:\Users\Marty\Desktop\Subs
2013-07-10 22:55 - 2013-07-10 22:55 - 00048276 _____ C:\Users\Marty\Downloads\Perception-S02E03.zip
2013-07-10 22:55 - 2013-07-10 21:11 - 00057708 _____ C:\Users\Marty\Desktop\Perception.S02E03.HDTV.x264-LOL.srt
2013-07-10 22:42 - 2013-07-10 22:41 - 00075813 _____ C:\Users\Marty\Downloads\[isoHunt] 1E760728069BAA3A1F779C58A062A8B77C3E4E97.torrent
2013-07-10 11:38 - 2013-01-22 01:34 - 00000000 ____D C:\Program Files (x86)\TableNinja
2013-07-09 23:08 - 2013-07-09 21:16 - 00040005 _____ C:\Users\Marty\Desktop\Ray.Donovan.S01E02.HDTV.x264-ASAP CZ.srt
2013-07-09 23:07 - 2013-07-09 23:07 - 00017448 _____ C:\Users\Marty\Downloads\Ray.Donovan.S01E02.HDTV.x264-ASAP-CZ.zip
2013-07-09 21:24 - 2013-07-10 23:12 - 963043168 _____ C:\Users\Marty\Desktop\luther.3x02.720p_hdtv_x264-fov.mkv
2013-07-09 21:16 - 2013-07-09 21:16 - 00020950 _____ C:\Users\Marty\Downloads\ff04a751d829f2f08241977bbf1f61392ba170c0.zip
2013-07-09 21:16 - 2013-07-09 08:08 - 00053553 _____ C:\Users\Marty\Desktop\Under.the.Dome.S01E03.HDTV.x264-LOL.HI.srt
2013-07-09 21:13 - 2013-07-09 21:13 - 00047086 _____ C:\Users\Marty\Desktop\Under the Dome - 01x03 - Manhunt.HDTV.x264-LOL.Dutch.orig.Addic7ed.com.srt
2013-07-09 20:25 - 2013-07-09 20:25 - 00013106 _____ C:\Users\Marty\Downloads\6eb7a02ea017a490d322df92e8f535b994d27076.zip
2013-07-09 20:25 - 2013-07-09 19:04 - 00033827 _____ C:\Users\Marty\Desktop\Defiance.S01E12.HDTV.x264-EVOLVE.srt
2013-07-09 20:23 - 2013-07-09 20:22 - 00041166 _____ C:\Users\Marty\Desktop\Defiance_s01e12_Past Is Prologue_cz.srt
2013-07-09 20:22 - 2013-07-09 20:22 - 00019119 _____ C:\Users\Marty\Downloads\defiance.past.is.prologue.(2013).cze.1cd.(5073745).zip
2013-07-08 21:32 - 2013-07-08 21:32 - 00018108 _____ C:\Users\Marty\Downloads\f6ebc5f29a1268e9409f63ceb25a22b5a244a5e2.zip
2013-07-08 21:32 - 2013-07-08 13:56 - 00045382 _____ C:\Users\Marty\Desktop\Continuum.S02E09.HDTV.x264-2HD.srt
2013-07-06 04:58 - 2011-10-13 19:17 - 00000000 ____D C:\Users\Marty\Desktop\Bordel
2013-07-03 21:56 - 2013-07-03 21:56 - 00018252 _____ C:\Users\Marty\Downloads\77295bb9b433884e9eb46622ca79e1131a8b8ccd.zip
2013-07-03 21:02 - 2013-07-03 21:02 - 00023223 _____ C:\Users\Marty\Downloads\Perception-02x02.Addic7ed.com.zip
2013-07-03 20:57 - 2013-07-03 20:57 - 00013875 _____ C:\Users\Marty\Downloads\Luther.3x01.HDTV.x264-FoV.mp4.torrent
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv].exe
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv] (1).exe
2013-07-03 01:35 - 2013-07-11 22:29 - 839796263 _____ C:\Users\Marty\Desktop\Pacific Rim 2013 GreatQual-YXwil!.rar
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english.zip
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english (1).zip
2013-07-02 23:04 - 2013-07-02 23:04 - 00029330 _____ C:\Users\Marty\Downloads\[Limetorrents.com]_Luther S03E01 Series 3 Episode 1 HDTV XviD FQM.torrent
2013-07-02 13:36 - 2013-07-02 13:36 - 00056331 _____ C:\Users\Marty\Downloads\King & Maxwell - 01x04 - King's Ransom.ASAP.English.HI.C.orig.Addic7ed.com (1).srt
2013-07-01 23:28 - 2013-07-01 23:28 - 00021201 _____ C:\Users\Marty\Downloads\Dexter.S08E01.HDTV.x264-2HD-CZ.zip
2013-07-01 22:20 - 2013-07-01 22:20 - 00021852 _____ C:\Users\Marty\Downloads\crossing.lines.desperate.desperadoes.(tv.episode).().eng.1cd.(5068083).zip
2013-07-01 21:33 - 2013-07-01 21:33 - 00035842 _____ C:\Users\Marty\Downloads\Falling-Skies (1).zip
2013-06-30 18:45 - 2012-02-12 11:19 - 00000000 ____D C:\Program Files (x86)\SharkScope
2013-06-30 17:30 - 2012-02-26 18:50 - 00001035 _____ C:\Users\Marty\Desktop\SharkScope HUD.lnk
2013-06-30 17:30 - 2012-02-12 11:19 - 00001035 _____ C:\Users\postgres.Marty-PC.000\Desktop\SharkScope HUD.lnk
2013-06-30 17:30 - 2012-02-12 11:19 - 00001035 _____ C:\Users\elephant\Desktop\SharkScope HUD.lnk
2013-06-28 23:31 - 2013-06-28 23:31 - 00026884 _____ C:\Users\Marty\Downloads\16f63cf7ee012c3affb3e8655be332ab9c972f38.zip
2013-06-28 11:58 - 2010-01-28 17:12 - 00000000 ____D C:\Program Files (x86)\PokerStars
2013-06-27 13:24 - 2013-01-18 16:14 - 00000000 ____D C:\Users\Marty\Desktop\6max
2013-06-27 13:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-06-26 03:05 - 2011-01-11 20:24 - 01582990 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-25 09:35 - 2013-02-05 01:01 - 00000000 ____D C:\Users\Marty\Desktop\hu
2013-06-24 22:03 - 2013-06-24 22:03 - 00022373 _____ C:\Users\Marty\Downloads\Falling.Skies.S03E04.HDTV.x264-EVOLVE.zip
2013-06-24 13:03 - 2009-12-20 16:11 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-06-22 23:03 - 2013-06-22 23:03 - 00000047 _____ C:\Program Files (x86)\log_hud.txtlog_hud.t
2013-06-22 00:54 - 2013-06-22 00:54 - 00025549 _____ C:\Users\Marty\Downloads\graceland.heat.run.(2013).eng.1cd.(5051580).zip
2013-06-21 13:15 - 2009-12-20 15:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 13:15 - 2009-12-20 15:41 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 13:12 - 2013-04-02 12:15 - 00003029 _____ C:\Users\Marty\Desktop\TableNinja.lnk
2013-06-21 13:12 - 2011-01-19 13:01 - 00002989 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja.lnk
2013-06-20 23:55 - 2013-06-20 23:55 - 00680412 _____ C:\Users\Marty\Desktop\huhyperthisyear.emf
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Users\Marty\AppData\Local\Sharkystrator
2013-06-20 09:48 - 2013-02-07 20:19 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-19 01:36 - 2013-06-19 01:36 - 00020734 _____ C:\Users\Marty\Downloads\d2c68dce870df216fb021601a8cdc8684301379a.zip
2013-06-16 14:44 - 2013-06-16 14:44 - 00001071 _____ C:\Users\Marty\Desktop\Sharkystrator.lnk
2013-06-16 00:22 - 2013-06-16 00:22 - 16067937 _____ (Sharkystrator ) C:\Users\Marty\Downloads\Sharkystrator_ins.exe
ZeroAccess:
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\@
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\U
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\00000004.@
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\201d3dde
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\6715e287
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\76603ac3
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {2e086995-e62f-11de-8cae-e0067ee13bbf}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {2e086997-e62f-11de-8cae-e0067ee13bbf}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {2e086995-e62f-11de-8cae-e0067ee13bbf}
nx OptIn
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {2e086997-e62f-11de-8cae-e0067ee13bbf}
device ramdisk=[C:]\Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\Winre.wim,{2e086998-e62f-11de-8cae-e0067ee13bbf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\Winre.wim,{2e086998-e62f-11de-8cae-e0067ee13bbf}
systemroot \windows
nx OptIn
winpe Yes
Obnovenˇ z hibernace
---------------------
identifik tor {2e086995-e62f-11de-8cae-e0067ee13bbf}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes
Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes
Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Chyby pamŘti RAM
-----------
identifik tor {badmemory}
Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}
Parametry zaýˇzenˇ
--------------
identifik tor {2e086998-e62f-11de-8cae-e0067ee13bbf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\boot.sdi
LastRegBack: 2013-07-16 15:31
==================== End Of Log ============================
2013-07-16 15:47 - 2013-07-16 15:47 - 00000000 ____D C:\FRST
2013-07-16 15:44 - 2013-07-15 22:10 - 00008834 _____ C:\Windows\PFRO.log
2013-07-16 15:42 - 2013-07-15 18:45 - 00159355 _____ C:\Windows\WindowsUpdate.log
2013-07-16 15:42 - 2009-12-11 03:47 - 00000216 _____ C:\service.log
2013-07-16 15:39 - 2009-07-14 17:18 - 00675116 _____ C:\Windows\system32\perfh005.dat
2013-07-16 15:39 - 2009-07-14 17:18 - 00145070 _____ C:\Windows\system32\perfc005.dat
2013-07-16 15:39 - 2009-07-14 07:13 - 01604530 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-16 15:38 - 2013-07-15 01:00 - 00001068 _____ C:\Windows\setupact.log
2013-07-16 15:34 - 2009-12-20 15:42 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Skype
2013-07-16 15:31 - 2010-01-21 10:06 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 14:46 - 2013-07-16 14:46 - 01778135 _____ (Farbar) C:\Users\Marty\Downloads\FRST64.exe
2013-07-16 14:46 - 2013-02-26 22:13 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 14:39 - 2009-07-14 06:45 - 00015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 14:39 - 2009-07-14 06:45 - 00015024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 14:31 - 2010-01-21 10:06 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 14:28 - 2009-12-11 03:46 - 00023080 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-07-16 14:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-16 14:04 - 2010-01-28 17:12 - 00000000 ____D C:\Users\Marty\AppData\Local\PokerStars
2013-07-16 13:46 - 2013-07-16 13:26 - 00000000 ____D C:\ComboFix
2013-07-16 13:46 - 2013-07-16 13:20 - 00000000 ____D C:\Qoobox
2013-07-16 13:46 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-16 13:45 - 2013-07-16 13:45 - 00042747 _____ C:\ComboFix.txt
2013-07-16 13:43 - 2013-07-16 13:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2013-07-16 13:42 - 2013-07-16 13:20 - 00000000 ____D C:\Windows\erdnt
2013-07-16 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-16 13:37 - 2013-07-15 18:41 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2013-07-16 13:37 - 2013-07-15 18:40 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2013-07-16 13:35 - 2012-05-16 23:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 13:35 - 2012-05-16 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 13:26 - 2009-12-20 16:12 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Azureus
2013-07-16 13:10 - 2013-07-16 13:10 - 05089088 ____R (Swearware) C:\Users\Marty\Desktop\ComboFix.exe
2013-07-16 13:04 - 2013-07-16 13:04 - 00891022 _____ C:\Users\Marty\Desktop\SecurityCheck.exe
2013-07-16 13:03 - 2013-07-16 13:03 - 00001796 _____ C:\sc-cleaner.txt
2013-07-16 13:02 - 2013-07-16 13:02 - 00406144 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\sc-cleaner.exe
2013-07-16 13:00 - 2013-07-16 12:58 - 00026082 _____ C:\Users\Marty\Desktop\Rkill.txt
2013-07-16 13:00 - 2013-07-15 18:41 - 00177312 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2013-07-16 13:00 - 2013-07-15 18:41 - 00007631 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2013-07-16 12:59 - 2013-07-15 18:41 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2013-07-16 12:58 - 2013-07-16 12:58 - 00000000 ____D C:\Users\Marty\Desktop\rkill
2013-07-16 12:58 - 2013-07-16 12:57 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\Marty\Desktop\rkill.exe
2013-07-16 04:27 - 2013-07-16 04:27 - 00025696 _____ C:\Users\Marty\Desktop\log.odt
2013-07-16 02:10 - 2013-07-15 16:33 - 00060632 _____ C:\Users\Marty\Desktop\Crossing.Lines.S01E05.HDTV.x264-LOL.HI.srt
2013-07-16 02:09 - 2013-07-16 02:09 - 00023542 _____ C:\Users\Marty\Downloads\a5769e0eb8112b45e397eea2db8eee84cddd232d.zip
2013-07-16 01:31 - 2013-07-16 01:31 - 00000000 ____D C:\Windows\System32\Tasks\Norton Identity Safe
2013-07-16 00:48 - 2013-07-15 14:54 - 00040376 _____ C:\Users\Marty\Desktop\Dexter.S08E03.HDTV.x264-ASAP CZ.srt
2013-07-16 00:47 - 2013-07-16 00:47 - 00017891 _____ C:\Users\Marty\Downloads\Dexter.S08E03.HDTV.x264-ASAP-CZ.zip
2013-07-15 23:58 - 2013-07-15 23:58 - 00014077 _____ C:\Users\Marty\Downloads\[kickass.to]dexter.s08e03.hdtv.x264.asap.eztv.torrent
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\rsit
2013-07-15 23:30 - 2013-07-15 23:30 - 00000000 ____D C:\Program Files\trend micro
2013-07-15 23:29 - 2013-07-15 23:28 - 00935175 _____ C:\Users\Marty\Downloads\RSITx64.exe
2013-07-15 23:07 - 2013-07-15 23:07 - 00000000 __SHD C:\$$PendingFiles
2013-07-15 23:00 - 2013-07-15 23:00 - 00002975 _____ C:\Users\Marty\Desktop\HiJackThis.lnk
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-07-15 23:00 - 2013-07-15 23:00 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-07-15 22:59 - 2013-07-15 22:59 - 01402880 _____ C:\Users\Marty\Downloads\HiJackThis.msi
2013-07-15 22:44 - 2013-07-15 22:44 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981 (1).msi
2013-07-15 22:43 - 2013-07-15 22:43 - 01043968 _____ C:\Users\Marty\Downloads\MicrosoftFixit50981.msi
2013-07-15 22:41 - 2011-10-13 14:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-15 22:35 - 2009-12-14 06:46 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-07-15 22:13 - 2012-10-11 09:06 - 00001355 _____ C:\Users\Public\Desktop\Centrum řešení HP.lnk
2013-07-15 21:43 - 2013-07-15 21:43 - 87602968 _____ (Microsoft Corporation) C:\Users\Marty\Downloads\msert.exe
2013-07-15 20:29 - 2013-06-19 23:08 - 00001320 _____ C:\Users\Marty\Downloads\MARTIN_G.R.R._-_Pisen_ledu_a_ohne_-_3._Boure_mecu_-_cast_02.lnk
2013-07-15 20:24 - 2013-07-15 20:24 - 00003340 _____ C:\Windows\System32\Tasks\RegHunterStartup
2013-07-15 20:23 - 2013-07-15 20:23 - 00001163 _____ C:\Users\Public\Desktop\RegHunter.lnk
2013-07-15 20:23 - 2013-07-15 20:02 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-07-15 20:21 - 2013-07-15 20:21 - 00916928 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\RegHunter-Installer.exe
2013-07-15 20:02 - 2013-07-15 20:02 - 00057886 _____ C:\Windows\SysWOW64\epfwdata.bin
2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\sh4ldr
2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 _____ C:\autoexec.bat
2013-07-15 20:02 - 2013-07-15 20:01 - 00000000 ____D C:\Windows\67E1227ED5534A6A96CD40CCBBC705D8.TMP
2013-07-15 20:00 - 2013-07-15 20:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-installer.com
2013-07-15 19:44 - 2011-10-13 19:31 - 00000000 ____D C:\Users\Marty\Documents\poker
2013-07-15 19:02 - 2013-06-16 14:44 - 00000000 ____D C:\Program Files (x86)\Sharkystrator
2013-07-15 19:02 - 2013-01-08 22:54 - 00000000 ____D C:\Users\Marty\Documents\Hitman Blood Money
2013-07-15 19:02 - 2011-09-03 13:11 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Mikogo 4
2013-07-15 19:02 - 2010-02-25 18:33 - 00000000 ____D C:\Users\postgres.Marty-PC.000
2013-07-15 19:02 - 2010-02-09 17:39 - 00000000 ____D C:\Users\postgres.Marty-PC
2013-07-15 19:02 - 2010-02-06 02:16 - 00000000 ____D C:\Users\elephant
2013-07-15 19:02 - 2010-02-06 02:01 - 00000000 ____D C:\Users\postgres
2013-07-15 19:02 - 2009-12-11 03:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-15 19:01 - 2013-01-08 22:38 - 00000000 ____D C:\Program Files (x86)\Eidos
2013-07-15 19:01 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-07-15 19:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Symantec
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-07-15 18:41 - 2013-07-15 18:41 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-07-15 18:41 - 2013-07-15 18:40 - 00000000 ____D C:\ProgramData\Norton
2013-07-15 18:40 - 2013-07-15 18:40 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-07-15 18:40 - 2013-07-15 18:39 - 161426312 _____ (Symantec Corporation) C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe
2013-07-15 18:32 - 2013-07-12 11:21 - 00000000 ____D C:\ProgramData\ESET
2013-07-15 18:32 - 2013-07-12 11:21 - 00000000 ____D C:\Program Files\ESET
2013-07-15 18:13 - 2009-12-20 22:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-15 18:03 - 2009-12-11 03:37 - 00000000 ____D C:\Users\Marty
2013-07-15 17:53 - 2013-07-15 17:53 - 00000000 ____D C:\VTRoot
2013-07-15 17:44 - 2013-07-15 17:42 - 00000000 ____D C:\Program Files (x86)\Comodo
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\ProgramData\COMODO
2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\Program Files\COMODO
2013-07-15 17:42 - 2013-07-15 17:42 - 00000000 ____D C:\Users\Marty\AppData\Local\Comodo
2013-07-15 16:08 - 2013-07-15 14:41 - 00005075 _____ C:\Users\Marty\Documents\pgadmin.log
2013-07-15 15:36 - 2013-07-15 15:36 - 00000000 ____D C:\Program Files\PostgreSQL
2013-07-15 15:29 - 2013-07-12 11:55 - 00546061 _____ C:\Users\Marty\Downloads\avgremover.log
2013-07-15 15:29 - 2009-12-25 15:42 - 00000000 ____D C:\ProgramData\avg9
2013-07-15 15:02 - 2013-07-15 14:41 - 00000000 ____D C:\Users\Marty\AppData\Roaming\postgresql
2013-07-15 14:35 - 2013-07-15 14:35 - 122356298 _____ C:\Users\Marty\Downloads\Holdem_Manager_Setup_1.12.10b.exe
2013-07-15 14:19 - 2013-07-15 14:19 - 43561712 _____ (PostgreSQL Global Development Group) C:\Users\Marty\Downloads\postgresql-8.4.17-1-windows.exe
2013-07-15 01:00 - 2013-07-15 01:00 - 00000000 _____ C:\Windows\setuperr.log
2013-07-14 08:50 - 2012-11-15 17:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TS3Client
2013-07-14 08:50 - 2009-12-20 16:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\DAEMON Tools Lite
2013-07-14 08:48 - 2012-10-31 20:52 - 00000000 ____D C:\Windows\Minidump
2013-07-14 08:48 - 2009-12-11 10:28 - 00000000 ____D C:\Windows\Panther
2013-07-12 14:01 - 2013-07-12 14:01 - 00024672 _____ C:\Users\Marty\Downloads\f9f82ae98c32dff7034ae316f1f8a5ef2e9675e8.zip
2013-07-12 14:01 - 2013-07-12 11:18 - 00063148 _____ C:\Users\Marty\Desktop\Graceland.S01E05.720p.HDTV.x264-EVOLVE.srt
2013-07-12 12:00 - 2013-07-12 12:00 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2013-07-12 12:00 - 2009-12-13 20:10 - 00030528 _____ C:\Windows\GVTDrv64.sys
2013-07-12 11:56 - 2011-03-01 16:13 - 00000000 ____D C:\ProgramData\MFAData
2013-07-12 11:55 - 2013-07-12 11:55 - 02899344 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Marty\Downloads\avg_remover_stf_x64_2012_2125.exe
2013-07-12 11:34 - 2013-04-02 21:21 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TableNinja.v2
2013-07-12 11:31 - 2013-04-14 11:14 - 00000000 ____D C:\$AVG
2013-07-12 11:15 - 2013-07-12 11:15 - 00000000 ____D C:\Users\Marty\AppData\Roaming\TuneUp Software
2013-07-12 00:26 - 2010-01-21 10:06 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-12 00:26 - 2010-01-21 10:06 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-11 23:04 - 2013-07-11 23:04 - 00002429 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng(1).srt
2013-07-11 23:03 - 2013-07-11 23:03 - 00002427 _____ C:\Users\Marty\Desktop\Now You See Me 2013 CAM XviD MP3 MiLLENiUM-eng.srt
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
2013-07-11 22:23 - 2013-07-11 22:23 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-07-11 20:41 - 2013-07-11 20:41 - 00016409 _____ C:\Users\Marty\Downloads\[isoHunt] A9FF8A9017D6DBBC3E22D430ED3CD510CF566D8F.torrent
2013-07-11 20:40 - 2013-07-11 20:40 - 00000000 _____ C:\Users\Marty\Downloads\Pacific_Rim_2013_CamRip_XviD_Thanole.torrent
2013-07-11 20:37 - 2013-07-11 20:37 - 00030880 _____ C:\Users\Marty\Downloads\Now You See Me 2013 English DVD [720p].torrent
2013-07-11 20:15 - 2013-06-13 14:16 - 79962309 _____ C:\blitzerr.txt
2013-07-10 23:59 - 2013-07-10 23:59 - 00015642 _____ C:\Users\Marty\Downloads\3ea08bea04851c32e820e6da9bcda23c46e6966d.zip
2013-07-10 23:59 - 2013-07-09 22:44 - 00040973 _____ C:\Users\Marty\Desktop\Luther - 03x02 - Series 3, Episode 2.x264-FoV.English.C.orig.srt
2013-07-10 23:13 - 2013-07-10 23:13 - 00000000 ____D C:\Users\Marty\Desktop\Subs
2013-07-10 22:55 - 2013-07-10 22:55 - 00048276 _____ C:\Users\Marty\Downloads\Perception-S02E03.zip
2013-07-10 22:55 - 2013-07-10 21:11 - 00057708 _____ C:\Users\Marty\Desktop\Perception.S02E03.HDTV.x264-LOL.srt
2013-07-10 22:42 - 2013-07-10 22:41 - 00075813 _____ C:\Users\Marty\Downloads\[isoHunt] 1E760728069BAA3A1F779C58A062A8B77C3E4E97.torrent
2013-07-10 11:38 - 2013-01-22 01:34 - 00000000 ____D C:\Program Files (x86)\TableNinja
2013-07-09 23:08 - 2013-07-09 21:16 - 00040005 _____ C:\Users\Marty\Desktop\Ray.Donovan.S01E02.HDTV.x264-ASAP CZ.srt
2013-07-09 23:07 - 2013-07-09 23:07 - 00017448 _____ C:\Users\Marty\Downloads\Ray.Donovan.S01E02.HDTV.x264-ASAP-CZ.zip
2013-07-09 21:24 - 2013-07-10 23:12 - 963043168 _____ C:\Users\Marty\Desktop\luther.3x02.720p_hdtv_x264-fov.mkv
2013-07-09 21:16 - 2013-07-09 21:16 - 00020950 _____ C:\Users\Marty\Downloads\ff04a751d829f2f08241977bbf1f61392ba170c0.zip
2013-07-09 21:16 - 2013-07-09 08:08 - 00053553 _____ C:\Users\Marty\Desktop\Under.the.Dome.S01E03.HDTV.x264-LOL.HI.srt
2013-07-09 21:13 - 2013-07-09 21:13 - 00047086 _____ C:\Users\Marty\Desktop\Under the Dome - 01x03 - Manhunt.HDTV.x264-LOL.Dutch.orig.Addic7ed.com.srt
2013-07-09 20:25 - 2013-07-09 20:25 - 00013106 _____ C:\Users\Marty\Downloads\6eb7a02ea017a490d322df92e8f535b994d27076.zip
2013-07-09 20:25 - 2013-07-09 19:04 - 00033827 _____ C:\Users\Marty\Desktop\Defiance.S01E12.HDTV.x264-EVOLVE.srt
2013-07-09 20:23 - 2013-07-09 20:22 - 00041166 _____ C:\Users\Marty\Desktop\Defiance_s01e12_Past Is Prologue_cz.srt
2013-07-09 20:22 - 2013-07-09 20:22 - 00019119 _____ C:\Users\Marty\Downloads\defiance.past.is.prologue.(2013).cze.1cd.(5073745).zip
2013-07-08 21:32 - 2013-07-08 21:32 - 00018108 _____ C:\Users\Marty\Downloads\f6ebc5f29a1268e9409f63ceb25a22b5a244a5e2.zip
2013-07-08 21:32 - 2013-07-08 13:56 - 00045382 _____ C:\Users\Marty\Desktop\Continuum.S02E09.HDTV.x264-2HD.srt
2013-07-06 04:58 - 2011-10-13 19:17 - 00000000 ____D C:\Users\Marty\Desktop\Bordel
2013-07-03 21:56 - 2013-07-03 21:56 - 00018252 _____ C:\Users\Marty\Downloads\77295bb9b433884e9eb46622ca79e1131a8b8ccd.zip
2013-07-03 21:02 - 2013-07-03 21:02 - 00023223 _____ C:\Users\Marty\Downloads\Perception-02x02.Addic7ed.com.zip
2013-07-03 20:57 - 2013-07-03 20:57 - 00013875 _____ C:\Users\Marty\Downloads\Luther.3x01.HDTV.x264-FoV.mp4.torrent
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv].exe
2013-07-03 20:43 - 2013-07-03 20:43 - 00261024 _____ C:\Users\Marty\Downloads\Luther_3x01_HDTV_x264-FoV_[eztv] (1).exe
2013-07-03 01:35 - 2013-07-11 22:29 - 839796263 _____ C:\Users\Marty\Desktop\Pacific Rim 2013 GreatQual-YXwil!.rar
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english.zip
2013-07-02 23:53 - 2013-07-02 23:53 - 00023026 _____ C:\Users\Marty\Downloads\subtitle-english (1).zip
2013-07-02 23:04 - 2013-07-02 23:04 - 00029330 _____ C:\Users\Marty\Downloads\[Limetorrents.com]_Luther S03E01 Series 3 Episode 1 HDTV XviD FQM.torrent
2013-07-02 13:36 - 2013-07-02 13:36 - 00056331 _____ C:\Users\Marty\Downloads\King & Maxwell - 01x04 - King's Ransom.ASAP.English.HI.C.orig.Addic7ed.com (1).srt
2013-07-01 23:28 - 2013-07-01 23:28 - 00021201 _____ C:\Users\Marty\Downloads\Dexter.S08E01.HDTV.x264-2HD-CZ.zip
2013-07-01 22:20 - 2013-07-01 22:20 - 00021852 _____ C:\Users\Marty\Downloads\crossing.lines.desperate.desperadoes.(tv.episode).().eng.1cd.(5068083).zip
2013-07-01 21:33 - 2013-07-01 21:33 - 00035842 _____ C:\Users\Marty\Downloads\Falling-Skies (1).zip
2013-06-30 18:45 - 2012-02-12 11:19 - 00000000 ____D C:\Program Files (x86)\SharkScope
2013-06-30 17:30 - 2012-02-26 18:50 - 00001035 _____ C:\Users\Marty\Desktop\SharkScope HUD.lnk
2013-06-30 17:30 - 2012-02-12 11:19 - 00001035 _____ C:\Users\postgres.Marty-PC.000\Desktop\SharkScope HUD.lnk
2013-06-30 17:30 - 2012-02-12 11:19 - 00001035 _____ C:\Users\elephant\Desktop\SharkScope HUD.lnk
2013-06-28 23:31 - 2013-06-28 23:31 - 00026884 _____ C:\Users\Marty\Downloads\16f63cf7ee012c3affb3e8655be332ab9c972f38.zip
2013-06-28 11:58 - 2010-01-28 17:12 - 00000000 ____D C:\Program Files (x86)\PokerStars
2013-06-27 13:24 - 2013-01-18 16:14 - 00000000 ____D C:\Users\Marty\Desktop\6max
2013-06-27 13:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-06-26 03:05 - 2011-01-11 20:24 - 01582990 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-25 09:35 - 2013-02-05 01:01 - 00000000 ____D C:\Users\Marty\Desktop\hu
2013-06-24 22:03 - 2013-06-24 22:03 - 00022373 _____ C:\Users\Marty\Downloads\Falling.Skies.S03E04.HDTV.x264-EVOLVE.zip
2013-06-24 13:03 - 2009-12-20 16:11 - 00000000 ____D C:\Program Files (x86)\Vuze
2013-06-22 23:03 - 2013-06-22 23:03 - 00000047 _____ C:\Program Files (x86)\log_hud.txtlog_hud.t
2013-06-22 00:54 - 2013-06-22 00:54 - 00025549 _____ C:\Users\Marty\Downloads\graceland.heat.run.(2013).eng.1cd.(5051580).zip
2013-06-21 13:15 - 2009-12-20 15:41 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-21 13:15 - 2009-12-20 15:41 - 00000000 ____D C:\ProgramData\Skype
2013-06-21 13:12 - 2013-04-02 12:15 - 00003029 _____ C:\Users\Marty\Desktop\TableNinja.lnk
2013-06-21 13:12 - 2011-01-19 13:01 - 00002989 _____ C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TableNinja.lnk
2013-06-20 23:55 - 2013-06-20 23:55 - 00680412 _____ C:\Users\Marty\Desktop\huhyperthisyear.emf
2013-06-20 19:04 - 2013-06-20 19:04 - 00000000 ____D C:\Users\Marty\AppData\Local\Sharkystrator
2013-06-20 09:48 - 2013-02-07 20:19 - 00001090 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-19 01:36 - 2013-06-19 01:36 - 00020734 _____ C:\Users\Marty\Downloads\d2c68dce870df216fb021601a8cdc8684301379a.zip
2013-06-16 14:44 - 2013-06-16 14:44 - 00001071 _____ C:\Users\Marty\Desktop\Sharkystrator.lnk
2013-06-16 00:22 - 2013-06-16 00:22 - 16067937 _____ (Sharkystrator ) C:\Users\Marty\Downloads\Sharkystrator_ins.exe
ZeroAccess:
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\@
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\U
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\00000004.@
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\201d3dde
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\6715e287
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\76603ac3
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== BCD ================================
Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {2e086995-e62f-11de-8cae-e0067ee13bbf}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {2e086997-e62f-11de-8cae-e0067ee13bbf}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {2e086995-e62f-11de-8cae-e0067ee13bbf}
nx OptIn
Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {2e086997-e62f-11de-8cae-e0067ee13bbf}
device ramdisk=[C:]\Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\Winre.wim,{2e086998-e62f-11de-8cae-e0067ee13bbf}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\Winre.wim,{2e086998-e62f-11de-8cae-e0067ee13bbf}
systemroot \windows
nx OptIn
winpe Yes
Obnovenˇ z hibernace
---------------------
identifik tor {2e086995-e62f-11de-8cae-e0067ee13bbf}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostika pamŘti syst‚mu Windows
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes
Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes
Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Chyby pamŘti RAM
-----------
identifik tor {badmemory}
Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}
Parametry zaýˇzenˇ
--------------
identifik tor {2e086998-e62f-11de-8cae-e0067ee13bbf}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\2e086997-e62f-11de-8cae-e0067ee13bbf\boot.sdi
LastRegBack: 2013-07-16 15:31
==================== End Of Log ============================
Re: Spousta havěti
Napsal: 16 črc 2013 15:27
Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) OdinstalujteSpybot - Search & Destroy a tez SpyHunter a RegHunter- program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam Projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate - pokud neco nepojede, tak preskocte
- ftp://ftp.symantec.com/public/english_u ... l_Tool.exe
- http://download.avg.com/filedir/util/su ... 1_1184.exe
- http://download.eset.com/special/ESETUninstaller.exe navod zde http://www.viry.cz/forum/viewtopic.php?p=889437#p889437
- http://sites.google.com/site/comodoremovaltool/
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated) HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKCU\...\Run: [PicPick Start] - C:\Program Files (x86)\PicPick\picpick.exe [4816896 2010-11-20] () HKCU\...\Run: [Mikogo] - "C:\Users\Marty\AppData\Roaming\Mikogo 4\mikogo-host.exe" -asp [5420408 2011-08-04] () HKCU\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd) HKCU\...\Run: [supertintin_skype] - C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto [999936 2011-01-10] (Imtiger Software Inc.) HKCU\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [19603048 2013-06-03] (Skype Technologies S.A.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" [39792 2008-01-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [Nikon Transfer Monitor] - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation) HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [402432 2010-07-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BCSSync] - "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation) HKU\elephant\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.) HKU\elephant\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd) HKU\elephant\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\elephant\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.) HKU\elephant\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x] HKU\elephant\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x] HKU\postgres\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x] HKU\postgres.Marty-PC\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x] HKU\postgres.Marty-PC.000\...\Run: [Skype] - "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized [19603048 2013-06-03] (Skype Technologies S.A.) HKU\postgres.Marty-PC.000\...\Run: [DAEMON Tools Lite] - "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3671872 2012-04-17] (DT Soft Ltd) HKU\postgres.Marty-PC.000\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.) HKU\postgres.Marty-PC.000\...\Run: [ICQ] - "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4 [133432 2010-08-09] (ICQ, LLC.) HKU\postgres.Marty-PC.000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] - "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB [x] HKU\postgres.Marty-PC.000\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe" [x] HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch URLSearchHook: (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File URLSearchHook: (No Name) - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - No File HKLM-x32 SearchScopes: DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678 SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2117678 HKCU SearchScopes: DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=109980&babsrc=SP_ss&mntrId=fcc193f800000000000000ffa4db18e9 SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd SearchScopes: HKCU - {7C053627-1C30-43F6-98CD-AEE69CCE26F3} URL = http://www.webhledani.cz/results.aspx?i=42&tp=ie&q={searchTerms} SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms} SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKCU - {CF739809-1C6C-47C0-85B9-569DBB141420} URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=VZ2 BHO-x32: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited) BHO-x32: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () Toolbar: HKLM-x32 - Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com) Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll () Toolbar: HKLM-x32 - NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files (x86)\NCH\tbNCH.dll (Conduit Ltd.) Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll () Toolbar: HKCU - No Name - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No File Toolbar: HKCU - No Name - {C2DB4FE6-8409-45CE-8010-189A7B5CCE86} - No File DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} FF SelectedSearchEngine: AVG Secure Search FF Homepage: hxxp://isearch.avg.com/?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=15.3.0.11&pid=avg&sg=0&sap=hp FF Keyword.URL: hxxp://isearch.avg.com/search?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&pid=avg&sg=0&v=15.3.0.11&sap=ku&q= FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-1.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-2.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-3.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-4.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-5.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-6.xml FF SearchPlugin: C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml FF Extension: Babylon - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\ffxtlbr@babylon.com FF Extension: brothersoft afc Community Toolbar - C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{0b7430e9-e659-4555-ac67-be3340aaa519} CHR RestoreOnStartup: "hxxp://us.yahoo.com?fr=fpc-comodo" CHR Plugin: (AVG Internet Security) - C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File S2 ASKService; C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe [464264 2009-04-02] () S2 ASKUpgrade; C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe [234888 2009-04-02] () S2 gupdate1ca9a6f3d2f71c0; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [133104 2010-01-21] (Google Inc.) S2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [246520 2010-03-28] () S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.) S2 SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [1025408 2013-06-27] (Enigma Software Group USA, LLC.) 2013-07-15 20:24 - 2013-07-15 20:24 - 00003340 _____ C:\Windows\System32\Tasks\RegHunterStartup 2013-07-15 20:23 - 2013-07-15 20:23 - 00001163 _____ C:\Users\Public\Desktop\RegHunter.lnk 2013-07-15 20:21 - 2013-07-15 20:21 - 00916928 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\RegHunter-Installer.exe 2013-07-15 20:02 - 2013-07-15 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group 2013-07-15 20:02 - 2013-07-15 20:02 - 00057886 _____ C:\Windows\SysWOW64\epfwdata.bin 2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup 2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk 2013-07-15 20:02 - 2013-07-15 20:02 - 00000000 ____D C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2013-07-15 20:00 - 2013-07-15 20:00 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Marty\Downloads\SpyHunter-installer.com 2013-07-15 18:40 - 2013-07-15 18:41 - 00000000 ____D C:\ProgramData\Norton 2013-07-15 18:40 - 2013-07-15 18:40 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus 2013-07-15 18:39 - 2013-07-15 18:40 - 161426312 _____ (Symantec Corporation) C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe 2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\ProgramData\COMODO 2013-07-15 17:43 - 2013-07-15 17:43 - 00000000 ____D C:\Program Files\COMODO 2013-07-15 17:42 - 2013-07-15 17:44 - 00000000 ____D C:\Program Files (x86)\Comodo 2013-07-15 17:42 - 2013-07-15 17:42 - 00000000 ____D C:\Users\Marty\AppData\Local\Comodo 2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\ProgramData\ESET 2013-07-12 11:21 - 2013-07-15 18:32 - 00000000 ____D C:\Program Files\ESET 2013-07-16 13:43 - 2013-07-16 13:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus 2013-07-16 13:37 - 2013-07-15 18:41 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration 2013-07-15 20:02 - 2013-07-15 20:02 - 00003326 _____ C:\Windows\System32\Tasks\SpyHunter4Startup 2013-07-15 20:02 - 2013-07-15 20:02 - 00002258 _____ C:\Users\Marty\Desktop\SpyHunter.lnk 2013-07-15 18:13 - 2009-12-20 22:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-07-15 15:29 - 2013-07-12 11:55 - 00546061 _____ C:\Users\Marty\Downloads\avgremover.log 2013-07-15 15:29 - 2009-12-25 15:42 - 00000000 ____D C:\ProgramData\avg9 C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275} C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\@ C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\U C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\00000004.@ C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\201d3dde C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\6715e287 C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\76603ac3 C:\PROGRA~1\ENIGMA~1 C:\Program Files (x86)\ICQ6Toolbar C:\Program Files (x86)\DAEMON Tools Toolbar C:\Program Files (x86)\AskBarDis C:\Program Files (x86)\AVG Secure Search- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny log na flashku k FRST
Spustte znovu FRST.exe na tom poskozenem PC
- Kliknete na Fix
- Probehne oprava a na flash disku se vytvori log Fixlog.txt
Pokuste se nastartovat do bezneho rezimuRe: Spousta havěti
Napsal: 16 črc 2013 15:34
btw: ty utility na výmaz antivirů udělat předpokládám ještě tedka a ne v tom nouzáku že??
Re: Spousta havěti
Napsal: 16 črc 2013 15:42
V nouzovem rezimu s praci v siti
Re: Spousta havěti
Napsal: 16 črc 2013 16:21
ok, spybot odistalovanej.spy+reg nejde.nejaká hláška že není možné získat přístup k instalační službě.
Re: Spousta havěti
Napsal: 16 črc 2013 16:22
Fajn, postupujte dale...Ja tusil ze ty dve nepujdou 
Re: Spousta havěti
Napsal: 16 črc 2013 16:26
hotovo, mám sem hodit ten fixlog?
Re: Spousta havěti
Napsal: 16 črc 2013 16:30
Aaano, dejte mi sem fixlog, at vidim co se nam provedlo
Re: Spousta havěti
Napsal: 16 črc 2013 16:32
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-07-2013 02
Ran by Marty at 2013-07-16 17:18:35 Run:1
Running from F:\
Boot Mode: Safe Mode (with Networking)
==============================================
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\PicPick Start => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Mikogo => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\supertintin_skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Transfer Monitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres.Marty-PC\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} => Value deleted successfully.
HKCR\CLSID\{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C053627-1C30-43F6-98CD-AEE69CCE26F3} => Key deleted successfully.
HKCR\CLSID\{7C053627-1C30-43F6-98CD-AEE69CCE26F3} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} => Key not found.
HKCR\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key not found.
HKCR\Wow6432Node\CLSID\{53707962-6F74-2D53-2644-206D7942484F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} => Value deleted successfully.
HKCR\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} => Value deleted successfully.
HKCR\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\conduit.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-2.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-3.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-4.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-5.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-6.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{0b7430e9-e659-4555-ac67-be3340aaa519} => Moved successfully.
CHR RestoreOnStartup: "hxxp://us.yahoo.com?fr=fpc-comodo" ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll not found.
ASKService => Service deleted successfully.
ASKUpgrade => Service deleted successfully.
gupdate1ca9a6f3d2f71c0 => Service deleted successfully.
ICQ Service => Service deleted successfully.
SBSDWSCService => Service not found.
SpyHunter 4 Service => Service deleted successfully.
C:\Windows\System32\Tasks\RegHunterStartup => Moved successfully.
C:\Users\Public\Desktop\RegHunter.lnk => Moved successfully.
C:\Users\Marty\Downloads\RegHunter-Installer.exe => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Windows\SysWOW64\epfwdata.bin => Moved successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
C:\Users\Marty\Desktop\SpyHunter.lnk => Moved successfully.
C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter => Moved successfully.
C:\Users\Marty\Downloads\SpyHunter-installer.com => Moved successfully.
C:\ProgramData\Norton => Moved successfully.
"C:\Program Files (x86)\Norton AntiVirus" => File/Directory not found.
C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe => Moved successfully.
C:\ProgramData\COMODO => Moved successfully.
C:\Program Files\COMODO => Moved successfully.
C:\Program Files (x86)\Comodo => Moved successfully.
C:\Users\Marty\AppData\Local\Comodo => Moved successfully.
"C:\ProgramData\ESET" => File/Directory not found.
"C:\Program Files\ESET" => File/Directory not found.
C:\Windows\System32\Tasks\Norton AntiVirus => Moved successfully.
C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully.
"C:\Windows\System32\Tasks\SpyHunter4Startup" => File/Directory not found.
"C:\Users\Marty\Desktop\SpyHunter.lnk" => File/Directory not found.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Marty\Downloads\avgremover.log => Moved successfully.
"C:\ProgramData\avg9" => File/Directory not found.
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275} => Moved successfully.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\@" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\U" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\00000004.@" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\201d3dde" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\6715e287" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\76603ac3" => File/Directory not found.
"C:\PROGRA~1\ENIGMA~1" => File/Directory not found.
C:\Program Files (x86)\ICQ6Toolbar => Moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar => Moved successfully.
C:\Program Files (x86)\AskBarDis => Moved successfully.
"C:\Program Files (x86)\AVG Secure Search" => File/Directory not found.
==== End of Fixlog ====
Ran by Marty at 2013-07-16 17:18:35 Run:1
Running from F:\
Boot Mode: Safe Mode (with Networking)
==============================================
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\PicPick Start => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Mikogo => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\supertintin_skype => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Transfer Monitor => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\elephant\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres.Marty-PC\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\AVG-Secure-Search-Update_JUNE2013_TB => Value deleted successfully.
HKU\postgres.Marty-PC.000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\spchecker => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Value deleted successfully.
HKCR\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\\{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} => Value deleted successfully.
HKCR\CLSID\{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\\DefaultScope => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key deleted successfully.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7C053627-1C30-43F6-98CD-AEE69CCE26F3} => Key deleted successfully.
HKCR\CLSID\{7C053627-1C30-43F6-98CD-AEE69CCE26F3} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} => Key not found.
HKCR\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F} => Key not found.
HKCR\Wow6432Node\CLSID\{53707962-6F74-2D53-2644-206D7942484F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{c2db4fe6-8409-45ce-8010-189a7b5cce86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3041D03E-FD4B-44E0-B742-2D9B88305F98} => Value deleted successfully.
HKCR\CLSID\{3041D03E-FD4B-44E0-B742-2D9B88305F98} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} => Value deleted successfully.
HKCR\CLSID\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => Key deleted successfully.
Firefox SelectedSearchEngine deleted successfully.
Firefox homepage deleted successfully.
Firefox Keyword.URL deleted successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\conduit.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-1.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-2.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-3.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-4.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-5.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin-6.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\searchplugins\icqplugin.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\answers.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\creativecommons.xml => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\ffxtlbr@babylon.com => Moved successfully.
C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\Extensions\{0b7430e9-e659-4555-ac67-be3340aaa519} => Moved successfully.
CHR RestoreOnStartup: "hxxp://us.yahoo.com?fr=fpc-comodo" ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll not found.
ASKService => Service deleted successfully.
ASKUpgrade => Service deleted successfully.
gupdate1ca9a6f3d2f71c0 => Service deleted successfully.
ICQ Service => Service deleted successfully.
SBSDWSCService => Service not found.
SpyHunter 4 Service => Service deleted successfully.
C:\Windows\System32\Tasks\RegHunterStartup => Moved successfully.
C:\Users\Public\Desktop\RegHunter.lnk => Moved successfully.
C:\Users\Marty\Downloads\RegHunter-Installer.exe => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Windows\SysWOW64\epfwdata.bin => Moved successfully.
C:\Windows\System32\Tasks\SpyHunter4Startup => Moved successfully.
C:\Users\Marty\Desktop\SpyHunter.lnk => Moved successfully.
C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter => Moved successfully.
C:\Users\Marty\Downloads\SpyHunter-installer.com => Moved successfully.
C:\ProgramData\Norton => Moved successfully.
"C:\Program Files (x86)\Norton AntiVirus" => File/Directory not found.
C:\Users\Marty\Downloads\NAV-TW-30-20-1-0-24-CZ.exe => Moved successfully.
C:\ProgramData\COMODO => Moved successfully.
C:\Program Files\COMODO => Moved successfully.
C:\Program Files (x86)\Comodo => Moved successfully.
C:\Users\Marty\AppData\Local\Comodo => Moved successfully.
"C:\ProgramData\ESET" => File/Directory not found.
"C:\Program Files\ESET" => File/Directory not found.
C:\Windows\System32\Tasks\Norton AntiVirus => Moved successfully.
C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully.
"C:\Windows\System32\Tasks\SpyHunter4Startup" => File/Directory not found.
"C:\Users\Marty\Desktop\SpyHunter.lnk" => File/Directory not found.
C:\ProgramData\Spybot - Search & Destroy => Moved successfully.
C:\Users\Marty\Downloads\avgremover.log => Moved successfully.
"C:\ProgramData\avg9" => File/Directory not found.
C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275} => Moved successfully.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\@" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\U" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\00000004.@" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\201d3dde" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\6715e287" => File/Directory not found.
"C:\Windows\Installer\{32af6320-afbd-361c-4889-79e5127d5275}\L\76603ac3" => File/Directory not found.
"C:\PROGRA~1\ENIGMA~1" => File/Directory not found.
C:\Program Files (x86)\ICQ6Toolbar => Moved successfully.
C:\Program Files (x86)\DAEMON Tools Toolbar => Moved successfully.
C:\Program Files (x86)\AskBarDis => Moved successfully.
"C:\Program Files (x86)\AVG Secure Search" => File/Directory not found.
==== End of Fixlog ====
Re: Spousta havěti
Napsal: 16 črc 2013 16:39
Vyyyborne, jde Vam to skvele 
Uz muzete pracovat v beznem rezimu Nainstalujte Avast Free http://www.avast.com/cs-cz/index Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Prohledat
- Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte
Re: Spousta havěti
Napsal: 16 črc 2013 16:58
Avast naistalován..tu je log
# AdwCleaner v2.305 - Log vytvooen 16/07/2013 v 17:56:19
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Marty - MARTY-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Marty\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\1ClickDownload
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\NCH
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\Users\Marty\AppData\Local\Babylon
Složka Nalezeno : C:\Users\Marty\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\AVG Security Toolbar
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\NCH
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\ConduitCommon
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\NCH
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\ExpressFiles
Klíe Nalezeno : HKCU\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3021023
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\ExpressFiles
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EDCF4C04-27CF-4605-AEEB-9C0DECE1A03D}
Klíe Nalezeno : HKLM\Software\NCH
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EDCF4C04-27CF-4605-AEEB-9C0DECE1A03D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=9.0.0.22&sap=nt
-\\ Mozilla Firefox v3.6.12 (en-US)
Soubor : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\prefs.js
Nalezeno : user_pref("CT3021023..clientLogIsEnabled", true);
Nalezeno : user_pref("CT3021023..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Nalezeno : user_pref("CT3021023..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Nalezeno : user_pref("CT3021023.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Nalezeno : user_pref("CT3021023.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nalezeno : user_pref("CT3021023.AppTrackingLastCheckTime", "Sun Feb 05 2012 17:34:06 GMT+0100");
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_1000515", true);
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_129684820469411022", true);
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_129695278345261195", true);
Nalezeno : user_pref("CT3021023.CT3021023", "CT3021023");
Nalezeno : user_pref("CT3021023.CurrentServerDate", "5-2-2012");
Nalezeno : user_pref("CT3021023.DSInstall", true);
Nalezeno : user_pref("CT3021023.DialogsAlignMode", "LTR");
Nalezeno : user_pref("CT3021023.DialogsGetterLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.DownloadReferralCookieData", "");
Nalezeno : user_pref("CT3021023.EMailNotifierPollDate", "Sun Feb 05 2012 18:14:15 GMT+0100");
Nalezeno : user_pref("CT3021023.FirstServerDate", "5-2-2012");
Nalezeno : user_pref("CT3021023.FirstTime", true);
Nalezeno : user_pref("CT3021023.FirstTimeFF3", true);
Nalezeno : user_pref("CT3021023.FixPageNotFoundErrors", true);
Nalezeno : user_pref("CT3021023.GroupingServerCheckInterval", 1440);
Nalezeno : user_pref("CT3021023.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nalezeno : user_pref("CT3021023.HPInstall", true);
Nalezeno : user_pref("CT3021023.HasUserGlobalKeys", true);
Nalezeno : user_pref("CT3021023.HomePageProtectorEnabled", true);
Nalezeno : user_pref("CT3021023.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3021023&SearchSource=[...]
Nalezeno : user_pref("CT3021023.Initialize", true);
Nalezeno : user_pref("CT3021023.InitializeCommonPrefs", true);
Nalezeno : user_pref("CT3021023.InstallationAndCookieDataSentCount", 1);
Nalezeno : user_pref("CT3021023.InstallationType", "ConduitIntegration");
Nalezeno : user_pref("CT3021023.InstalledDate", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.InvalidateCache", false);
Nalezeno : user_pref("CT3021023.IsGrouping", false);
Nalezeno : user_pref("CT3021023.IsInitSetupIni", true);
Nalezeno : user_pref("CT3021023.IsMulticommunity", false);
Nalezeno : user_pref("CT3021023.IsOpenThankYouPage", true);
Nalezeno : user_pref("CT3021023.IsOpenUninstallPage", true);
Nalezeno : user_pref("CT3021023.IsProtectorsInit", true);
Nalezeno : user_pref("CT3021023.LanguagePackLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.LanguagePackReloadIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nalezeno : user_pref("CT3021023.LastLogin_3.8.1.0", "Sun Feb 05 2012 17:34:13 GMT+0100");
Nalezeno : user_pref("CT3021023.LatestVersion", "3.9.0.3");
Nalezeno : user_pref("CT3021023.Locale", "en");
Nalezeno : user_pref("CT3021023.MCDetectTooltipHeight", "83");
Nalezeno : user_pref("CT3021023.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nalezeno : user_pref("CT3021023.MCDetectTooltipWidth", "295");
Nalezeno : user_pref("CT3021023.MyStuffEnabledAtInstallation", true);
Nalezeno : user_pref("CT3021023.OriginalFirstVersion", "3.8.1.0");
Nalezeno : user_pref("CT3021023.RadioIsPodcast", false);
Nalezeno : user_pref("CT3021023.RadioLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.RadioLastUpdateIPServer", "3");
Nalezeno : user_pref("CT3021023.RadioLastUpdateServer", "129513331499700000");
Nalezeno : user_pref("CT3021023.RadioMediaID", "21880437");
Nalezeno : user_pref("CT3021023.RadioMediaType", "Media Player");
Nalezeno : user_pref("CT3021023.RadioMenuSelectedID", "EBRadioMenu_CT302102321880437");
Nalezeno : user_pref("CT3021023.RadioShrinkedFromSetup", false);
Nalezeno : user_pref("CT3021023.RadioStationName", "California%20Rock%20-%20Rock");
Nalezeno : user_pref("CT3021023.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Nalezeno : user_pref("CT3021023.SavedHomepage", "hxxp://start.icq.com/");
Nalezeno : user_pref("CT3021023.SearchCaption", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CT3021023.SearchEngineBeforeUnload", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CT3021023.SearchFromAddressBarIsInit", true);
Nalezeno : user_pref("CT3021023.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT302[...]
Nalezeno : user_pref("CT3021023.SearchInNewTabEnabled", true);
Nalezeno : user_pref("CT3021023.SearchInNewTabIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.SearchInNewTabLastCheckTime", "Sun Feb 05 2012 17:34:13 GMT+0100");
Nalezeno : user_pref("CT3021023.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nalezeno : user_pref("CT3021023.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Nalezeno : user_pref("CT3021023.SearchProtectorEnabled", true);
Nalezeno : user_pref("CT3021023.SearchProtectorToolbarDisabled", false);
Nalezeno : user_pref("CT3021023.SendProtectorDataViaLogin", true);
Nalezeno : user_pref("CT3021023.ServiceMapLastCheckTime", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.SettingsLastCheckTime", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.SettingsLastUpdate", "1327132303");
Nalezeno : user_pref("CT3021023.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3021023&SearchSource=13");
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsInterval", 504);
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsLastCheck", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsLastUpdate", "1312887586");
Nalezeno : user_pref("CT3021023.ToolbarShrinkedFromSetup", false);
Nalezeno : user_pref("CT3021023.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3021023");
Nalezeno : user_pref("CT3021023.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Nalezeno : user_pref("CT3021023.UserID", "UN47459284026683324");
Nalezeno : user_pref("CT3021023.ValidationData_Toolbar", 1);
Nalezeno : user_pref("CT3021023.WeatherNetwork", "");
Nalezeno : user_pref("CT3021023.WeatherPollDate", "Sun Feb 05 2012 18:04:15 GMT+0100");
Nalezeno : user_pref("CT3021023.WeatherUnit", "C");
Nalezeno : user_pref("CT3021023.alertChannelId", "1412608");
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513203649046645000000paramsgk0", "7B22757064617465526[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000paramsgk0", "7B22757064617465526[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_followers[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_followers[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_following[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_following[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_home", "3[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_home_coun[...]
Nalezeno : user_pref("CT3021023.backendstorage.autocompletepro_enable", "31");
Nalezeno : user_pref("CT3021023.backendstorage.autocompletepro_enable_auto", "31");
Nalezeno : user_pref("CT3021023.backendstorage.cbfirsttime", "53756E2046656220303520323031322031373A33343A30332[...]
Nalezeno : user_pref("CT3021023.backendstorage.shoppingapp.gk.exipres", "4672692046656220313020323031322031373A[...]
Nalezeno : user_pref("CT3021023.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Nalezeno : user_pref("CT3021023.backendstorage.twittertemplate_3021023a129513207310749520000000_dailyactivity",[...]
Nalezeno : user_pref("CT3021023.backendstorage.twittertemplate_3021023a129513207310749520000000_lifetimesent", [...]
Nalezeno : user_pref("CT3021023.components.1000034", true);
Nalezeno : user_pref("CT3021023.components.1000234", true);
Nalezeno : user_pref("CT3021023.components.1000515", true);
Nalezeno : user_pref("CT3021023.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Nalezeno : user_pref("CT3021023.globalFirstTimeInfoLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.homepageProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3021023.initDone", true);
Nalezeno : user_pref("CT3021023.isAppTrackingManagerOn", true);
Nalezeno : user_pref("CT3021023.isFirstRadioInstallation", false);
Nalezeno : user_pref("CT3021023.myStuffEnabled", true);
Nalezeno : user_pref("CT3021023.myStuffPublihserMinWidth", 400);
Nalezeno : user_pref("CT3021023.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nalezeno : user_pref("CT3021023.myStuffServiceIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nalezeno : user_pref("CT3021023.revertSettingsEnabled", true);
Nalezeno : user_pref("CT3021023.searchProtectorDialogDelayInSec", 10);
Nalezeno : user_pref("CT3021023.searchProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3021023.testingCtid", "");
Nalezeno : user_pref("CT3021023.toolbarAppMetaDataLastCheckTime", "Sun Feb 05 2012 17:33:56 GMT+0100");
Nalezeno : user_pref("CT3021023.toolbarContextMenuLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.usagesFlag", 2);
Nalezeno : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3021023&Search[...]
Nalezeno : user_pref("CommunityToolbar.ConduitSearchList", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3021023/CT3021023[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1412608/1408264/CZ", "\"0\"[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3021023", [...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3021023",[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"cde[...]
Nalezeno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Marty\\AppData\\Roaming\\Mozilla\\F[...]
Nalezeno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Nalezeno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.avg.com/search?cid=%7Bda2[...]
Nalezeno : user_pref("CommunityToolbar.ToolbarsList", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList2", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList4", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.globalUserId", "5396c46a-bdcc-4693-94ee-558a82ea397c");
Nalezeno : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Feb 05 2012 17:33:5[...]
Nalezeno : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Feb 05 2012 17:34:13 GMT+010[...]
Nalezeno : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.locale", "en");
Nalezeno : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Feb 05 2012 17:33:56 GMT+0100");
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Nalezeno : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Nalezeno : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Nalezeno : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Nalezeno : user_pref("CommunityToolbar.notifications.userId", "5213eaf9-6f87-438e-87be-7fe4701e306b");
Nalezeno : user_pref("CommunityToolbar.originalHomepage", "hxxp://start.icq.com/");
Nalezeno : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Nalezeno : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Nalezeno : user_pref("browser.search.defaultthis.engineName", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3021023&Sea[...]
Nalezeno : user_pref("browser.search.order.1", "Search the web (Babylon)");
Nalezeno : user_pref("extensions.BabylonToolbar.admin", false);
Nalezeno : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar.babTrack", "affID=109980");
Nalezeno : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Nalezeno : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Nalezeno : user_pref("extensions.BabylonToolbar.hmpg", true);
Nalezeno : user_pref("extensions.BabylonToolbar.id", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar.instlDay", "15452");
Nalezeno : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=109980&babsrc=KW[...]
Nalezeno : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=109980&babsrc=NT_[...]
Nalezeno : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Nalezeno : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109980");
Nalezeno : user_pref("extensions.BabylonToolbar_i.hardId", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.id", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlDay", "15452");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", true);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1346767737);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "idnes||pokerman||bestpokertorrents||drag%20the%20bar||google%20p%C5[...]
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1278510864");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.itbsitescount", 0);
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 1);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.6.12");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.uniqueID", "127825000912782501921278510864493");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1328459634);
Nalezeno : user_pref("icqtoolbar.version", "2.0.0.4");
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [27796 octets] - [16/07/2013 17:56:19]
########## EOF - C:\AdwCleaner[R1].txt - [27857 octets] ##########
# AdwCleaner v2.305 - Log vytvooen 16/07/2013 v 17:56:19
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Marty - MARTY-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Marty\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\1ClickDownload
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\NCH
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\Users\Marty\AppData\Local\Babylon
Složka Nalezeno : C:\Users\Marty\AppData\Local\Conduit
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\AVG Security Toolbar
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Marty\AppData\LocalLow\NCH
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\ConduitCommon
Složka Nalezeno : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Soubor Nalezeno : C:\user.js
Soubor Nalezeno : C:\Users\Marty\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\NCH
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\ExpressFiles
Klíe Nalezeno : HKCU\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3041D03E-FD4B-44E0-B742-2D9B88305F98}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2DB4FE6-8409-45CE-8010-189A7B5CCE86}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT3021023
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\ExpressFiles
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EDCF4C04-27CF-4605-AEEB-9C0DECE1A03D}
Klíe Nalezeno : HKLM\Software\NCH
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EDCF4C04-27CF-4605-AEEB-9C0DECE1A03D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://isearch.avg.com/tab?cid={4214EEE2-9E72-47C5-AA50-1863013D2E9A}&mid=41ce938b7a1247d69ffdd16d5b26b5ee-3288f3b076cfe458ac710afe2cc86cf0929b3e9d&lang=cs&ds=AVG&pr=pr&d=2011-11-05 11:48:44&v=9.0.0.22&sap=nt
-\\ Mozilla Firefox v3.6.12 (en-US)
Soubor : C:\Users\Marty\AppData\Roaming\Mozilla\Firefox\Profiles\z849xsjq.default\prefs.js
Nalezeno : user_pref("CT3021023..clientLogIsEnabled", true);
Nalezeno : user_pref("CT3021023..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Nalezeno : user_pref("CT3021023..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Nalezeno : user_pref("CT3021023.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Nalezeno : user_pref("CT3021023.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Nalezeno : user_pref("CT3021023.AppTrackingLastCheckTime", "Sun Feb 05 2012 17:34:06 GMT+0100");
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_1000515", true);
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_129684820469411022", true);
Nalezeno : user_pref("CT3021023.BrowserCompStateIsOpen_129695278345261195", true);
Nalezeno : user_pref("CT3021023.CT3021023", "CT3021023");
Nalezeno : user_pref("CT3021023.CurrentServerDate", "5-2-2012");
Nalezeno : user_pref("CT3021023.DSInstall", true);
Nalezeno : user_pref("CT3021023.DialogsAlignMode", "LTR");
Nalezeno : user_pref("CT3021023.DialogsGetterLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.DownloadReferralCookieData", "");
Nalezeno : user_pref("CT3021023.EMailNotifierPollDate", "Sun Feb 05 2012 18:14:15 GMT+0100");
Nalezeno : user_pref("CT3021023.FirstServerDate", "5-2-2012");
Nalezeno : user_pref("CT3021023.FirstTime", true);
Nalezeno : user_pref("CT3021023.FirstTimeFF3", true);
Nalezeno : user_pref("CT3021023.FixPageNotFoundErrors", true);
Nalezeno : user_pref("CT3021023.GroupingServerCheckInterval", 1440);
Nalezeno : user_pref("CT3021023.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Nalezeno : user_pref("CT3021023.HPInstall", true);
Nalezeno : user_pref("CT3021023.HasUserGlobalKeys", true);
Nalezeno : user_pref("CT3021023.HomePageProtectorEnabled", true);
Nalezeno : user_pref("CT3021023.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT3021023&SearchSource=[...]
Nalezeno : user_pref("CT3021023.Initialize", true);
Nalezeno : user_pref("CT3021023.InitializeCommonPrefs", true);
Nalezeno : user_pref("CT3021023.InstallationAndCookieDataSentCount", 1);
Nalezeno : user_pref("CT3021023.InstallationType", "ConduitIntegration");
Nalezeno : user_pref("CT3021023.InstalledDate", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.InvalidateCache", false);
Nalezeno : user_pref("CT3021023.IsGrouping", false);
Nalezeno : user_pref("CT3021023.IsInitSetupIni", true);
Nalezeno : user_pref("CT3021023.IsMulticommunity", false);
Nalezeno : user_pref("CT3021023.IsOpenThankYouPage", true);
Nalezeno : user_pref("CT3021023.IsOpenUninstallPage", true);
Nalezeno : user_pref("CT3021023.IsProtectorsInit", true);
Nalezeno : user_pref("CT3021023.LanguagePackLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.LanguagePackReloadIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Nalezeno : user_pref("CT3021023.LastLogin_3.8.1.0", "Sun Feb 05 2012 17:34:13 GMT+0100");
Nalezeno : user_pref("CT3021023.LatestVersion", "3.9.0.3");
Nalezeno : user_pref("CT3021023.Locale", "en");
Nalezeno : user_pref("CT3021023.MCDetectTooltipHeight", "83");
Nalezeno : user_pref("CT3021023.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Nalezeno : user_pref("CT3021023.MCDetectTooltipWidth", "295");
Nalezeno : user_pref("CT3021023.MyStuffEnabledAtInstallation", true);
Nalezeno : user_pref("CT3021023.OriginalFirstVersion", "3.8.1.0");
Nalezeno : user_pref("CT3021023.RadioIsPodcast", false);
Nalezeno : user_pref("CT3021023.RadioLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.RadioLastUpdateIPServer", "3");
Nalezeno : user_pref("CT3021023.RadioLastUpdateServer", "129513331499700000");
Nalezeno : user_pref("CT3021023.RadioMediaID", "21880437");
Nalezeno : user_pref("CT3021023.RadioMediaType", "Media Player");
Nalezeno : user_pref("CT3021023.RadioMenuSelectedID", "EBRadioMenu_CT302102321880437");
Nalezeno : user_pref("CT3021023.RadioShrinkedFromSetup", false);
Nalezeno : user_pref("CT3021023.RadioStationName", "California%20Rock%20-%20Rock");
Nalezeno : user_pref("CT3021023.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Nalezeno : user_pref("CT3021023.SavedHomepage", "hxxp://start.icq.com/");
Nalezeno : user_pref("CT3021023.SearchCaption", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CT3021023.SearchEngineBeforeUnload", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CT3021023.SearchFromAddressBarIsInit", true);
Nalezeno : user_pref("CT3021023.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT302[...]
Nalezeno : user_pref("CT3021023.SearchInNewTabEnabled", true);
Nalezeno : user_pref("CT3021023.SearchInNewTabIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.SearchInNewTabLastCheckTime", "Sun Feb 05 2012 17:34:13 GMT+0100");
Nalezeno : user_pref("CT3021023.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Nalezeno : user_pref("CT3021023.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Nalezeno : user_pref("CT3021023.SearchProtectorEnabled", true);
Nalezeno : user_pref("CT3021023.SearchProtectorToolbarDisabled", false);
Nalezeno : user_pref("CT3021023.SendProtectorDataViaLogin", true);
Nalezeno : user_pref("CT3021023.ServiceMapLastCheckTime", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.SettingsLastCheckTime", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.SettingsLastUpdate", "1327132303");
Nalezeno : user_pref("CT3021023.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3021023&SearchSource=13");
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsInterval", 504);
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsLastCheck", "Sun Feb 05 2012 17:33:54 GMT+0100");
Nalezeno : user_pref("CT3021023.ThirdPartyComponentsLastUpdate", "1312887586");
Nalezeno : user_pref("CT3021023.ToolbarShrinkedFromSetup", false);
Nalezeno : user_pref("CT3021023.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3021023");
Nalezeno : user_pref("CT3021023.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Nalezeno : user_pref("CT3021023.UserID", "UN47459284026683324");
Nalezeno : user_pref("CT3021023.ValidationData_Toolbar", 1);
Nalezeno : user_pref("CT3021023.WeatherNetwork", "");
Nalezeno : user_pref("CT3021023.WeatherPollDate", "Sun Feb 05 2012 18:04:15 GMT+0100");
Nalezeno : user_pref("CT3021023.WeatherUnit", "C");
Nalezeno : user_pref("CT3021023.alertChannelId", "1412608");
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513203649046645000000paramsgk0", "7B22757064617465526[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000paramsgk0", "7B22757064617465526[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_followers[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_followers[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_following[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_following[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_home", "3[...]
Nalezeno : user_pref("CT3021023.backendstorage.3021023a129513207310749520000000twittertemplate_notify_home_coun[...]
Nalezeno : user_pref("CT3021023.backendstorage.autocompletepro_enable", "31");
Nalezeno : user_pref("CT3021023.backendstorage.autocompletepro_enable_auto", "31");
Nalezeno : user_pref("CT3021023.backendstorage.cbfirsttime", "53756E2046656220303520323031322031373A33343A30332[...]
Nalezeno : user_pref("CT3021023.backendstorage.shoppingapp.gk.exipres", "4672692046656220313020323031322031373A[...]
Nalezeno : user_pref("CT3021023.backendstorage.shoppingapp.gk.geolocation", "637A6563682072657075626C6963");
Nalezeno : user_pref("CT3021023.backendstorage.twittertemplate_3021023a129513207310749520000000_dailyactivity",[...]
Nalezeno : user_pref("CT3021023.backendstorage.twittertemplate_3021023a129513207310749520000000_lifetimesent", [...]
Nalezeno : user_pref("CT3021023.components.1000034", true);
Nalezeno : user_pref("CT3021023.components.1000234", true);
Nalezeno : user_pref("CT3021023.components.1000515", true);
Nalezeno : user_pref("CT3021023.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Nalezeno : user_pref("CT3021023.globalFirstTimeInfoLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.homepageProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3021023.initDone", true);
Nalezeno : user_pref("CT3021023.isAppTrackingManagerOn", true);
Nalezeno : user_pref("CT3021023.isFirstRadioInstallation", false);
Nalezeno : user_pref("CT3021023.myStuffEnabled", true);
Nalezeno : user_pref("CT3021023.myStuffPublihserMinWidth", 400);
Nalezeno : user_pref("CT3021023.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Nalezeno : user_pref("CT3021023.myStuffServiceIntervalMM", 1440);
Nalezeno : user_pref("CT3021023.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Nalezeno : user_pref("CT3021023.revertSettingsEnabled", true);
Nalezeno : user_pref("CT3021023.searchProtectorDialogDelayInSec", 10);
Nalezeno : user_pref("CT3021023.searchProtectorEnableByLogin", true);
Nalezeno : user_pref("CT3021023.testingCtid", "");
Nalezeno : user_pref("CT3021023.toolbarAppMetaDataLastCheckTime", "Sun Feb 05 2012 17:33:56 GMT+0100");
Nalezeno : user_pref("CT3021023.toolbarContextMenuLastCheckTime", "Sun Feb 05 2012 17:33:57 GMT+0100");
Nalezeno : user_pref("CT3021023.usagesFlag", 2);
Nalezeno : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3021023&Search[...]
Nalezeno : user_pref("CommunityToolbar.ConduitSearchList", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3021023/CT3021023[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1412608/1408264/CZ", "\"0\"[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3021023", [...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3021023",[...]
Nalezeno : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"cde[...]
Nalezeno : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Marty\\AppData\\Roaming\\Mozilla\\F[...]
Nalezeno : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0");
Nalezeno : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.avg.com/search?cid=%7Bda2[...]
Nalezeno : user_pref("CommunityToolbar.ToolbarsList", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList2", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.ToolbarsList4", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.globalUserId", "5396c46a-bdcc-4693-94ee-558a82ea397c");
Nalezeno : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Nalezeno : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3021023");
Nalezeno : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Feb 05 2012 17:33:5[...]
Nalezeno : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Nalezeno : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Feb 05 2012 17:34:13 GMT+010[...]
Nalezeno : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.locale", "en");
Nalezeno : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Feb 05 2012 17:33:56 GMT+0100");
Nalezeno : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Nalezeno : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Nalezeno : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Nalezeno : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Nalezeno : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Nalezeno : user_pref("CommunityToolbar.notifications.userId", "5213eaf9-6f87-438e-87be-7fe4701e306b");
Nalezeno : user_pref("CommunityToolbar.originalHomepage", "hxxp://start.icq.com/");
Nalezeno : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Nalezeno : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Nalezeno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Nalezeno : user_pref("browser.search.defaultthis.engineName", "brothersoft afc Customized Web Search");
Nalezeno : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3021023&Sea[...]
Nalezeno : user_pref("browser.search.order.1", "Search the web (Babylon)");
Nalezeno : user_pref("extensions.BabylonToolbar.admin", false);
Nalezeno : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar.babTrack", "affID=109980");
Nalezeno : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Nalezeno : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Nalezeno : user_pref("extensions.BabylonToolbar.hmpg", true);
Nalezeno : user_pref("extensions.BabylonToolbar.id", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar.instlDay", "15452");
Nalezeno : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=109980&babsrc=KW[...]
Nalezeno : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=109980&babsrc=NT_[...]
Nalezeno : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Nalezeno : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babExt", "");
Nalezeno : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109980");
Nalezeno : user_pref("extensions.BabylonToolbar_i.hardId", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.id", "fcc193f800000000000000ffa4db18e9");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlDay", "15452");
Nalezeno : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Nalezeno : user_pref("extensions.BabylonToolbar_i.newTab", false);
Nalezeno : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Nalezeno : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Nalezeno : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Nalezeno : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Nalezeno : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1714:05:09");
Nalezeno : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.engineVerified", true);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1346767737);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "idnes||pokerman||bestpokertorrents||drag%20the%20bar||google%20p%C5[...]
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1278510864");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.itbsitescount", 0);
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 1);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.6.12");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.uniqueID", "127825000912782501921278510864493");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1328459634);
Nalezeno : user_pref("icqtoolbar.version", "2.0.0.4");
-\\ Google Chrome v28.0.1500.72
Soubor : C:\Users\Marty\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [27796 octets] - [16/07/2013 17:56:19]
########## EOF - C:\AdwCleaner[R1].txt - [27857 octets] ##########
Re: Spousta havěti
Napsal: 16 črc 2013 16:58
Pomalu ale jiste to osekavame 
Spustte znovu AdwCleaner
- Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
- Kliknete na Smazat
- PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem