VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosím o pomoc s odstraněním havěti

https://forum.viry.cz:443/viewtopic.php?t=123535

Stránka 1 z 1

prosím o pomoc s odstraněním havěti

Napsal: 09 srp 2012 11:39
od trenzik
Logfile of random's system information tool 1.09 (written by random/random)
Run by trenzik at 2012-08-09 12:32:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (6%) free of 130 GB
Total RAM: 8175 MB (68% free)


======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {14469BE0-64F7-4E1D-BC13-A0A792FEF948}
"taskhost.exe"
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe"
"C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe"
\??\C:\Windows\system32\conhost.exe "3414525991922957947-465871175485493302-295373634978526021810000652877236139
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"
"C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe" /replace
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe"
\??\C:\Windows\system32\conhost.exe "125584192-197176219015461814971475690481-134285509-11709674051099819318564362043
"G:\torrent\Dead.Island.CZ.Update1.Repack-TiELK\Dead Island CZ.exe"
"G:\torrent\Dead.Island.CZ.Update1.Repack-TiELK\Dead Island CZ.exe"
explorer.exe
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" DFROMKITAUTOUPDATE
"C:\Program Files (x86)\The KMPlayer\KMPlayer.exe" "C:\Users\trenzik\AppData\Local\Temp\Digitally Imported - DJ Mixes.pls"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6756.13e392f0.1645052336 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6756 "\\.\pipe\gecko-crash-server-pipe.6756" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe" --proxy-stub-channel=Flash6096.5D55EFA0.41 --host-broker-channel=Flash6096.5D55EFA0.18467 --host-pid=6096 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe" --channel=1640.002EF61C.750171733 --proxy-stub-channel=Flash6096.5D55EFA0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe382_ Global\UsGthrCtrlFltPipeMssGthrPipe382 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\trenzik\Downloads\RSITx64.exe"
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 4325E86B-9179-9B27-6B6E-3CBE89AFABCA -Reinvoke
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://utils.chatzum.com/?url="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
flashplayer.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\extensions\
centrumpomocnik@centrum.cz
foxmarks@kei.com

C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\
conduit.xml
search-web.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-02 545192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-02 193456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-04-05 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C93F72A2-2162-4BBA-A07A-F13663C297A6}]
Vizuální záložky - C:\Program Files (x86)\Yandex\YandexBarIE\fastdial.dll [2011-10-13 2697528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}]
YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26 1213832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
XBTBPos00 Class - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll [2012-06-14 2671944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-07-03 1387952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Yandex.Bar - C:\Program Files (x86)\Yandex\YandexBarIE\yndbar.dll [2011-10-20 12336440]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-07-03 1160792]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - ChatZum Toolbar - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll [2012-06-14 2671944]
{F3FEE66E-E034-436a-86E4-9690573BEE8A} - YTD Toolbar - C:\Program Files (x86)\YTD Toolbar\IE\6.2\ytdToolbarIE.dll [2012-07-26 1213832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-11 11776104]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-03 17417392]
"MobileDocuments"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [2012-02-23 59240]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Facebook Update"=C:\Users\trenzik\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"uTorrent"=C:\Program Files (x86)\uTorrent\uTorrent.exe [2012-05-20 880496]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2012-02-23 59240]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2012-02-24 59240]
"com.apple.dav.bookmarks.daemon"=C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [2012-02-23 59240]
"Google Update"=C:\Users\trenzik\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-03 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-07-03 4273976]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-05-30 59280]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-04-18 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-06-07 421776]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2012-07-26 1095560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe

C:\Users\trenzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Messenger.lnk - C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2012-08-09 12:32:20 ----D---- C:\rsit
2012-08-09 12:32:20 ----D---- C:\Program Files\trend micro
2012-08-06 20:49:32 ----D---- C:\Program Files (x86)\YTD Toolbar
2012-08-06 20:49:32 ----D---- C:\Program Files (x86)\Application Updater
2012-08-06 20:49:28 ----SHD---- C:\Config.Msi
2012-07-25 07:43:32 ----D---- C:\ProgramData\Ask
2012-07-12 03:04:30 ----A---- C:\Windows\system32\win32k.sys
2012-07-12 03:01:21 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-12 03:01:21 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-12 03:01:20 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-12 03:01:20 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-12 03:01:20 ----A---- C:\Windows\system32\urlmon.dll
2012-07-12 03:01:20 ----A---- C:\Windows\system32\url.dll
2012-07-12 03:01:20 ----A---- C:\Windows\system32\iertutil.dll
2012-07-12 03:01:19 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-12 03:01:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-12 03:01:19 ----A---- C:\Windows\system32\ieui.dll
2012-07-12 03:01:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-12 03:01:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-12 03:01:18 ----A---- C:\Windows\system32\wininet.dll
2012-07-12 03:01:18 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-12 03:01:18 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-12 03:01:17 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-12 03:01:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-12 03:01:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-12 03:01:17 ----A---- C:\Windows\system32\jscript9.dll
2012-07-12 03:01:17 ----A---- C:\Windows\system32\jscript.dll
2012-07-12 03:01:16 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-12 03:01:15 ----A---- C:\Windows\system32\mshtml.dll
2012-07-12 03:01:13 ----A---- C:\Windows\system32\ieframe.dll
2012-07-12 03:01:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-11 08:30:07 ----A---- C:\Windows\system32\msxml6.dll
2012-07-11 08:30:07 ----A---- C:\Windows\system32\msxml3.dll
2012-07-11 08:30:06 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-11 08:30:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-07-11 08:30:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-11 08:30:06 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-11 08:30:02 ----A---- C:\Windows\system32\shell32.dll
2012-07-11 08:30:00 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-11 08:29:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-11 08:29:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-11 08:29:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-11 08:29:58 ----A---- C:\Windows\system32\schannel.dll
2012-07-11 08:29:58 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-11 08:29:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-11 08:29:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-11 08:29:58 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-11 08:29:57 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-11 08:29:56 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-07-11 08:29:54 ----A---- C:\Windows\system32\cdosys.dll
2012-07-02 13:27:09 ----D---- C:\Program Files (x86)\ChatZum Toolbar
2012-07-02 13:26:58 ----D---- C:\Users\trenzik\AppData\Roaming\Skinux
2012-07-02 13:26:25 ----D---- C:\Users\trenzik\AppData\Roaming\Arcsoft
2012-07-02 13:26:17 ----D---- C:\ProgramData\ArcSoft
2012-07-02 13:25:51 ----D---- C:\Program Files (x86)\ArcSoft
2012-07-02 13:24:03 ----D---- C:\Program Files (x86)\Kodak
2012-07-02 13:23:16 ----D---- C:\ProgramData\Kodak
2012-07-02 12:58:10 ----A---- C:\Windows\system32\npDeployJava1.dll
2012-07-02 12:58:10 ----A---- C:\Windows\system32\javaws.exe
2012-07-02 12:58:10 ----A---- C:\Windows\system32\deployJava1.dll
2012-07-02 12:58:05 ----A---- C:\Windows\system32\javaw.exe
2012-07-02 12:58:05 ----A---- C:\Windows\system32\java.exe
2012-07-02 12:57:59 ----D---- C:\Program Files\Java
2012-06-25 16:04:24 ----A---- C:\Windows\SYSWOW64\msxml4.dll
2012-06-21 09:49:12 ----A---- C:\Windows\system32\wups2.dll
2012-06-21 09:49:11 ----A---- C:\Windows\system32\wucltux.dll
2012-06-21 09:49:11 ----A---- C:\Windows\system32\wuaueng.dll
2012-06-21 09:49:11 ----A---- C:\Windows\system32\wuauclt.exe
2012-06-21 09:48:59 ----A---- C:\Windows\system32\wups.dll
2012-06-21 09:48:58 ----A---- C:\Windows\system32\wudriver.dll
2012-06-21 09:48:58 ----A---- C:\Windows\system32\wuapi.dll
2012-06-21 09:48:39 ----A---- C:\Windows\system32\wuwebv.dll
2012-06-21 09:48:39 ----A---- C:\Windows\system32\wuapp.exe
2012-06-14 22:44:20 ----A---- C:\chatzum.exe
2012-06-14 09:32:37 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-06-14 09:32:37 ----A---- C:\Windows\system32\rdpwsx.dll
2012-06-14 09:32:37 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-06-14 09:32:33 ----A---- C:\Windows\system32\profsvc.dll
2012-06-14 09:32:32 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-06-14 09:32:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-06-14 09:32:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-06-14 09:32:27 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-06-14 09:32:26 ----A---- C:\Windows\SYSWOW64\msi.dll
2012-06-14 09:32:26 ----A---- C:\Windows\system32\msi.dll
2012-06-14 09:32:23 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2012-06-14 09:32:23 ----A---- C:\Windows\system32\crypt32.dll
2012-06-14 09:32:22 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2012-06-14 09:32:22 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2012-06-14 09:32:22 ----A---- C:\Windows\system32\cryptsvc.dll
2012-06-14 09:32:22 ----A---- C:\Windows\system32\cryptnet.dll
2012-06-13 21:13:57 ----D---- C:\Program Files\iTunes
2012-06-13 21:13:57 ----D---- C:\Program Files\iPod
2012-06-13 21:13:57 ----D---- C:\Program Files (x86)\iTunes
2012-06-13 21:11:27 ----D---- C:\Program Files (x86)\QuickTime
2012-05-31 13:32:46 ----HDC---- C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2012-05-23 10:27:56 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvoglv64.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvinitx.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvhdap64.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvdecodemft.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvcuvid.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvcuvenc.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvcuda.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\nvcompiler.dll
2012-05-23 10:27:56 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2012-05-23 10:27:56 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2012-05-21 13:03:20 ----D---- C:\ProgramData\McAfee Security Scan
2012-05-21 13:03:20 ----D---- C:\ProgramData\McAfee
2012-05-21 13:03:17 ----D---- C:\ProgramData\YTD YouTube Downloader & Converter
2012-05-21 13:03:17 ----D---- C:\Program Files (x86)\McAfee Security Scan
2012-05-20 11:40:17 ----D---- C:\ProgramData\DDJ_ASIO_Driver
2012-05-20 11:37:42 ----D---- C:\Program Files (x86)\drv
2012-05-20 11:36:40 ----D---- C:\Program Files (x86)\DENON_DJ
2012-05-17 14:29:49 ----D---- C:\ProgramData\Native Instruments
2012-05-17 14:29:47 ----D---- C:\Program Files\Common Files\Native Instruments
2012-05-15 02:21:50 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2012-05-10 07:02:33 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-05-10 07:02:33 ----A---- C:\Windows\system32\DWrite.dll
2012-05-10 07:01:29 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-10 07:00:43 ----A---- C:\Windows\system32\drivers\tcpip.sys

======List of files/folders modified in the last 3 months======

2012-08-09 12:32:27 ----D---- C:\Windows\Prefetch
2012-08-09 12:32:23 ----D---- C:\Windows\Temp
2012-08-09 12:32:20 ----RD---- C:\Program Files
2012-08-09 12:31:08 ----D---- C:\Users\trenzik\AppData\Roaming\uTorrent
2012-08-09 12:03:07 ----D---- C:\Users\trenzik\AppData\Roaming\Skype
2012-08-09 11:56:31 ----SHD---- C:\System Volume Information
2012-08-09 10:20:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-08-09 09:39:22 ----D---- C:\Windows\system32\config
2012-08-08 12:51:36 ----HD---- C:\ProgramData
2012-08-07 09:56:53 ----D---- C:\Windows
2012-08-06 20:49:38 ----SHD---- C:\Windows\Installer
2012-08-06 20:49:32 ----RD---- C:\Program Files (x86)
2012-08-06 20:49:32 ----D---- C:\Program Files (x86)\Common Files
2012-08-05 20:51:03 ----D---- C:\Windows\System32
2012-08-05 20:51:03 ----D---- C:\Windows\inf
2012-08-05 20:51:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-03 14:39:33 ----D---- C:\Users\trenzik\AppData\Roaming\Mozilla
2012-08-03 09:48:06 ----D---- C:\Windows\SysWOW64
2012-08-03 09:48:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-07-30 11:54:18 ----D---- C:\Windows\system32\FxsTmp
2012-07-26 14:29:28 ----D---- C:\ProgramData\NVIDIA
2012-07-26 08:47:56 ----D---- C:\ProgramData\Skype
2012-07-25 21:09:38 ----D---- C:\Users\trenzik\AppData\Roaming\vlc
2012-07-25 20:35:10 ----D---- C:\Windows\system32\NDF
2012-07-25 11:45:43 ----RD---- C:\Program Files (x86)\Skype
2012-07-25 07:43:50 ----D---- C:\Program Files (x86)\The KMPlayer
2012-07-16 13:41:12 ----D---- C:\Windows\system32\drivers
2012-07-15 14:11:17 ----D---- C:\Windows\system32\catroot2
2012-07-15 09:25:32 ----A---- C:\Windows\NeroDigital.ini
2012-07-12 03:22:37 ----D---- C:\Windows\winsxs
2012-07-12 03:20:00 ----D---- C:\Windows\SYSWOW64\migration
2012-07-12 03:20:00 ----D---- C:\Windows\system32\migration
2012-07-12 03:20:00 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-12 03:19:59 ----D---- C:\Program Files\Internet Explorer
2012-07-12 03:04:38 ----D---- C:\Windows\system32\catroot
2012-07-12 03:04:03 ----D---- C:\ProgramData\Microsoft Help
2012-07-12 03:02:16 ----A---- C:\Windows\system32\MRT.exe
2012-07-10 21:00:50 ----D---- C:\Windows\Tasks
2012-07-10 21:00:50 ----D---- C:\Windows\system32\Tasks
2012-07-03 18:21:28 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-07-03 18:21:18 ----A---- C:\Windows\system32\aswBoot.exe
2012-07-02 16:22:03 ----D---- C:\Windows\rescache
2012-07-02 14:03:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-07-02 13:58:39 ----A---- C:\Windows\ntbtlog.txt
2012-07-02 13:25:25 ----D---- C:\Windows\system32\DriverStore
2012-07-02 13:24:48 ----RSD---- C:\Windows\assembly
2012-07-01 11:11:25 ----D---- C:\Windows\system32\cs-CZ
2012-06-26 19:30:29 ----D---- C:\Windows\Minidump
2012-06-15 03:35:51 ----D---- C:\Windows\Microsoft.NET
2012-06-15 03:23:36 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-06-13 12:35:25 ----D---- C:\Users\trenzik\AppData\Roaming\Apple Computer
2012-05-31 12:25:12 ----N---- C:\Windows\system32\MpSigStub.exe
2012-05-23 10:30:26 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-05-23 10:28:30 ----D---- C:\Program Files\NVIDIA Corporation
2012-05-21 21:52:06 ----SD---- C:\Users\trenzik\AppData\Roaming\Microsoft
2012-05-21 20:19:37 ----D---- C:\Program Files (x86)\TaxEdit2
2012-05-21 13:03:14 ----D---- C:\ProgramData\YouTube Downloader
2012-05-21 13:03:13 ----D---- C:\Program Files (x86)\YouTube Downloader
2012-05-20 11:20:54 ----D---- C:\Program Files (x86)\uTorrent
2012-05-17 14:29:47 ----D---- C:\Program Files\Common Files
2012-05-17 14:10:18 ----D---- C:\Program Files (x86)\Native Instruments
2012-05-15 12:48:00 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2012-05-15 12:48:00 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2012-05-15 12:48:00 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2012-05-15 12:48:00 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\OpenCL.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvumdshimx.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvgenco64.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvdispco64.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvd3dumx.dll
2012-05-15 12:48:00 ----A---- C:\Windows\system32\nvapi64.dll
2012-05-15 11:29:47 ----A---- C:\Windows\system32\nvvsvc.exe
2012-05-15 11:29:46 ----A---- C:\Windows\system32\nvsvcr.dll
2012-05-15 11:29:46 ----A---- C:\Windows\system32\nvshext.dll
2012-05-15 11:29:46 ----A---- C:\Windows\system32\nvmctray.dll
2012-05-15 11:29:25 ----A---- C:\Windows\system32\nvsvc64.dll
2012-05-15 11:28:42 ----A---- C:\Windows\system32\nvcpl.dll
2012-05-11 03:01:03 ----D---- C:\Program Files\Windows Journal
2012-05-10 06:48:11 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-12-01 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-12-01 15920]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-07-03 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-07-03 958400]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-07-03 355856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-07-03 59728]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-13 279616]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-07-03 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-06 1847296]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\Windows\System32\Drivers\EtronHub3.sys [2011-03-07 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\Windows\System32\Drivers\EtronXHCI.sys [2011-03-07 65280]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-11 2739176]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2010-08-31 14648]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2011-03-18 74376]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2011-03-18 85384]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-01-16 25640]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2011-05-10 22528]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-05-24 55184]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2012-07-26 794560]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-07-03 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-04-06 624856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-01-03 76888]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-06-07 936848]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-13 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-13 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-06 129976]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-17 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: prosím o pomoc s odstraněním havěti

Napsal: 09 srp 2012 14:11
od vyosek
Zdravim a pekny den preji :)

:arrow: Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

:arrow: Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
  • Zaskrtnete okenko Pro vsechny uzivatele
  • Zaskrtnete okenko Kontrola na havet "LOP"
  • Zaskrtnete okenko Kontrola na havet "Purity"
  • Stari souboru zmente z 30 dnu na 7 dnu
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s
  • Kliknete na tlacitko Prohledat
  • Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Re: prosím o pomoc s odstraněním havěti

Napsal: 10 srp 2012 14:33
od trenzik
díky moc!!! nevejde se sem celá zpráva tak aspoň část.

OTL Extras logfile created on: 10.8.2012 11:27:56 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\trenzik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 4,89 Gb Available Physical Memory | 61,27% Memory free
15,97 Gb Paging File | 11,11 Gb Available in Paging File | 69,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 126,89 Gb Total Space | 7,63 Gb Free Space | 6,01% Space Free | Partition Type: NTFS
Drive D: | 171,20 Gb Total Space | 8,17 Gb Free Space | 4,77% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 1015,62 Gb Free Space | 72,69% Space Free | Partition Type: NTFS

Computer Name: TRENZIK-PC | User Name: trenzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E9ED266-7B45-4221-A66D-541161C06684}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{15CFF538-2185-47A2-9897-3890126E6F09}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22269BBD-BBF5-48C2-A80A-96F08E47BA22}" = rport=10243 | protocol=6 | dir=out | app=system |
"{311D09EB-34E4-4846-9A70-0A825AC8E525}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3148F43F-0A76-4810-97C9-3CB0457095C5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32D32B7B-2CB9-4D49-BF0B-85DD598767C1}" = lport=139 | protocol=6 | dir=in | app=system |
"{3D7E3C7E-6B6F-4072-9119-DAE47DA61654}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5BF60E73-AF1B-4367-8E97-6A1813E8DD5E}" = rport=138 | protocol=17 | dir=out | app=system |
"{6609B728-3470-418E-913B-6C75684192E7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6B2B7668-B9BE-4C5C-9158-716D33DE637F}" = lport=445 | protocol=6 | dir=in | app=system |
"{724556F6-C534-4FE4-8174-C7894D2AABDB}" = rport=139 | protocol=6 | dir=out | app=system |
"{78B90733-2546-449F-AFF1-150A4E25A87D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{93CD6CA2-14D0-4DD7-9CAF-7A19E707A219}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{97BC73AC-BF63-41FB-89F7-DA7AB4D7EDAE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A95B169B-B73A-48CE-8BB0-F27B409376B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AC956BCD-33FB-4DE9-B3B8-C5ADA2C2B8E5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BF7CF55F-3BEC-4FCF-832B-F822DE7D577C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C155F5EA-F5E9-4524-BC63-F618C622BB62}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{C4F01E39-9B06-41C0-BB06-5AEF426923C5}" = rport=137 | protocol=17 | dir=out | app=system |
"{D7CE0E99-BEB7-4E32-B7C6-A5F37B3638BE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE4F565B-842D-4DD0-8CD0-CA18BEE9D6E7}" = lport=138 | protocol=17 | dir=in | app=system |
"{E5D3C72E-D306-4321-A4CD-1FA36DD9C345}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E9369FE3-DBF5-4205-A869-5567EA648D2C}" = lport=137 | protocol=17 | dir=in | app=system |
"{ED6DB87D-053D-41AD-A56A-E2590BD80085}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{027D4884-1F83-4C2F-8574-B809C4A4D3B2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0F0910A4-C84D-4B9A-9CD0-0FA08438AE7D}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{0F47BC4A-FE5E-4C86-8AE5-EF753F593B47}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1781F597-4971-4801-B3DB-D3BB0DFEA811}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{1D0A056E-F731-419D-A504-6EEEDAEB8AA0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2491C340-8728-4AA1-BBA1-98943A17EA31}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{3193F5C9-FE20-4F50-8D27-3E60D9383DDB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{335EC12D-37C5-4EF4-80B0-66755D372F23}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{341D9724-FD9B-4CBB-8EDB-930AB730CA9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{378421A2-7F8D-4E74-B057-E9C030E53D73}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{37BAF0F6-8356-4437-8D1A-F5987CE34B38}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{3B445C18-1BDB-483D-ABC1-5C62BAF07CBA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{3C15995A-A3EA-4150-BEE8-61A9E269BB0E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{419264FE-2594-4942-A2E1-6F48F5D98463}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4F1C12B2-E09D-4E66-90CE-53C723A786E2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{501EEE71-7138-4DBA-B4CB-4A94460FD176}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{50CEE0F3-C6E8-498A-BD11-01D04407F2F2}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{53689078-D0D9-4651-B0BA-E11AB5AAC592}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{620DFD87-A1D0-49B2-B134-61A496BA6F06}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{65500D41-52BB-4028-A906-BEB1A3C501D7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{673E5138-6095-4935-977F-8C082537361D}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{6D976619-907E-481A-A050-7B2B91372402}" = protocol=17 | dir=in | app=c:\users\trenzik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{6ED1D4B5-7DBE-45E9-825D-B08466DB2959}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{6FD40463-6F94-4356-9901-C9C8EE9BAAA1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{78F6E106-B24B-44D4-92B7-9651CA53A8DE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{83138E90-1AE0-4433-9F3E-6238343F305B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8ACB58C0-FBA9-4120-B257-47DC21D26DAB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{8BBDDF4D-952A-4E78-ACCD-446DDAD0E0E3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E1B4B10-7AD0-4446-A1B1-49E9ACCD564E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{94606098-3049-47A4-A2CA-0B0CA03FBF53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A0B6361E-38FC-4745-BF91-25D54AB12F90}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{A5954D38-8DFF-4CCE-B507-8F6DF02C4003}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A95BD198-F643-4D2E-A659-4ECADF1D474C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB102BCE-FCF9-4904-9719-71496BC25D92}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B348D021-38F6-40B8-BC05-2737DC772F2E}" = protocol=6 | dir=in | app=c:\users\trenzik\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{CC50AD90-2A37-49C5-8648-FE23DC50312E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CCDDBE22-172C-4CA4-AF24-06F0C6CA2FCE}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D24DB95A-C8CD-4BA2-B64C-C49F76E58722}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\soft602\langserv.exe |
"{D2F1FA31-6F9F-4036-99C6-772CB5039500}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7F402D3-554F-4B2D-9F97-09B56C9101CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9025BF5-0F8B-44CE-8FCA-83EBE9A9ABBD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA1064D2-58AF-4B09-AA3B-CF48B4820452}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DFBAFCE4-7231-4011-AFC3-D69E138F4F44}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E0D517DD-6E30-44EF-933F-5E8A2BFD69EA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{F5946974-1E53-488C-A278-8F550B96AB2B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F64460F6-0DD5-4B3F-9979-17DB7315449E}" = protocol=6 | dir=out | app=system |
"{FBF6C577-2334-4FA5-B184-68AE4DF4E41D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{FC4D535C-1674-479B-8136-0FAF1B439833}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"TCP Query User{03BDA546-4568-4667-A7B5-A9F21F2A5661}C:\windows\keygen.exe" = protocol=6 | dir=in | app=c:\windows\keygen.exe |
"TCP Query User{2B107514-C4B4-438A-9970-08463077CF9A}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{452D4597-0671-4200-AD6A-6D34B0C478BD}G:\torrent\dead.island.cz.update1.repack-tielk\dead island cz\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=g:\torrent\dead.island.cz.update1.repack-tielk\dead island cz\dead island\deadislandgame.exe |
"TCP Query User{66F5AB82-2C4C-48D6-9986-E53BB0638CC1}C:\program files (x86)\gigabyte\@bios\gbtupd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gbtupd.exe |
"TCP Query User{A0155C52-E507-4053-BC44-C8E13719CCFA}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{C96768C6-E1EC-40BC-8052-58608A249DA2}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{D0F8B42C-BA10-47FB-80F4-057A984CA4EE}C:\program files (x86)\gigabyte\@bios\updexe.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\updexe.exe |
"UDP Query User{06EA16CA-E6BB-46FF-89FA-D8552BC37250}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{224C38A3-037E-4E02-8937-1F49A1F01C49}C:\program files (x86)\gigabyte\@bios\updexe.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\updexe.exe |
"UDP Query User{2FC7DEBF-230D-4B61-99C3-6D41154F9703}C:\windows\keygen.exe" = protocol=17 | dir=in | app=c:\windows\keygen.exe |
"UDP Query User{62D320A5-BB43-4C0F-B7C6-2F24FD17E49C}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{99CDE0B1-646F-42E8-842D-A245604E39AE}G:\torrent\dead.island.cz.update1.repack-tielk\dead island cz\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=g:\torrent\dead.island.cz.update1.repack-tielk\dead island cz\dead island\deadislandgame.exe |
"UDP Query User{C7D464C3-5CA6-4CF8-9A3B-6B3E3C8C6CC2}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{D1920BE5-14AD-4E3B-9C97-8E6B7155BFF1}C:\program files (x86)\gigabyte\@bios\gbtupd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gbtupd.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 301.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8" = Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/21/2011 01.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = MSI Kombustor 1.1.3
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD YouTube Downloader & Converter 3.6
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28D35478-94B4-46E6-9E6E-809EA7004EF9}" = BDE 520 pro TaxEdit 25
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{49C14B93-58AD-4178-B52C-750D54CE618D}" = SaxoTrader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}" = Battlefield 3™
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{66C7814A-DBE1-4DE5-85A5-29D5F1D26EC4}" = NVIDIA Design Garage
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7BB5E925-A3DD-48C2-9A82-017AF5982FFE}" = Facebook Messenger 2.1.4590.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92F124CB-D9AA-4E20-93E4-7A9442878FD2}" = Software602 Form Filler
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA31F48A-C811-30B4-AD93-1986C7838442}" = Google Talk Plugin
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Afterburner" = MSI Afterburner 2.0.0
"Alien vs. Triangles" = NVIDIA Alien vs. Triangles demo
"avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"DeleteProdRunControl_UK" = IBM ViaVoice Command and Control Runtime 8.0 - UK English
"Elements_cz_cs_cz_Root_is1" = LANGMaster.cz: Angličtina ELEMENTS
"Endless City" = NVIDIA Endless City demo
"ESN Sonar-0.70.4" = ESN Sonar
"Google Chrome" = Google Chrome
"ChatZum Toolbar" = ChatZum Toolbar
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"McAfee Security Scan" = McAfee Security Scan Plus
"Money S3" = Ekonomický systém Money S3
"Mozilla Firefox 12.0 (x86 cs)" = Mozilla Firefox 12.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"rajče.net_is1" = rajče průvodce verze 1.59.40.255
"TaxEdit_is1" = TaxEdit 3.x
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TTM70" = Talk to Me
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.0.1
"WinLoad 5.40_is1" = WinLoad 5.40
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Začíname s angličtinou - moje prvé slová (minimálna inštalácia)" = Začíname s angličtinou - moje prvé slová (minimálna inštalácia)

========== Last 20 Event Log Errors ==========

Re: prosím o pomoc s odstraněním havěti

Napsal: 10 srp 2012 14:53
od vyosek
Logy rozdelte do vice prispevku

Re: prosím o pomoc s odstraněním havěti

Napsal: 10 srp 2012 15:25
od trenzik
ok posílám znovu ve dvou částech: OTL logfile created on: 10.8.2012 16:10:17 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\trenzik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

7,98 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 69,41% Memory free
15,97 Gb Paging File | 11,26 Gb Available in Paging File | 70,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 126,89 Gb Total Space | 7,61 Gb Free Space | 5,99% Space Free | Partition Type: NTFS
Drive D: | 171,20 Gb Total Space | 8,17 Gb Free Space | 4,77% Space Free | Partition Type: NTFS
Drive G: | 1397,26 Gb Total Space | 1015,62 Gb Free Space | 72,69% Space Free | Partition Type: NTFS

Computer Name: TRENZIK-PC | User Name: trenzik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.08.10 10:33:07 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\trenzik\Downloads\OTL.exe
PRC - [2012.07.26 10:29:46 | 000,244,656 | ---- | M] (Facebook) -- C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe
PRC - [2012.07.12 06:55:20 | 007,701,120 | ---- | M] (KMP Media co.,Ltd) -- C:\Program Files (x86)\The KMPlayer\KMPlayer.exe
PRC - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.05.30 20:06:18 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2012.05.20 11:18:49 | 000,880,496 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.04.06 10:18:10 | 000,624,856 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.02.24 03:29:58 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.02.23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
PRC - [2012.02.23 12:22:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
PRC - [2012.02.15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2012.01.03 17:21:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
PRC - [2010.09.02 22:18:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
PRC - [2010.08.31 05:04:16 | 000,355,640 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010.03.26 10:52:24 | 001,234,216 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
PRC - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe


========== Modules (No Company Name) ==========

MOD - [2012.07.26 10:30:04 | 021,014,960 | ---- | M] () -- C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\libcef.dll
MOD - [2012.07.26 10:29:40 | 000,283,568 | ---- | M] () -- C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.WinForms.dll
MOD - [2012.07.26 10:29:36 | 000,455,600 | ---- | M] () -- C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\CefSharp.dll
MOD - [2012.06.15 03:28:44 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.15 03:28:28 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.15 03:28:24 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.05.11 03:28:27 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012.05.11 03:27:53 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.11 03:27:51 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.11 03:27:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.11 03:27:46 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.11.13 04:36:45 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.05 03:54:38 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_cs_b77a5c561934e089\System.resources.dll
MOD - [2010.08.31 05:04:16 | 000,355,640 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2010.08.30 12:13:10 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2010.08.30 09:25:04 | 000,262,144 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2010.08.30 09:24:58 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2010.08.30 09:24:56 | 000,139,264 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2010.08.30 09:24:52 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2010.07.27 07:37:16 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2008.12.05 09:42:30 | 000,123,036 | ---- | M] () -- C:\Program Files (x86)\The KMPlayer\libmad.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.08.03 09:48:04 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.05 18:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.05.06 13:13:50 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.06 10:18:10 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.01.03 17:21:31 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.10.10 14:55:04 | 000,085,344 | ---- | M] (Software602 a.s.) [Auto | Running] -- C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe -- (602XML Updater)
SRV - [2010.09.02 22:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.12.13 16:59:09 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.12.01 11:42:44 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)
DRV:64bit: - [2011.12.01 11:42:44 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)
DRV:64bit: - [2011.05.10 09:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.03.18 13:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011.03.18 13:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.01.13 13:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.10 19:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.21 10:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.07.29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010.01.06 04:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2012.01.16 20:15:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.08.31 05:04:20 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbhelper.dll ()
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.seznam.cz/?q={searchTerms ... earch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{0B020F8D-FEDF-4e9d-9431-854F8F921341}: "URL" = http://uk.search.yahoo.com/search?p={se ... ype=IEBDSV
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&so ... earch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{5C845E74-676D-4016-964C-2EBF86CBBE7C}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT3072253
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms} ... earch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTer ... R1&pc=SPLH
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{8B311479-DE26-48FE-8CE2-3425EA436E9B}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{D4087B4D-BF6E-4537-87FB-1B345725EBA3}: "URL" = http://www.google.com/cse?cx=partner-pu ... earchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultEngineName: "Google"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..keyword.URL: "http://utils.chatzum.com/?url="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@software602.cz/602XML Filler: C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\trenzik\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\trenzik\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\trenzik\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\trenzik\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.08 08:54:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.13 21:11:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.13 21:11:35 | 000,000,000 | ---D | M]

[2011.12.13 20:51:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\trenzik\AppData\Roaming\Mozilla\Extensions
[2012.08.10 10:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\extensions
[2011.12.13 20:51:12 | 000,000,000 | ---D | M] (Centrum doménový pomocník) -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\extensions\centrumpomocnik@centrum.cz
[2012.06.12 23:30:21 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\extensions\foxmarks@kei.com
[2012.04.18 00:39:24 | 000,000,935 | ---- | M] () -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\conduit.xml
[2012.07.02 13:28:09 | 000,000,641 | ---- | M] () -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\search-web.xml
[2012.04.06 18:46:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.26 08:47:55 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.12.13 20:51:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011.12.13 20:51:01 | 000,000,000 | ---D | M] (Centrum.cz nastavenĂ) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011.12.13 20:51:01 | 000,000,000 | ---D | M] (Centrum doménový pomocník) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\centrumpomocnik@centrum.cz
[2012.07.08 08:54:37 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.05.06 13:13:50 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.05 11:27:44 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.04.06 18:46:55 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2012.04.06 18:46:55 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.04.06 18:46:55 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2012.04.06 18:46:55 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.04.06 18:46:55 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.google.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Software602 Form Filler (Enabled) = C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - Extension: YouTube = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Gmail = C:\Users\trenzik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll ()
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [Facebook Update] C:\Users\trenzik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000..\RunOnce: [ClearTemp] del C:\Users\trenzik\AppData\Local\Temp\yupdate.exe-{5A67FE34-E02A-4104-BEDE-932CB9F4A0C9} File not found
O4 - Startup: C:\Users\trenzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\trenzik\AppData\Local\Facebook\Messenger\2.1.4590.0\FacebookMessenger.exe (Facebook)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5447CC58-ABDA-444E-AF1B-F70A15E77E52}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDB4A85A-954E-47A9-9219-E44CF3B04927}: DhcpNameServer = 217.77.165.81 217.77.161.131
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.07.28 04:16:30 | 000,000,067 | ---- | M] () - G:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{c964b494-25b7-11e1-a63f-50e54950fa1b}\Shell - "" = AutoRun
O33 - MountPoints2\{c964b494-25b7-11e1-a63f-50e54950fa1b}\Shell\AutoRun\command - "" = F:\context.exe ajpse1.ctx
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2012.08.09 12:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.06 20:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2012.08.06 20:49:28 | 000,000,000 | -HSD | C] -- C:\Config.Msi

========== Files - Modified Within 7 Days ==========

[2012.08.10 16:10:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.10 15:48:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.10 15:39:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
[2012.08.10 15:29:35 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.10 15:29:34 | 000,002,069 | ---- | M] () -- C:\Users\trenzik\Desktop\Media Player Classic - Home Cinema x64.lnk
[2012.08.10 15:25:37 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
[2012.08.10 15:25:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.10 10:39:28 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.10 09:47:06 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.09 22:10:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.09 20:24:58 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.09 09:20:26 | 000,002,351 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.08.07 20:38:21 | 000,001,722 | ---- | M] () -- C:\Users\trenzik\Desktop\deadislandgame – zástupce.lnk
[2012.08.05 20:51:03 | 001,612,956 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.05 20:51:03 | 000,678,288 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.05 20:51:03 | 000,663,756 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.05 20:51:03 | 000,146,178 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.05 20:51:03 | 000,125,886 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

========== Files Created - No Company Name ==========

[2012.08.10 10:39:28 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.07 20:38:24 | 000,001,722 | ---- | C] () -- C:\Users\trenzik\Desktop\deadislandgame – zástupce.lnk
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.05.01 17:17:33 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2012.04.05 16:25:34 | 000,000,095 | ---- | C] () -- C:\Users\trenzik\AppData\Local\fusioncache.dat
[2012.01.12 12:21:03 | 001,636,806 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.25 13:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2011.12.17 18:28:28 | 000,000,928 | ---- | C] () -- C:\Users\trenzik\AppData\Local\SRDownloader.nast
[2011.12.13 22:33:04 | 000,281,880 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.13 22:33:03 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.13 19:56:07 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.12.13 19:50:56 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== LOP Check ==========

[2012.02.02 15:53:36 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\602Installer
[2012.01.02 12:42:17 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\602XML
[2012.01.02 12:33:19 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Canon
[2011.12.13 17:32:51 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\DAEMON Tools Lite
[2011.12.27 17:39:27 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\GHISLER
[2011.12.17 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\LANGMaster
[2012.01.06 10:55:39 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\langmaster.cz
[2011.12.13 23:18:19 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\OpenCandy
[2011.12.13 21:47:36 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Origin
[2011.12.21 18:07:01 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\pdfforge
[2012.01.12 12:24:41 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Saxo Bank
[2012.07.02 13:26:58 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Skinux
[2011.12.13 20:03:46 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Splashtop
[2012.08.10 16:09:18 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\uTorrent
[2011.12.17 18:35:00 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\VitySoft
[2012.08.10 10:55:55 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Yandex
[2012.08.10 09:47:06 | 000,000,968 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.10 15:25:37 | 000,000,990 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
[2012.05.11 03:24:38 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

Re: prosím o pomoc s odstraněním havěti

Napsal: 10 srp 2012 15:26
od trenzik
========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2011.09.29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2012.03.30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011.04.25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012.03.30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2012.03.30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011.04.25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.09.29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\SysNative\drivers\tcpip.sys
[2012.03.30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2011.04.25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2011.09.29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[235 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >
[2012.06.14 22:44:20 | 003,826,112 | ---- | M] () -- C:\chatzum.exe

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.02.02 15:53:36 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\602Installer
[2012.01.02 12:42:17 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\602XML
[2011.12.13 23:16:08 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Adobe
[2012.06.13 12:35:25 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Apple Computer
[2012.07.02 13:26:32 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Arcsoft
[2012.01.02 12:33:19 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Canon
[2011.12.13 17:32:51 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\DAEMON Tools Lite
[2012.01.31 00:12:18 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\dvdcss
[2011.12.27 17:39:27 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\GHISLER
[2011.12.13 06:50:56 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Identities
[2011.12.13 19:55:51 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\InstallShield
[2011.12.17 20:17:21 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\LANGMaster
[2012.01.06 10:55:39 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\langmaster.cz
[2011.12.13 20:48:52 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Macromedia
[2009.07.14 17:36:31 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Media Center Programs
[2011.12.30 17:03:31 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Media Player Classic
[2012.05.21 21:52:06 | 000,000,000 | --SD | M] -- C:\Users\trenzik\AppData\Roaming\Microsoft
[2012.08.03 14:39:33 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Mozilla
[2012.05.01 17:15:55 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Nero
[2011.12.21 17:47:17 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\NVIDIA
[2011.12.13 23:18:19 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\OpenCandy
[2011.12.13 21:47:36 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Origin
[2011.12.21 18:07:01 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\pdfforge
[2012.01.12 12:24:41 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Saxo Bank
[2011.12.17 18:51:45 | 000,000,000 | RH-D | M] -- C:\Users\trenzik\AppData\Roaming\SecuROM
[2012.07.02 13:26:58 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Skinux
[2012.08.10 16:01:37 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Skype
[2011.12.13 20:03:46 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Splashtop
[2012.08.10 16:15:31 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\uTorrent
[2011.12.17 18:35:00 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\VitySoft
[2012.07.25 21:09:38 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\vlc
[2011.12.13 16:52:03 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\WinRAR
[2012.08.10 10:55:55 | 000,000,000 | ---D | M] -- C:\Users\trenzik\AppData\Roaming\Yandex

< %APPDATA%\*.exe /s >
[2011.12.01 01:13:58 | 036,380,976 | ---- | M] (Microsoft Corporation) -- C:\Users\trenzik\AppData\Roaming\OpenCandy\4393A2DC90744831AC1A1C647C02F218\IE9-Windows7-x64-enu.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.08.10 15:48:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.10 09:47:06 | 000,000,968 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.10 15:25:37 | 000,000,990 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
[2012.08.09 22:10:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.10 16:10:00 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.09 20:24:58 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.10 15:39:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.08.10 15:25:44 | 000,062,827 | ---- | M] () -- C:\Windows\system32\debug.log

< %SYSTEMDRIVE%\*.exe >
[2012.06.14 22:44:20 | 003,826,112 | ---- | M] () -- C:\chatzum.exe

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.11.10 11:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2012.07.03 13:23:52 | 017,417,392 | R--- | M] (Skype Technologies S.A.)
"MobileDocuments" = C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe -- [2012.02.23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Facebook Update" = "C:\Users\trenzik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012.07.12 03:01:06 | 000,138,096 | ---- | M] (Facebook Inc.)
"uTorrent" = "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.20 11:18:49 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
"iCloudServices" = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe -- [2012.02.23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.)
"ApplePhotoStreams" = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe -- [2012.02.24 03:29:58 | 000,059,240 | ---- | M] (Apple Inc.)
"com.apple.dav.bookmarks.daemon" = C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe -- [2012.02.23 12:22:24 | 000,059,240 | ---- | M] (Apple Inc.)
"Google Update" = "C:\Users\trenzik\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.04.03 18:00:39 | 000,116,648 | ---- | M] (Google Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.05.06 13:13:49 | 000,924,600 | ---- | M] (Mozilla Corporation) MD5=4F69AABB5D82AA4EF6DFF7871212ADF6 -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2012.06.02 11:08:27 | 000,748,664 | ---- | M] (Microsoft Corporation) MD5=34B01BBD8F00B6B9C9248DC4F1E3CD01 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2012.08.07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) MD5=8440F367180298301E4EE901EEDAACE1 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.10 10:39:28 | 000,000,512 | ---- | M] () MD5=A61E84CDA74D04FDF2D897896B5039E1 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.05.31 13:43:13 | 000,000,903 | ---- | M] () -- \Users\trenzik\AppData\Roaming\Microsoft\Windows\Recent\crack.lnk
[2012.01.17 17:09:13 | 000,018,075 | ---- | M] () -- \Users\trenzik\AppData\Roaming\uTorrent\Traktor DJ Studio v3.3.2 + Crack.zip.torrent
[2012.01.17 17:10:22 | 057,393,548 | ---- | M] () -- \Users\trenzik\Downloads\Traktor DJ Studio v3.3.2 + Crack.zip

< *keygen* /s >
[2012.05.01 17:00:41 | 000,000,842 | ---- | M] () -- \Users\trenzik\AppData\Roaming\Microsoft\Windows\Recent\Nero Multimedia Suite 10 - Keygen.lnk

< *loader* /s >
[2011.10.02 15:21:34 | 000,997,376 | ---- | M] () -- \Downloads\Programs\SRDownloader.exe
[2011.11.03 21:43:41 | 000,903,680 | ---- | M] () -- \Downloads\Programs\SRDownloader.exe.IDAf
[2012.02.24 03:29:58 | 000,059,240 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
[2012.02.24 03:29:58 | 000,735,080 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader_main.dll
[2010.10.07 05:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.07.02 13:27:26 | 000,005,709 | ---- | M] () -- \Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\loaderie.js
[1 \Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\*.tmp files -> \Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\*.tmp -> ]
[2010.08.05 13:59:02 | 000,000,039 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\kloader4ab.bat
[2010.08.05 16:33:12 | 000,034,304 | ---- | M] () -- \Program Files (x86)\MSI Kombustor\KLoaderWin32.exe
[2010.06.11 17:08:28 | 003,207,680 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\Design Garage\DAELoader.not
[2010.06.11 17:08:28 | 000,890,880 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\Design Garage\ILTexLoader.not
[2010.08.19 23:43:08 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA Demos\Alien vs. Triangles\bin\PhysXLoader.dll
[2010.08.19 23:43:10 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA Demos\Alien vs. Triangles\bin\PhysXLoader64.dll
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 13:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 15:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2010.08.24 18:23:59 | 000,071,008 | ---- | M] () -- \Program Files\2K Games\Mafia 2\pc\PhysXLoader.dll
[2010.10.07 05:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 05:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.05.21 13:03:14 | 000,000,072 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.05.21 13:03:14 | 000,001,963 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2010.03.15 12:33:54 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012.05.21 13:03:14 | 000,000,072 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter Help.url
[2012.05.21 13:03:14 | 000,001,963 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YTD YouTube Downloader & Converter\YTD YouTube Downloader & Converter.lnk
[2010.03.15 12:33:54 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012.05.21 13:03:14 | 000,001,057 | ---- | M] () -- \Users\Public\Desktop\YTD YouTube Downloader & Converter.lnk
[2011.12.17 18:28:28 | 000,000,928 | ---- | M] () -- \Users\trenzik\AppData\Local\SRDownloader.nast
[2012.07.02 13:27:26 | 000,005,709 | ---- | M] () -- \Users\trenzik\AppData\LocalLow\Toolbar4\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\loaderie.js
[1 \Users\trenzik\AppData\LocalLow\Toolbar4\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\*.tmp files -> \Users\trenzik\AppData\LocalLow\Toolbar4\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\*.tmp -> ]
[2012.08.10 09:37:35 | 000,174,843 | ---- | M] () -- \Users\trenzik\AppData\Roaming\Apple Computer\MediaStream\dl\assetStreamDownloader.log
[2012.07.01 11:37:39 | 000,004,285 | ---- | M] () -- \Users\trenzik\AppData\Roaming\Apple Computer\MediaStream\ul\assetStreamUploader.log
[2012.02.20 21:08:45 | 000,000,001 | ---- | M] () -- \Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\{F0B1CEAC-7C0D-407c-B25E-623D7CBECCCB}\youtubedownloader.lock
[2012.05.04 20:55:54 | 000,015,206 | ---- | M] () -- \Users\trenzik\AppData\Roaming\uTorrent\Wrath.Of.The.Titans.2012.TS.XviD-ILLUMINATI.CZ.titulky.by.Colly.of.PowerUploaders.torrent
[2011.12.17 18:28:07 | 000,904,192 | ---- | M] () -- \Users\trenzik\Downloads\SRDownloader.exe
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.08.10 09:36:02 | 000,217,468 | ---- | M] () -- \Windows\Prefetch\APPLEPHOTOSTREAMSDOWNLOADER.E-2382AA15.pf
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011.02.05 15:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011.02.05 15:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011.02.05 19:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011.02.05 15:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.07.24 20:51:27 | 005,024,960 | ---- | M] () -- \Windows\Temp\youtubedownloaderToolbar.exe
[235 \Windows\Temp\*.tmp files -> \Windows\Temp\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:04:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 17:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 17:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 17:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 17:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 17:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2012.01.21 12:36:51 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2012.01.21 12:36:51 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2012.01.21 12:36:51 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2012.01.21 12:36:51 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2012.01.21 12:36:51 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:ECFAEA58

< End of report >

Re: prosím o pomoc s odstraněním havěti

Napsal: 11 srp 2012 08:35
od vyosek
:arrow: Spustte znovu OTL
  • Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

  • Kód: Vybrat vše

    :otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbhelper.dll ()
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{0B020F8D-FEDF-4e9d-9431-854F8F921341}: "URL" = http://uk.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}: "URL" = http://www.zbozi.cz/?q={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{5C845E74-676D-4016-964C-2EBF86CBBE7C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=quicksearch_6826
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{8B311479-DE26-48FE-8CE2-3425EA436E9B}: "URL" = http://search.chatzum.com/?q={searchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{D4087B4D-BF6E-4537-87FB-1B345725EBA3}: "URL" = http://www.google.com/cse?cx=partner-pu ... 1509802&q={searchTerms}
IE - HKU\S-1-5-21-362490950-1326881668-2221771112-1000\..\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}: "URL" = http://www.firmy.cz/phr/{searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..keyword.URL: "http://utils.chatzum.com/?url="
[2012.04.18 00:39:24 | 000,000,935 | ---- | M] () -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\conduit.xml
[2012.07.02 13:28:09 | 000,000,641 | ---- | M] () -- C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\search-web.xml
O2 - BHO: (XBTBPos00 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (ChatZum Toolbar) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{c964b494-25b7-11e1-a63f-50e54950fa1b}\Shell - "" = AutoRun
[2012.08.10 15:48:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.08.10 09:47:06 | 000,000,968 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.10 15:25:37 | 000,000,990 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
[2012.08.09 22:10:00 | 000,000,950 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.10 16:10:00 | 000,000,954 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.09 20:24:58 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job
[2012.08.10 15:39:00 | 000,000,970 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:ECFAEA58

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Skype"=-
"Facebook Update"=-
"uTorrent"=-
"Google Update"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"NBAgent"=-
"QuickTime Task"=-
"iTunesHelper"=-
""=-
"SearchSettings"=-

:services
Application Updater
gupdate
gupdatem

:files
C:\Program Files (x86)\Application Updater
C:\Program Files (x86)\Common Files\Spigot
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
C:\Users\trenzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]
  • Nasledne kliknete na Opravit
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: prosím o pomoc s odstraněním havěti

Napsal: 12 srp 2012 10:18
od trenzik
prosím ještě poradit, jak odstranit http://searchsafer.com/, stále se mi spouští v Chrome a Mozille nikde ho v dopľncích nemám a není ani nastaven jako domovská stránka

děkuji!!!!


All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-362490950-1326881668-2221771112-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found.
Registry value HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{CA3EB689-8F09-4026-AA10-B9534C691CE0} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}\ not found.
File C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbhelper.dll not found.
HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0B020F8D-FEDF-4e9d-9431-854F8F921341}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B020F8D-FEDF-4e9d-9431-854F8F921341}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{399a1442-7377-49e7-8d77-6dc9ed5968c1}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5C845E74-676D-4016-964C-2EBF86CBBE7C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C845E74-676D-4016-964C-2EBF86CBBE7C}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5cf5d387-d87c-4408-9a6b-301b0713d62a}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8172f457-818d-46db-941f-2bbe53e156af}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8B311479-DE26-48FE-8CE2-3425EA436E9B}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B311479-DE26-48FE-8CE2-3425EA436E9B}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D4087B4D-BF6E-4537-87FB-1B345725EBA3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4087B4D-BF6E-4537-87FB-1B345725EBA3}\ not found.
Registry key HKEY_USERS\S-1-5-21-362490950-1326881668-2221771112-1000\Software\Microsoft\Internet Explorer\SearchScopes\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{eb97f7df-1773-4916-aae6-5af74da8c69d}\ not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811&ilc=12" removed from browser.search.param.yahoo-fr
Prefs.js: "http://utils.chatzum.com/?url=" removed from keyword.URL
File C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\conduit.xml not found.
File C:\Users\trenzik\AppData\Roaming\Mozilla\Firefox\Profiles\wchiacyf.default\searchplugins\search-web.xml not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ not found.
File C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
File C:\Program Files (x86)\ChatZum Toolbar\tbunsp30DA.tmp\tbcore3.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ not found.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c964b494-25b7-11e1-a63f-50e54950fa1b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c964b494-25b7-11e1-a63f-50e54950fa1b}\ not found.
File C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
File C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job not found.
File C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job not found.
File C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
File C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
File C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000Core.job not found.
File C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362490950-1326881668-2221771112-1000UA.job not found.
Unable to delete ADS C:\ProgramData\TEMP:ECFAEA58 .
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NBAgent not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SearchSettings not found.
========== SERVICES/DRIVERS ==========
Error: No service named Application Updater was found to stop!
Service\Driver key Application Updater not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
========== FILES ==========
File\Folder C:\Program Files (x86)\Application Updater not found.
File\Folder C:\Program Files (x86)\Common Files\Spigot not found.
File\Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk not found.
File\Folder C:\Users\trenzik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: trenzik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 38396 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 80714311 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 910 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 77,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: trenzik
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: trenzik
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.57.0 log created on 08122012_110948

Files\Folders moved on Reboot...
File\Folder C:\Users\trenzik\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...
File C:\Users\trenzik\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
[2012.08.12 11:11:21 | 000,000,000 | ---- | M] () C:\Windows\temp\_avast_\Webshlock.txt : Unable to obtain MD5

Registry entries deleted on Reboot...

Re: prosím o pomoc s odstraněním havěti

Napsal: 12 srp 2012 10:22
od vyosek
Spousti se vam jako jak :???:

Re: prosím o pomoc s odstraněním havěti

Napsal: 12 srp 2012 10:26
od trenzik
v Chrome odstraňeno!!! /searchsafer.com/, nastavilo se mi to jako domovská stránka. Pokud použiju Mozillu a otevírám další lištu, opět se mi zobrazuje searchsafer.com/ prosím o radu, děkuji!!

Re: prosím o pomoc s odstraněním havěti

Napsal: 12 srp 2012 10:34
od vyosek
:arrow: Do adresniho radku Firefoxu napiste about:config

:arrow: dejte hledat searchsafer.com

:arrow: co najde tak smazat

Re: prosím o pomoc s odstraněním havěti

Napsal: 13 srp 2012 14:21
od trenzik
děkuji moc!!

Re: prosím o pomoc s odstraněním havěti

Napsal: 13 srp 2012 21:01
od vyosek
Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|

Jinak nemate zac, rado se stalo :worship:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz