VIRY.CZ

Zdravíčko,
jsem tu sice nový, ale co dělat, když je člověk blbej.
Omylem jsem klikl na odkaz, který mi přišel na skype od známého. Potom jsem pustil instalaci (fakt nechápu, jak jsem to mohl udělat) a od té doby mi při spuštěném skypu odesílá zprávy s tímto odkazem dál.

Tímto bych Vás chtěl požádat, jestli byste mi mohli poradit co s tím. Našel jsem podobný problém, akorát s facebook spamming virem, nicméně po častých upozorněních moderátorů (v daném topicu) jsem usoudil, že by asi nebylo chytré pouštět se do toho na vlastní pěst. Zde přikládám log.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jura at 2013-02-04 14:54:30
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 1 GB (3%) free of 43 GB
Total RAM: 2814 MB (41% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FE69C007-C452-4d3e-86D2-1730DF8BC871} - SimilarSites - C:\Program Files\SimilarSites\similarsites.dll [2012-02-01 316928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-01-13 509320]
"ATKOSD2"=C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
"SDActiveMonitor"=C:\Program Files\Max Spyware Detector\MaxSDTray.exe [2013-02-02 1066464]
"SDAutoScan"= []
"MaxUSBProc"=C:\Program Files\Max Spyware Detector\MaxUSBProc.exe [2013-02-02 445920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ManyCam"=C:\Program Files\ManyCam 2.4\ManyCam.exe [2010-03-03 1824040]
"Google Update"=C:\Users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-16 136176]
"Akamai NetSession Interface"=C:\Users\Jura\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920]
"BitTorrent"=C:\Program Files\BitTorrent\BitTorrent.exe [2013-01-05 980376]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-05-16 1084840]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-10-25 3093624]
"AIMP3"=C:\Program Files\AIMP2\AIMP3.exe [2013-01-12 1705416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-13 8555040]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe
VPN Client.lnk - C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico

C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.divxa32"=msaud32_divx.acm
"VIDC.FPS1"=frapsvid.dll
"vidc.iv50"=ir50_32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2013-02-04 14:54:31 ----D---- C:\Program Files\trend micro
2013-02-04 14:54:30 ----D---- C:\rsit
2013-02-04 14:46:36 ----A---- C:\Users\Jura\AppData\Roaming\E1F2.exe
2013-02-04 14:31:35 ----A---- C:\Users\Jura\AppData\Roaming\223B.exe
2013-02-04 14:16:36 ----A---- C:\Users\Jura\AppData\Roaming\6957.exe
2013-02-04 14:01:38 ----A---- C:\Users\Jura\AppData\Roaming\B5A1.exe
2013-02-04 13:56:10 ----D---- C:\MaxAVLiveUpdate
2013-02-04 13:46:35 ----A---- C:\Users\Jura\AppData\Roaming\F08D.exe
2013-02-04 13:39:17 ----RASH---- C:\SdHeuristic.txt
2013-02-04 13:15:10 ----A---- C:\Users\Jura\AppData\Roaming\28EA.exe
2013-02-04 12:58:19 ----A---- C:\Users\Jura\AppData\Roaming\BEE0.exe
2013-02-04 12:41:34 ----A---- C:\Users\Jura\AppData\Roaming\650C.exe
2013-02-04 12:16:04 ----A---- C:\Users\Jura\AppData\Roaming\1269.exe
2013-02-04 11:56:04 ----A---- C:\Users\Jura\AppData\Roaming\BFC6.exe
2013-02-04 11:47:05 ----A---- C:\Users\Jura\AppData\Roaming\9137.exe
2013-02-04 11:45:36 ----ASH---- C:\pagefile.sys
2013-02-04 11:43:03 ----A---- C:\Windows\system32\MaxNative.exe
2013-02-04 11:42:37 ----D---- C:\ProgramData\Max Secure
2013-02-04 11:42:37 ----A---- C:\Windows\system32\drivers\SDActMon2K.sys
2013-02-04 11:42:37 ----A---- C:\Windows\system32\drivers\MaxProtector64.sys
2013-02-04 11:42:37 ----A---- C:\Windows\system32\drivers\MaxProc64.sys
2013-02-04 11:42:35 ----D---- C:\Program Files\Max Spyware Detector
2013-02-04 11:42:34 ----A---- C:\Windows\system32\drivers\SDActMon.sys
2013-02-04 11:42:34 ----A---- C:\Windows\system32\drivers\MaxTdss.sys
2013-02-04 11:42:34 ----A---- C:\Windows\system32\drivers\MaxProtector32.sys
2013-02-04 11:42:34 ----A---- C:\Windows\system32\drivers\MaxMgr.sys
2013-02-04 11:42:34 ----A---- C:\Windows\system32\drivers\004.sys
2013-02-04 11:35:55 ----A---- C:\Users\Jura\AppData\Roaming\2F5A.exe
2013-02-04 11:15:47 ----A---- C:\Users\Jura\AppData\Roaming\BECC.exe
2013-02-04 11:04:26 ----A---- C:\Users\Jura\AppData\Roaming\59F0.exe
2013-02-04 10:44:14 ----A---- C:\Users\Jura\AppData\Roaming\DCC4.exe
2013-02-03 21:28:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-02-03 21:27:37 ----A---- C:\Windows\system32\sdnclean.exe
2013-02-03 21:27:26 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-02-03 20:04:39 ----D---- C:\Program Files\Common Files\Skype
2013-02-03 20:04:37 ----RD---- C:\Program Files\Skype
2013-01-28 14:34:22 ----D---- C:\ProgramData\ClickIT
2013-01-28 14:34:12 ----D---- C:\ProgramData\InstallMate
2013-01-23 09:29:12 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2013-01-23 09:29:12 ----A---- C:\Windows\system32\javaw.exe
2013-01-23 09:29:12 ----A---- C:\Windows\system32\java.exe
2013-01-23 09:28:43 ----A---- C:\Windows\system32\javaws.exe
2013-01-18 22:05:53 ----D---- C:\Program Files\Mozilla Firefox
2013-01-17 00:37:09 ----D---- C:\Program Files\AVG Secure Search
2013-01-13 13:02:27 ----D---- C:\Users\Jura\AppData\Roaming\Dev-Cpp
2013-01-13 13:02:12 ----D---- C:\Dev-Cpp
2013-01-12 10:01:59 ----D---- C:\Users\Jura\AppData\Roaming\AIMP3
2013-01-11 17:28:42 ----D---- C:\Users\Jura\AppData\Roaming\CodeBlocks
2013-01-09 10:53:17 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 10:53:16 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 10:53:15 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 10:53:01 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 10:52:54 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 10:52:54 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 10:52:54 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 10:52:54 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 10:52:53 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 10:52:52 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 10:52:51 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 10:52:50 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 10:52:49 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 10:52:49 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 10:51:59 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 10:51:58 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 10:51:29 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 10:51:28 ----A---- C:\Windows\system32\taskhost.exe

======List of files/folders modified in the last 1 month======

2013-02-04 14:54:31 ----RD---- C:\Program Files
2013-02-04 14:54:24 ----D---- C:\Windows\Temp
2013-02-04 14:54:01 ----D---- C:\Users\Jura\AppData\Roaming\BitTorrent
2013-02-04 13:45:41 ----D---- C:\Windows\System32
2013-02-04 13:45:41 ----D---- C:\Windows\inf
2013-02-04 13:45:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-04 12:01:13 ----D---- C:\Windows\system32\config
2013-02-04 11:50:34 ----D---- C:\Users\Jura\AppData\Roaming\Skype
2013-02-04 11:47:11 ----D---- C:\Windows\system32\Tasks
2013-02-04 11:47:03 ----D---- C:\Users\Jura\AppData\Roaming\Dropbox
2013-02-04 11:46:33 ----A---- C:\Windows\system32\AutoRunFilter.ini
2013-02-04 11:46:30 ----A---- C:\Windows\system32\ServiceFilter.ini
2013-02-04 11:46:21 ----D---- C:\Windows
2013-02-04 11:43:00 ----RSD---- C:\Windows\Fonts
2013-02-04 11:42:56 ----D---- C:\Windows\system32\drivers\etc
2013-02-04 11:42:37 ----HD---- C:\ProgramData
2013-02-04 11:42:37 ----D---- C:\Windows\system32\drivers
2013-02-04 11:26:38 ----D---- C:\Users\Jura\AppData\Roaming\GetRightToGo
2013-02-04 11:21:31 ----SHD---- C:\Windows\Installer
2013-02-04 11:21:30 ----SHD---- C:\Config.Msi
2013-02-04 00:05:35 ----D---- C:\Users\Jura\AppData\Roaming\skypePM
2013-02-03 23:35:18 ----D---- C:\Users\Jura\AppData\Roaming\DAEMON Tools Lite
2013-02-03 23:30:39 ----D---- C:\Windows\Logs
2013-02-03 23:30:39 ----D---- C:\Windows\debug
2013-02-03 21:30:15 ----D---- C:\ProgramData\Skype
2013-02-03 21:27:52 ----SD---- C:\ProgramData\Microsoft
2013-02-03 20:08:16 ----D---- C:\ProgramData\Skype Extras
2013-02-03 20:04:39 ----D---- C:\Program Files\Common Files
2013-02-03 19:51:47 ----D---- C:\Windows\Prefetch
2013-02-03 19:46:04 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-03 16:17:11 ----D---- C:\Program Files\Opera
2013-01-30 16:57:04 ----D---- C:\ProgramData\PMB Files
2013-01-30 16:55:17 ----D---- C:\Windows\Tasks
2013-01-28 19:43:46 ----D---- C:\Program Files\AIMP2
2013-01-28 09:42:44 ----D---- C:\ProgramData\TERA
2013-01-26 17:03:40 ----D---- C:\Users\Jura\AppData\Roaming\Mozilla
2013-01-23 09:29:11 ----D---- C:\Program Files\Java
2013-01-21 16:36:00 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-01-20 16:25:17 ----RSD---- C:\Windows\assembly
2013-01-18 16:19:00 ----D---- C:\Users\Jura\AppData\Roaming\Aion RainMeter
2013-01-18 16:19:00 ----D---- C:\Program Files\Aion RainMeter
2013-01-17 01:28:58 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-16 09:17:26 ----D---- C:\Program Files\UseCaseMaker2
2013-01-16 09:09:32 ----D---- C:\Program Files\Common Files\InstallShield
2013-01-12 16:10:57 ----D---- C:\Windows\Microsoft.NET
2013-01-12 11:52:30 ----D---- C:\Program Files\Common Files\microsoft shared
2013-01-11 09:02:47 ----D---- C:\Windows\winsxs
2013-01-11 08:59:36 ----D---- C:\Windows\system32\cs-CZ
2013-01-11 01:08:13 ----A---- C:\Windows\system32\MRT.exe
2013-01-09 10:51:15 ----D---- C:\Windows\system32\catroot
2013-01-09 10:51:01 ----D---- C:\Windows\system32\catroot2
2013-01-08 21:50:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-01-05 09:45:39 ----D---- C:\Program Files\BitTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 14392]
R0 MaxMgr;MaxMgr; C:\Windows\System32\drivers\MaxMgr.sys [2013-02-02 66016]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SDActMon;SDActMon; C:\Windows\System32\drivers\SDActMon.sys [2013-02-02 113120]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-11-15 477240]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-05-06 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 MaxProtector32;MaxProtector32; C:\Windows\System32\drivers\MaxProtector32.sys [2013-02-02 79328]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2012-04-09 48256]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [2009-07-02 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-09-27 308859]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-09-28 9107968]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-09-28 370176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2010-03-02 1263104]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-01-18 102400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-04-13 3074528]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 119408]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver; C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 98928]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2009-05-13 14392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1766592]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 30392]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 103440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-10-02 25280]
S3 hipeer20;Remobo Instant Private Network; C:\Windows\system32\DRIVERS\remobo32.sys [2010-08-01 26112]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-04-22 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 PTSimBus;PenTablet Bus Enumerator; C:\Windows\system32\DRIVERS\PTSimBus.sys []
S3 PTSimHid;PenTablet Simulated HID MiniDriver; C:\Windows\system32\DRIVERS\PTSimHid.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 SCREAMINGBDRIVER;Screaming Bee Audio; C:\Windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-20 77184]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-04-26 26624]
S3 tapoas;TAP-Win32 Adapter OAS; C:\Windows\system32\DRIVERS\tapoas.sys [2011-08-19 26112]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-20 25600]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vserial;ELTIMA Virtual Serial Ports Driver; C:\Windows\System32\DRIVERS\vserial.sys []
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\D:\programy\Visual\Team Tools\Performance Tools\VSPerfDrv100.sys [2011-01-18 54144]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-07 303744]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-09-28 217600]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-09-28 291840]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2010-09-27 1528616]
R2 MaxMerger;MaxMerger; C:\Program Files\Max Spyware Detector\MaxMerger.exe [2013-02-02 303072]
R2 MaxWatchDogService;MaxWatchDogService; C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe [2013-02-02 622560]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-04-24 624856]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-05-21 76888]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2012-02-11 105048]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-04-22 720936]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-16 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-02 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-16 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-18 115608]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-03-28 4323256]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Děkuji za jakoukoliv odpověď.

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Spustil jsem Rkill, mám na infikovaném kompu log,ale pustil jsem i Combofix a už to chroustá přes 2 hodiny. Nevím, jestli je to v pořádku nebo jestli s tím mám něco dělat.

Edit: přidávám log z Rkillu. CF po spuštění nic nedělal (soudě podle aktivity procesoru, která byla nulová).

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/04/2013 03:41:35 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/04/2013 03:41:51 PM
Execution time: 0 hours(s), 0 minute(s), and 16 seconds(s)

Zítra zkusím znova nahodit Rkill i CF (odinstaloval sem spybot a ještě nějákou potvoru na hledání malware, protože když jsem je natvrdo ukončil, tak se tam časem znova objevily).

Zkuste spustit ComboFix v nouzovem rezimu

Tak v nouzovém se to podařilo. Zde je log.

ComboFix 13-02-03.03 - Jura 05.02.2013 10:58:05.1.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2814.1655 [GMT 1:00]
Spuštěný z: c:\users\Jura\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jura\AppData\Local\assembly\tmp
c:\users\Jura\AppData\Roaming\cacaoweb
c:\users\Jura\AppData\Roaming\cacaoweb\npdfile.dat
c:\users\Jura\AppData\Roaming\cacaoweb\replicatingEA33FBEB55469A6FC0A47F1E397A4EB6.cacao
c:\users\Jura\AppData\Roaming\cacaoweb\storage.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-05 do 2013-02-05 )))))))))))))))))))))))))))))))
.
.
2013-02-05 10:04 . 2013-02-05 10:04 -------- d-----w- c:\users\Jura\AppData\Local\temp
2013-02-05 10:04 . 2013-02-05 10:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-05 00:26 . 2013-02-05 00:26 -------- d-----r- c:\program files\Skype
2013-02-05 00:26 . 2013-02-05 00:26 -------- d-----w- c:\program files\Common Files\Skype
2013-02-04 13:54 . 2013-02-04 13:54 -------- d-----w- c:\program files\trend micro
2013-02-04 13:54 . 2013-02-04 13:54 -------- d-----w- C:\rsit
2013-02-04 12:56 . 2013-02-04 12:56 -------- d-----w- C:\MaxAVLiveUpdate
2013-02-04 10:42 . 2013-02-04 10:50 -------- d-----w- c:\programdata\Max Secure
2013-02-04 10:26 . 2013-02-04 10:26 -------- d-----w- c:\users\Jura\AppData\Local\Max Secure Software
2013-02-03 20:28 . 2013-02-04 18:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-01 22:33 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3DB9C87D-3750-4D34-9B7C-97343E154880}\mpengine.dll
2013-01-28 13:34 . 2013-01-28 13:34 -------- d-----w- c:\programdata\ClickIT
2013-01-28 13:34 . 2013-01-28 13:34 -------- d-----w- c:\programdata\InstallMate
2013-01-23 08:29 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 23:37 . 2013-02-03 18:45 -------- d-----w- c:\program files\AVG Secure Search
2013-01-16 08:09 . 2001-09-05 05:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-01-16 08:09 . 2001-09-05 05:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-01-16 08:09 . 2001-09-05 05:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-01-16 08:09 . 2001-09-05 05:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-01-13 12:02 . 2013-01-13 12:12 -------- d-----w- c:\users\Jura\AppData\Roaming\Dev-Cpp
2013-01-13 12:02 . 2013-01-14 16:02 -------- d-----w- C:\Dev-Cpp
2013-01-12 09:01 . 2013-02-05 09:49 -------- d-----w- c:\users\Jura\AppData\Roaming\AIMP3
2013-01-11 16:28 . 2013-01-13 12:01 -------- d-----w- c:\users\Jura\AppData\Roaming\CodeBlocks
2013-01-09 09:53 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 09:53 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 09:53 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 09:53 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 09:51 . 2012-12-07 12:20 2576384 ----a-w- c:\windows\system32\gameux.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-04 18:51 . 2011-09-29 19:15 138056 ----a-w- c:\users\Jura\AppData\Roaming\PnkBstrK.sys
2013-02-04 18:51 . 2011-07-29 06:50 138056 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-02-04 18:50 . 2011-07-29 06:50 189248 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-02-04 18:50 . 2011-07-29 06:50 189248 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-02-04 18:50 . 2011-07-29 06:50 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-01-17 00:28 . 2011-07-04 18:25 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-08 20:50 . 2012-04-04 08:49 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-08 20:50 . 2011-07-12 06:44 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13 . 2012-12-21 23:52 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 23:52 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-11-15 18:20 . 2011-07-04 17:51 477240 ------w- c:\windows\system32\drivers\sptd.sys
2012-11-14 02:09 . 2012-12-12 22:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 22:17 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 22:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 22:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 22:17 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 22:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 07:24 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-18 21:06 . 2013-01-18 21:05 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{FE69C007-C452-4d3e-86D2-1730DF8BC871}"= "c:\program files\SimilarSites\similarsites.dll" [2012-02-01 316928]
.
[HKEY_CLASSES_ROOT\clsid\{fe69c007-c452-4d3e-86d2-1730df8bc871}]
[HKEY_CLASSES_ROOT\similarsites.toolbar.1]
[HKEY_CLASSES_ROOT\similarsites.toolbar]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{FE69C007-C452-4d3e-86D2-1730DF8BC871}"= "c:\program files\SimilarSites\similarsites.dll" [2012-02-01 316928]
.
[HKEY_CLASSES_ROOT\clsid\{fe69c007-c452-4d3e-86d2-1730df8bc871}]
[HKEY_CLASSES_ROOT\similarsites.toolbar.1]
[HKEY_CLASSES_ROOT\similarsites.toolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2010-03-03 1824040]
"Akamai NetSession Interface"="c:\users\Jura\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2013-01-05 980376]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-05-16 1084840]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2012-10-25 3093624]
"AIMP3"="c:\program files\AIMP2\AIMP3.exe" [2013-01-12 1705416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-01-13 509320]
"ATKOSD2"="c:\program files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 105160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2011-7-3 156952]
VPN Client.lnk - c:\windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico [2012-11-22 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-12-18 14:28 38112 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-04-13 09:25 8555040 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
R1 aswSP;aswSP; [x]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo32.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;d:\programy\Visual\Team Tools\Performance Tools\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 16:40 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 20:50]
.
2013-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-16 16:09]
.
2013-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-09-16 16:09]
.
2013-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
- c:\users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 16:09]
.
2013-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
- c:\users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 16:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com/?l=dis&o=1586&gct=hp
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {{807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - c:\program files\SimilarSites\similarsites.dll
TCP: DhcpNameServer = 193.179.143.3 192.168.1.1
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-02-05 11:06:27
ComboFix-quarantined-files.txt 2013-02-05 10:06
.
Před spuštěním: 1 627 312 128
Po spuštění: 1 435 095 040
.
- - End Of File - - 8152E20A63720799B07599D42B81524F

Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Spustte tradicne dvouklikem
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Search
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

ScCleaner:
Shortcut Cleaner 1.2.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/

Program started at: 02/05/2013 02:17:41 PM.

Searching C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Jura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Jura\Desktop\

0 bad shortcuts found.

Program finished at: 02/05/2013 02:17:50 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

AdwCleaner:
# AdwCleaner v2.111 - Logfile created 02/05/2013 at 14:18:23
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jura - JURA-NBNEPCOMG
# Boot Mode : Normal
# Running from : C:\Users\Jura\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\SimilarSites
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Folder Found : C:\Users\Jura\AppData\Local\vghd
Folder Found : C:\Users\Jura\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Jura\AppData\Roaming\SimilarSites

***** [Registry] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\cacaoweb
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SimilarSites
Key Found : HKLM\Software\SimilarSites
Key Found : HKLM\SOFTWARE\Software
Key Found : HKU\S-1-5-21-3741011086-1165501081-336709912-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=1586&gct=hp

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\prefs.js

Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.1] : icon_url ={"backup":{"_signature":"fgWCs7EOmT3VP9ZBvu8Kc64cdGbTin7ENmyw2b/GVUw=","_version":4,"browser":{"show_home_button":true},"extensions":{"ids":["ahfgeienlihckogmohjhadlkjgocpleb","apdfllckaahabafndbhieahigkjlhalf","blpcfgokakmgnkcojhhkbfbldkacnbeo","bmnckbpoocgdleejmfmafgmkngaipgol","coobgpohoikkiipiblmjeljniedjpjpf","eemcgdkfndhakfknompkggombfjjjeno","gkddaofiamhgfjmaccfcfpfolpgbeomj","hidjnkeodmholilgafgdlgmgggbhnigl","mfehgcgbbipciphmccgaenjidiccnmng","ndibdjnfmopecpmkdieinmbadjfpblof","pjkljhegncpnkpknbcohdijeoejaedia"]},"homepage":"","homepage_is_newtabpage":true,"session":{"restore_on_startup":1}},"bookmark_bar":{"show_on_all_tabs":true},"browser":{"check_default_browser":false,"clear_lso_data_enabled":true,"last_known_google_url":"hxxps://www.google.cz/","last_prompted_google_u ... rnate_urls":["{google:baseURL}#q={searchTerms}","{google:baseURL}search#q={searchTerms}","{google:baseURL}webhp#q={searchTerms}"],"enabled":true,"encodings":"UTF-8","hxxp://www.google.com/favicon.ico","id":"2","i ... erral_list":[2,["hxxp://ad-emea.doubleclick.net/",["hxxp://googleads.g.doubleclick.net/",0.7169280195380767,"hxxp://pagead2.googlesyndication.com/",0.8392878443759043]],["hxxp://googleads.g.doubleclick.net/",["hxxp://googleads.g.doubleclick.net/",2.387589482583341,"hxxp://pagead2.googlesyndication.com/",4.205008342460213,"hxxp://www.google.com/",1.645840265238927,"hxx ... 9482583341]],["hxxp://lp.ilivid.com/",["hxxp://lp.ilivid.com/",3.377380973946154,"hxxp://www.facebook.com/",2.066525344788971,"h ... 5344788971]],["hxxp://mochibot.com/",["hxxp://mochibot.com/",1.804354218957535]],["hxxp://tremolo.edgesuite.net/",["hxxp://127.0.0.1:9421/",2.769335610733743,"hxxp://aegdmjsdelivery-i.akamaihd.net/",3.704674128266330,"hxxp://aegdmurtmp1-f.akamaihd.net/",6.510689680864095,"hxxp://tremolo.edgesuite.net/",9.004925727617662,"hxxp://tremolodynamic.edgesuite.net/",2.769335610733743,"hxxp://www.adobe.com/",2.145776599045350,"hxxp ... 6599045350]],["hxxp://urezno.hu.cz/",["hxxp://adv.forpsi.com/",3.476352736350040,"hxxp://img.ic.cz/",3.206498870971269,"hxxp://urezno.hu.cz/",5.635183659380201,"hxxp://www.google-analytics.com/",2.93664500559250]],["hxxp://www.addictinggames.com/",["hxxp://x.mochiads.com/",2.590867596451844]],["hxxp://www.alfacomp.cz/",["hxxp://googleads.g.doubleclick.net/",2.908173791659586,"hxxp://toplist.cz/",2.908173791659586,"hxxp://www.alfacomp.cz/",19.97638425937596,"hx ... 4300836889]],["hxxp://www.jamwithchrome.com/",["hxxp://ajax.googleapis.com/",1.190873784511972,"hxxp://chrome-jam-static.commondatastorage.googleapis.com/",2.921203214999454,"hxxp://static.ak.facebook.com/",1.788582969804255,"hxxp://www.google-analytics.com/",1.1908737845 ... 6246095361]],["hxxp://www.silverstoregames.com/",["hxxp://cdn3.cpmstar.com/",4.950407728934773,"hxxp://i.flipline.com/",1.804354218957535,"hxxp://img.fettspielen.de/",1.804354218957535,"hxxp://lolgamesonline.com/",1.804354218957535,"hxxp://server.cpmstar.com/",3.901723225609027,"hxxp://www.castlegames.co/",1.804354218957535, ... 3225609027]],["hxxp://www.youtube.com/",["hxxp://ad-emea.doubleclick.net/",2.457556104889546,"hxxp://clients1.google.com/",2.145776599045350,"hxxp://csi.gstatic.com/",2.145776599045350,"hxxp://i2.ytimg.com/",2.145776599045350,"hxxp://s.ytimg.com/",6.186438994786131,"hxxp://s0.2mdn.net/",0.7735058679746404,"hxxp://s2.youtube.com/",0.6864224258847803,"hxxp://tremolo.edgesuite.net/",2.457556104889546,"hxxp://www.gstatic.com/",2.145776599045350,"hx ... 7823933669]],["hxxp://www.zeptolab.com/",["hxxp://www.google-analytics.com/",1.4873597484 ... 6338950967]],["hxxp://x.mochiads.com/",["hxxp://x.mochiads.com/",2.853038722283281]],["hxxps://2542116.fls.doubleclick.net/",["hxxps://ad.yieldmanager.com/",1.804354218957535,"hxxps://conversion-pixel.invitemedia.com/",1.804354218957535,"hxxps://googleads.g.doubleclick.net/",1.162908536844602,"hxxps://segment-pixel.invitemedia.com/",1.804354218957535,"hxxps://static.doubleclick.net/",0.06496407869187545,"hxxps://www.google.com/",0.7859766977779021,"hx ... 2534904477]],["hxxps://chrome.google.com/",["hxxps://2542116.fls.doubleclick.net/",2.066525344788971,"hxxps://chrome.google.com/",3.901723225609027,"hxxps://fls.doubleclick.net/",2.066525344788971,"hxxps://lh3.googleusercontent.com/",6.523434483923393,"hxxps://lh4.googleusercontent.com/",8.096461238912012,"hxxps://lh5.googleusercontent.com/",8.096461238912012,"hxxps://lh6.googleusercontent.com/",8.620803490574884,"hxxps://ssl.google-analytics.com/",3.115209848114717,"hxxps://ssl.gstatic.com/",2.066525344788971,"hxxps://themes.googleusercontent.com/",1.804354218957535]],["hxxps://edison.sso.vsb.cz/",["hxxps://edison.sso.vsb.cz/",66.71276983081236]],["hxxps://mega.co.nz/",["hxxps://eu.api.mega.co.nz/",2.60370040,"hxxps://eu.static.mega.co.nz/",37.94796180000006,"hxxps://mega.co.nz/",2.60370040]],["hxxps://platform.twitter.com/",["hxxps://cdn.api.twitter.com/",0.1666692280417050,"hxxps://p.twitter.com/",0.1666692280417050]],["hxxps://plusone.google.com/",["hxxps://plusone.google.com/",1.079796154861063,"hxxps://ssl.gstatic.com/",0.5623219142649912]],["hxxps://www.google.com/",["hxxps://2542116.fls.doubleclick.net/",2.007691368222829,"hxxps://apis.google.com/",2.007691368222829,"hxxps://fls.doubleclick.net/",2.517105595980861,"hxxps://fonts.googleapis.com/",1.752984254343813,"hxxps://plusone.google.com/",2.007691368222829,"hxxps://ssl.google-analytics.com/",2.007691368222829,"hxxps://ssl.gstatic.com/",2.007691368222829,"hxxps://themes.googleusercontent.com/",2.517105595980861,"hxxps://tools.google.com/",1.752984254343813,"hxxps://www.google.com/",4.8094696208920]],["hxxps://www.googleapis.com/",["hxxps://apis.google.com/",1.025771067023602,"hxxps://www.googleapis.com/",1.398892611660737]],["hxxps://www.sso.vsb.cz/",["hxxps://www.sso.vsb.cz/",5.738732888671998]]],"startup_list":[1,"hxxp://api16.starwebnet.com/","hxxp://api30.starwebnet.com/","hxxp://dnt.cloud.avg.com/","hxxp://ft.starwebnet.com/","hxxp://isearch.avg.com/","hxxps://eu.api.mega.co.nz/","hxxps://eu.static.mega.co.nz/","hxxps://gfs262n172.userstorage.mega.co.nz/","hxxps://mega.co.nz/"]},"download":{"directory_upgrade":true,"extensions_to_open":""},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"12999776186642215","next_check":"13004120522453770"},"blacklistupdate":{"lastpingday":"12999772794761215","version":"0.0.0.136"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"last_chrome_version":"24.0.1312.56","settings":{"aakhlmakppmkkmfkoibponkmmpgpmjgl":{"blacklist":true},"aandpgohbohmlknpjbblpmoladhoochg":{"blacklist":true},"abciiempgohamehppammbkhkicmkgkob":{"blacklist":true},"abfclfmhaemoockhhinpplncjehfpdbd":{"blacklist":true},"acmpfcamncegnhjdeiodgilikjafcamg":{"blacklist":true},"acomnmbomlajgjbcijkflekoojdfcldj":{"blacklist":true},"aconhjfogglfnkjhkjipaifepjklolog":{"blacklist":true},"aebfkgcamgnimcbnbiopgdakknjgggnm":{"blacklist":true},"aemcjbfajnnmhblifaejadoecfoaebld":{"blacklist":true},"afenhmponmfmdmbmccbmglppcmjhmhmh":{"blacklist":true},"aglmapjbjphdidmnileogpjkgpdoliep":{"blacklist":true},"agmhonoepgcnakccfpidhjehlocaeaaj":{"blacklist":true},"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["appNotifications","management","webstorePrivate"]},"app_launcher_ordinal":"n","page_ordinal":"n"},"ahjfgnikolodijnpakeknpilnemojlhc":{"blacklist":true},"aieglpnmmhleoenpbmfaffppfomgjmba":{"blacklist":true},"aieihijcjcccdiepockaiekhpflicdii":{"blacklist":true},"aifmjmboebdkdelpjenakhaodgneempp":{"blacklist":true},"ajlkjjdbgcjdiklbcomhnfghjigfccoh":{"blacklist":true},"akbdojiajlefghcdclgkgmbbljamgehd":{"blacklist":true},"alcbnnpmipohgdllkkglhkbncijplago":{"blacklist":true},"aldalonecchncedclgcndcndgilaclnk":{"blacklist":true},"alfahpoknocfdebmiclonikapcnljlob":{"blacklist":true},"aljdncnajablgppdcfbehhmidlmbndda":{"blacklist":true},"amfgdngndpfldigimkcindjalokfnmem":{"blacklist":true},"amoobcjlpgloocplpikcldcpjjdnoeii":{"blacklist":true},"anmjpohfnlopdfaojooicpemopnliimn":{"blacklist":true},"aofechiiopolnegcjcddgedjabmkemhf":{"blacklist":true},"aojicjocmihiopalnhjikigammkhgckb":{"blacklist":true},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"]},"app_launcher_ordinal":"w","from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"]},"install_time":"12999000804682374","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"cs","default_locale":"en_US","description":"Disk Google: vytvářejte, sdílejte a ukládejte soubory na jednom místě.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Disk Google","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"6.3"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.3_0","state":1,"was_installed_by_default":true},"apdmgffkfhjfeejmbjidennfjdkmmmbl":{"blacklist":true},"aphncaagnlabkeipnbbicmcahnamibgb":{"blacklist":true},"bcddmcejgphfgofbpoocakaeapfomlek":{"blacklist":true},"bdgijcibmhjjccgbdohofncdjcophknj":{"blacklist":true},"benclngoadbppljglhphhnfknoppmjoa":{"blacklist":true},"bhdkpmneahdelgdgfhddianklldfoell":{"blacklist":true},"bilgncckogfgfipdlejkffnbkgjkmflh":{"blacklist":true},"bioeopenmokdgbekbgpgnacecjmpckbb":{"blacklist":true},"bjihddggcgnblgojnmhpnngonofbnkaj":{"blacklist":true},"bkhafliomebnpccanacmlfaemgfiofko":{"blacklist":true},"bkkchglolnigbfncnbnnbhhempjkdpkf":{"blacklist":true},"bkplhcigeaiiliajeehehiikokgocbhb":{"blacklist":true},"bldgnkigdcpgnbfehgbameigoohecdfl":{"blacklist":true},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":["appNotifications"]},"app_launcher_ordinal":"x","from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":["appNotifications"]},"install_time":"12996861576178047","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/"},"web_content":{"enab ... blíbenější komunita online videa na světě.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","name":"YouTube","permissions":["appNotifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.5"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.5_0","state":1,"was_installed_by_default":true},"bmnckbpoocgdleejmfmafgmkngaipgol":{"active_bit":false,"active_permissions":{"api":["notifications","unlimitedStorage"]},"app_launcher_ordinal":"yn","from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications","unlimitedStorage"]},"install_time":"12996861767267814","last_active_pingday":"12996835182624421","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"local_path":"index.html"}},"current_locale":"cs","default_locale":"en","description":"Kdo věděl, že budování celé město mohlo být tak snadné? Makají bloky umožnit nejvyšší mrakodrapy.","icons":{"128":"128.png","16":"16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC81+fy6Rpx6NGEA325Y2xiT35v8BtafsxtwKQK4G9uYWtm7eDjC+aiITjf7oHr+i9rRz7cS66E0tur+6aFjy8iCc0EEW0rAInYqn474MCr0j+xZDVHtD3VpAhbEZgdccHsiUSyDlQFCjFaNqJb/NvH5IaXJ6V3aW/8Vi53xedkwwIDAQAB","manifest_version":2,"name":"Tower Bloxx","permissions":["unlimitedStorage","notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"2.3.4"},"page_ordinal":"n","path":"bmnckbpoocgdleejmfmafgmkngaipgol\\2.3.4_0","state":1,"was_installed_by_default":false},"bndahdijlcnncjbpammoedeapmlobllc":{"blacklist":true},"bnffnggkphadlnoopcoakdnkellnifjp":{"blacklist":true},"boaoagnmpennjoigkkmnjhecapibhfko":{"blacklist":true},"boclfockfmgcppbajihcgajhpggaakgl":{"blacklist":true},"bokkificjhapflinbdejegngffgkcgfe":{"blacklist":true},"caphkimknlmnhpjoneddiaakmcaajagb":{"blacklist":true},"cbbbpmlnlpnjojeplppgeilanlihoojg":{"blacklist":true},"cbbjhegipokkofhhicbckicchjpcpeni":{"blacklist":true},"cbhhdkemlehgodemcigfabmcdnohhhef":{"blacklist":true},"cbjlfaogacjpkplebfbijaakaifoflno":{"blacklist":true},"cdogaeccgljmkecjmoedambgiekkllij":{"blacklist":true},"cekdjgnecpoooikhmceokdhojckkkhmh":{"blacklist":true},"cepfogmgfkddnllaopgknbdfkceejmhk":{"blacklist":true},"cfbdodejdeejbkffcmiaknpmojjeibpn":{"blacklist":true},"cfogpbanfnocakdckmgafapdlmclpiln":{"blacklist":true},"cgnegjfmdfenjojhjffejinpnpoglmlh":{"blacklist":true},"cgnkbnaiipmfbakpmhllalggoepniemh":{"blacklist":true},"cihlkpohodpdkdnfalhdkhhlhmhffmbe":{"blacklist":true},"cjhklhdjonhcohlacgggcbklpnldleck":{"blacklist":true},"cjohbbapkbkkhpohinffggbphnhoblea":{"blacklist":true},"ckckpgefkpjfopjppjfcikppehdhceah":{"blacklist":true},"ckphhghhpjbfddcgkpfbelfeojcciglo":{"blacklist":true},"clapnamcglekekmamicmbahkghdcjaeh":{"blacklist":true},"clfhanhcjmgjnbpjfopldmnabimhmcmp":{"blacklist":true},"cmjphjljejnfgdbkdgdlclaabimpknna":{"blacklist":true},"cmlokmkdolieoaoddlfhaidnlmiadhik":{"blacklist":true},"cnimdnlablahacgompaahbgohcokcclp":{"blacklist":true},"coajchbkdbfhmhbgcjepiofllfjjcpfp":{"blacklist":true},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"app_launcher_ordinal":"y","from_bookmark":true,"from_webstore":true,"install_time":"12996861577129047","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"cs","default_locale":"en","description":"Nejrychlejší způsob, jak hledat na webu.","icons":{"128":"128.png","16":"16.png","32":"32.png","48":"48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIiso3Loy5VJHL40shGhUl6it5ZG55XB9q/2EX6aa88jAxwPutbCgy5d9bm1YmBzLfSgpX4xcpgTU08ydWbd7b50fbkLsqWl1mRhxoqnN01kuNfv9Hbz9dWWYd+O4ZfD3L2XZs0wQqo0y6k64n+qeLkUMd1MIhf6MR8Xz1SOA8pwIDAQAB","name":"Vyhledávání Google","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"0.0.0.19"},"page_ordinal":"n","path":"coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.19_0","state":1,"was_installed_by_default":true},"copjbedljgpkaakkmbhgkpoaadeahido":{"blacklist":true},"cpiiakoibaohkfoaijaigdnocfolnmll":{"blacklist":true},"dadcalgappognjbjpalfophhcfakoeac":{"blacklist":true},"danapgfidmepmcfbjjacceiaiiioieio":{"blacklist":true},"dbanhghadfmjndnjmmejdgfdmgidlbpm":{"blacklist":true},"dbiblcmlcgdjjbdpbmbcpineegngkiip":{"blacklist":true},"dbmdicehacbaohlockjgdglcobimmjkh":{"blacklist":true},"dejippphmhbpgckbhdidnjmdcpfccbaj":{"blacklist":true},"deocpjmfifplhepinpkmpinpnbiemfje":{"blacklist":true},"deonbedlmakdddidplniclflladdjoep":{"blacklist":true},"dfafokiagoiocidlpglcanjkcdbdnioi":{"blacklist":true},"dfoegfajplmijblljfancdapbdaopebb":{"blacklist":true},"dgaehaeahdegbdlenicbmkbakhdgoeml":{"blacklist":true},"dgcfmgdfbfbgcpbendbhbkfjppboebed":{"blacklist":true},"dgkemngdheppgohkjjelnkjmdeimmfml":{"blacklist":true},"dhclobcklknojliojkkclgjndemadnig":{"blacklist":true},"diinokaoicgobepmadnmedlhdfnpehcj":{"blacklist":true},"dinhjcapnfbffhiihdlnbdfjdjjfhcbk":{"blacklist":true},"djnahdkbfgnhgpakidinfonfcjbagkgp":{"blacklist":true},"dkhkecikbdfpoiopnnpoeglbdphgflmf":{"blacklist":true},"dlobhinihbmedmheccecfnkcadpehmbf":{"blacklist":true},"dmabikjmolgegjajdhmgpmgffajlmmkb":{"blacklist":true},"dmhgenmamfphbclmhdgmffajkfommkom":{"blacklist":true},"dmhjdbigobajgnfoabodjgmcdgoeoljm":{"blacklist":true},"dmkdhgkknhnfpdjeicefnpmhcpbimden":{"blacklist":true},"dnemhlkdpajbbniphgkgceplmnkfnhfo":{"blacklist":true},"doneghboglgnflpdicnkaojmmljgejkj":{"blacklist":true},"dpgenihgggagjjggfocjceeobjkadcbc":{"blacklist":true},"dpmloehicimdjkibmobhmpgdndgbcced":{"blacklist":true},"ebdcdchjcndpjhehacedepnggfdbfkpn":{"blacklist":true},"echjhfifjidfhoappglfmoffcpmpkigb":{"blacklist":true},"echngajnlpjeacbanjejlhcajjfoedcc":{"blacklist":true},"edmnikahahfkfilbbjbdoiabnghbkmjc":{"blacklist":true},"efbeabpbbkahnnjalakldjfhljboclkf":{"blacklist":true},"efhjelcghjkfigiagdfbfilndaffpmdj":{"blacklist":true},"efnaljpgehfilpmkhobibbjceeeondmn":{"blacklist":true},"egljdhfnbjahogjahnigfnbpidlmdagi":{"blacklist":true},"ehgoiaffgjoinpkllmmnikghgpghnabc":{"blacklist":true},"ehmjnpjodmgeocfphkjjnheiheehcoid":{"blacklist":true},"ehomcoocpagnlcakcbecdaknmacmedld":{"blacklist":true},"eiflkkehgogioennialfbilppmegcpoa":{"blacklist":true},"eihjeehdobnpkonebmpanonopghepfle":{"blacklist":true},"eijbdinddjecmebnlienfoijpjjobkjh":{"blacklist":true},"ejakhnjbomgngodiidgbkapjgbdckhnh":{"blacklist":true},"ejijgghlncnaphklndknkbkclebfboca":{"blacklist":true},"ejlekamipdcfcfpgfepjmklllbpeecaj":{"blacklist":true},"elcaigjcaijbfpjngaekbblphmfjdhfo":{"blacklist":true},"emcdpbapjmnjgoannclkongdfboaabho":{"blacklist":true},"eofejpelggimkodeojpeojnbijgiglgh":{"blacklist":true},"eopmhecjnginkckggjmhombbopmkjpam":{"blacklist":true},"epbmnbdplhcomkedpjfceakddnbgfjmf":{"blacklist":true},"fafoohpbicgbcejffcplajonhhooddle":{"blacklist":true},"fbhiehmngojjcmljddjmgpmcockbccmo":{"blacklist":true},"fbjjhbijaiopkcdolheliknnjlkaekeb":{"blacklist":true},"fcfepemfihgibdacjlnlecebknaaepmj":{"blacklist":true},"fclheclkknbgfndeahkfdomollhmfkcn":{"blacklist":true},"ffgfbfakpcnngelphjnppokmoicdollk":{"blacklist":true},"fhlkffpjoajppmhcakbkjndbjfljccpi":{"blacklist":true},"fiapkdjniadkodmdibdnchoifkpfoiid":{"blacklist":true},"fibgploapkhokkbncddlkcmbmiengcfp":{"blacklist":true},"fihepkmlkmciffbhijldnpmifhbkiinp":{"blacklist":true},"fjhfnfakmfcejgmfkmnapemgblmehppf":{"blacklist":true},"fjjeecfjmgfnleghoellhldedkaocjfc":{"blacklist":true},"fleljamdchegbjeiipbnmiebnhgheeld":{"blacklist":true},"flmmgcfcpbfddenepkfmgfpbaceolcoe":{"blacklist":true},"fmcccidacjgnfiafddkngmeolkoiihil":{"blacklist":true},"fmonlemffgbabjifjfaoamdflijecdbk":{"blacklist":true},"fngolbdmkneakeaoiieafkilnogbocda":{"blacklist":true},"fnhcgnmfccojojojacgeiaaeacefdohb":{"blacklist":true},"fnkaadkanmfgpfbmdcllhjdgmdbgljpi":{"blacklist":true},"fnnmbghphdnmmjdapccfobgjemjadeli":{"blacklist":true},"fnoadkjdjfgafomgmablhmffooijcfbn":{"blacklist":true},"foenbafkkmajnmfnlcmejonkfaipdmme":{"blacklist":true},"fomljmklmcefndkgpakgifbiiidgbjej":{"blacklist":true},"fommcgokigkhmnhlhlkckfjhefnmfohd":{"blacklist":true},"fpbippbofbmgmbojjmgfcifpmdaelcmd":{"blacklist":true},"fpbkafpphnhlpakobppekmkebmbhkoco":{"blacklist":true},"fpjdackpllilinpkgmhkpidkanmccblc":{"blacklist":true},"fpmajanjndhgpifbcbnklbiehgnpkgmf":{"blacklist":true},"fpoajjnnpmledpmohlgpgbmlhbgkgahg":{"blacklist":true},"fpokembamndopkflopmplkklbdngnknd":{"blacklist":true},"gaicmfjflflabagobdiodejfpjikheeo":{"blacklist":true},"gandihaiobadcggbfkhpbkocmiemjlnf":{"blacklist":true},"gbenikfjhilhpgagllmfgggdjaflbmbi":{"blacklist":true},"gdggdkkjecogagaffaemnbfmllcoihjp":{"blacklist":true},"gekkhpjigmckhgmgngadbeknekgpgolb":{"blacklist":true},"gfjfhihpkmehdmblhfaikkipeplpdcla":{"blacklist":true},"gfmmoiakbmdohkgeoekiokjgljcminig":{"blacklist":true},"ggkpicnfnljflddbdoeeaajjgepapcbf":{"blacklist":true},"ghgphbmpcfgkfneodjpbdanmdoemklio":{"blacklist":true},"ghmaokcegalalefnhlfcnjhnpdbanjkj":{"blacklist":true},"gifglngcdbggmlgkcombebegdaoknkho":{"blacklist":true},"gjkbghdignnlcknknflbigpammebiolo":{"blacklist":true},"gjmhdmobkhfhkpfmfegnkkimlamjdldi":{"blacklist":true},"gkddaofiamhgfjmaccfcfpfolpgbeomj":{"active_bit":false,"app_launcher_ordinal":"z","from_bookmark":false,"from_webstore":true,"install_time":"12997550906928631","last_active_pingday":"12998995199614374","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"local_path":"index.html"}},"current_locale":"cs","default_locale":"en","description":"Cut the Rope, catch a star, and feed Om Nom candy in this award-winning game!","icons":{"128":"128.png","16":"favicon.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQAhJp/fp27Q91BtdH8TAxwX8U/UuATKZiwTfodpmf5ZPIC6SO6dDuTfLICiqD+j/4O41GKrzpawVuTHV8VZ5YqCrA1Pex1gb3kfosaWCGPBhnEjG/f4Z7VhqgCEj8dwbsfMSxb42hztbF/qIhqNw4nPuq6VTjUVKG3WwHZlyPiQIDAQAB","manifest_version":1,"minimum_chrome_version":"18","name":"Cut the Rope","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"14"},"page_ordinal":"n","path":"gkddaofiamhgfjmaccfcfpfolpgbeomj\\14_0","state":1,"was_installed_by_default":false},"gkhbgnodbilglgholifcjdblbgdaieah":{"blacklist":true},"gkjeccpmibljcfpfapfljciimedljpnm":{"blacklist":true},"gkjmgdpdndoaiholejnmdbbpdaafahmm":{"blacklist":true},"glhhlafadlhkgbklgbjnmblfhnkfknbm":{"blacklist":true},"gmghjgfdialcnhadahmjefeflgnhcjeb":{"blacklist":true},"gnapdhmknipknfmhhnhdmhakdfhgeing":{"blacklist":true},"gncfgndgeoddelbfhlndhljnecoednaa":{"blacklist":true},"gngmkbiihflpghldjnbpemaicedhdddk":{"blacklist":true},"gobjcjhhebpjbmjdgmejhebbleadnceo":{"blacklist":true},"goedioiidkokkbobdnopnlnaaalniegm":{"blacklist":true},"gpgehbjbkfhngdlfpfeokjgbkmmokjhe":{"blacklist":true},"gplgjmecjpbfcdikpbicknafcnfcidek":{"blacklist":true},"hbaajkahagmlkdekmbdabikbopdgpaac":{"blacklist":true},"hbdhabpmbbanaopgkbaondabkkepjfaf":{"blacklist":true},"hbmlheccjkodhfejcmblndjodllmnlnl":{"blacklist":true},"hcapokajkngndbglnfglpfdpoeidmpha":{"blacklist":true},"hcpndbchnlgojmnijaldkicigmihmdca":{"blacklist":true},"hdijkiondgomjpehfhopomicjbiodmcm":{"blacklist":true},"hdnbmmfjbblajkjkcaeofolgfnljpnim":{"blacklist":true},"hecijapnccjhonbmacmkmffooodfokoo":{"blacklist":true},"hefmoncdemhjembgbnkgglhlookbipdc":{"blacklist":true},"hfcgbiofoebieldldghfocjfnnajmpej":{"blacklist":true},"hfjpjodbolkmheaehcnmfhjakjileoof":{"blacklist":true},"hfpfbhnmbbigpmoodjemilggabklpopj":{"blacklist":true},"hgbaomphocgmdpmiohjclchaaljpaelp":{"blacklist":true},"hgboiaecclcbjphldpbgfgggcbihmnai":{"blacklist":true},"hgjgaeknhmidehalnmokomhpfhbfmpcm":{"blacklist":true},"hhbihfbjoifhhebcnchglobmkmapgjkm":{"blacklist":true},"hhfffemhgkginfafaoapljdllodppana":{"blacklist":true},"hhfiljkpjapjjphcocclhhaldpfkkjbi":{"blacklist":true},"hhjmkijkgojfifipdgmiemghfikbohcm":{"blacklist":true},"hhlgbfcfbkhlmajakkcjippgpcmejkko":{"blacklist":true},"hidjnkeodmholilgafgdlgmgggbhnigl":{"ack_external":true,"active_permissions":{"api":["tabs"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxps://*/*"]},"disable_reasons":1,"from_bookmark":false,"from_webstore":false,"install_time":"12997550832283196","lastpingday":"12999772794768215","location":3,"manifest":{"background_page":"background.html","browser_action":{"default_icon":"images/icon.png","default_title":"SimilarSites","popup":"container.html"},"content_scripts":[{"js":["js/content.js"],"matches":["hxxp://*/*","hxxps://*/*"]}],"description":"Instant access to the best sites related to the one you are browsing!","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC62R91V+xWnJakfW5pMIHapFSi9cVfMIATpC0YS7fX7sP7pb+rf2ix4v9tFkC4TJRx5Hc0fON2wabPWtOtD++arfoVeYXKv51KdbFuTK7BA6IypM4g1fkvdeja9gdmpQfSjdgGTF7bel7lbmzwfbJsiA64YhAMPg8uNjIAq+IQNQIDAQAB","name":"Similar Sites","permissions":["hxxp://*/*","hxxps://*/*","tabs"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"1.6.5"},"path":"hidjnkeodmholilgafgdlgmgggbhnigl\\1.6.5_0","state":0,"was_installed_by_default":false},"hilncbjbdpnfepdidfchmdclhpnlegpj":{"blacklist":true},"hjkhligcnpfjhjlapmejaiaiigibofif":{"blacklist":true},"hjnigaibahdeadcdnpnommdehajodlhc":{"blacklist":true},"hkbgccpdcpbdckohbknjlamamelcnlki":{"blacklist":true},"hkjcejgfmaanpncnpoidgbhoikcaeepd":{"blacklist":true},"hkjfdgjkgpbbdmadbglcgljjjddkcdha":{"blacklist":true},"hmmoglffhpmacaacfbbmbbkcbdkjphnc":{"blacklist":true},"hnbcdmfeoldeppcbnnjmjkdofohaljbn":{"blacklist":true},"hncomkjbbkchfjelocejkbbflmjhlhfp":{"blacklist":true},"hnipgljcblpgnnojcfldehpeknhakbgj":{"blacklist":true},"hnkcpoijaeegompjgbjjhkdmljldaccg":{"blacklist":true},"hnnebfeppcbhhbhiifeaajgcjnkljlld":{"blacklist":true},"hnonhhpgjnjcjfbkjdpfbkfpaodcmncb":{"blacklist":true},"hpcdoodjfcmpcpkeendjnjkeinimhkih":{"blacklist":true},"hpibmhghjndideebpackbdlpncgkcppp":{"blacklist":true},"iablioliielnhdianpbiijaoncbmfend":{"blacklist":true},"iccblehkchfmjgfafjcpjlkjcponhdhl":{"blacklist":true},"icihfeaofpcfehanhbnjigdlpfahjlee":{"blacklist":true},"idbdlnkdnaodonmgnimcfelpngbmcpjk":{"blacklist":true},"iemfpgbdjfoihicbocpbjppipdbfimeh":{"blacklist":true},"ifbkndkaolfbjjhnnhfmkbkoclpdkpli":{"blacklist":true},"ifeijfpkjckedpclgncedmgdiaoeahmk":{"blacklist":true},"igaajdmlejbjcbmpmnigopikfdaccdcm":{"blacklist":true},"igbaoknfddliiaoimhehfbkfekpmmfll":{"blacklist":true},"igghanohiioehififjoalfkdoicafjof":{"blacklist":true},"iggjepemmdkieakihpomccndhdfcljdp":{"blacklist":true},"igkdgkdiiolilocklmiolkpoohacojop":{"blacklist":true},"ihnembcpodnfgkafmiojebccomjekopm":{"blacklist":true},"iiiinekimabooeihccihfopoadcaaphn":{"blacklist":true},"ijecjbcgpblkacpijljpaienknanaloa":{"blacklist":true},"ijenlpgidnapbndonoinbkhekgjonojg":{"blacklist":true},"ijjmbbddenkbenbcfldgghhjgjmcnioo":{"blacklist":true},"ilhjicgcglhjigdehkcehjdokmkahbjl":{"blacklist":true},"iljfgjkppapinhcgonhjnipfppfmfedh":{"blacklist":true},"ilmknaabackgdbnkgbihgpgiopnlkjek":{"blacklist":true},"imfbomjbodpfgfhfahlgkkcllmhbelhk":{"blacklist":true},"imkffpjpdngdkpgadcmnlkhhmhdocijn":{"blacklist":true},"indfhnliadamglhalanplbajgenpjdml":{"blacklist":true},"iobnpmeeecphddicmhhmdjbnlbdhjlne":{"blacklist":true},"iomejadoamfilglofmeaffghddcgapmf":{"blacklist":true},"jabpdgllijbnknhkgjideeajfofafckp":{"blacklist":true},"jaejgaoiipdjjlbnapngknalafalbkej":{"blacklist":true},"janhdpmhnighonkkbkdpnljcoenpfkbh":{"blacklist":true},"jbfebbkjjmkcoldeaeelhpconkmgjhbg":{"blacklist":true},"jbmbiepnidbnhbbfdbgioomdkgnbcacj":{"blacklist":true},"jbnafcjbcfgejacaanogofkkehcomamp":{"blacklist":true},"jcmipejepoimfflnoapdmkdephgjinck":{"blacklist":true},"jddbdddmbfencninofcgnodekclofpaj":{"blacklist":true},"jdiakcmbpmcnniggjcmcjknnklpdlogc":{"blacklist":true},"jeehjhnmgohgpfpjneglogiholalkeip":{"blacklist":true},"jfalnphfjdoalcdhlnhdpekbmmopkgkj":{"blacklist":true},"jfhmafmjfdblceidmfdmoihamolaaeco":{"blacklist":true},"jfjagidcpadkoaonbogmbgfimmnefeie":{"blacklist":true},"jgdkappiifgomhgikcjbanhnmlekpeje":{"blacklist":true},"jgmpapdckakiohhebmeoemejibommimi":{"blacklist":true},"jgoljhcbgajhbhnchplgjdkknendhjnn":{"blacklist":true},"jhhabiomopkibeecgngiggmopkeofacl":{"blacklist":true},"jindbcpkhnnnjgcjgmkjedbibibiojjf":{"blacklist":true},"jiofcofpcbijcnlpekdkpmgjdppajbjb":{"blacklist":true},"jjnkfllhcgkgnfbekpnmoikpfihpjfli":{"blacklist":true},"jkihmglffmfjedfbpbpdbbimcodjbmdh":{"blacklist":true},"jkmhalpofmlfeglboejbchpoijnkmcgh":{"blacklist":true},"jljfnkmkkdkppfndippkedacgfkafped":{"blacklist":true},"jmbkhogpjgjpfjhpdikloblkbkljkgao":{"blacklist":true},"jmeanodbelbflfmnkfdjgpikmldgjjko":{"blacklist":true},"jmifipgdcllamghkhdplfjffkciekbgo":{"blacklist":true},"jpehgolpfgnknboibogccapmdcadjkbd":{"blacklist":true},"jpeijjbllejgmokmahkeommcodahoobm":{"blacklist":true},"jpgidahfcgiajlcbleeiaibpmmblcmnb":{"blacklist":true},"jpkdlckejfjidmplieobnhijmoiecbhl":{"blacklist":true},"kbipembkfhbdmkkkfbigmohilmknjnof":{"blacklist":true},"kcanfkmhccbaheheaackijegkclkaeic":{"blacklist":true},"kcfnnanmpghdnoompcfclakpacapnfbn":{"blacklist":true},"kcgplbmkmfcpngilmhjmebdgkkpbdemp":{"blacklist":true},"kdchmeaiapjkejkcbeclgjklemecieeg":{"blacklist":true},"kdfahjokahcbmecgaandpobmgiiknagf":{"blacklist":true},"kdjhalklkkcmodeicjiaekcgifkcepaf":{"blacklist":true},"kelcbonmemlciepjdmfcifnhloeammhj":{"blacklist":true},"kelljdoinjlkmkncffgadbebgpmlcang":{"blacklist":true},"kffhenjbibjnbnjhlkcdlmpeccpaohio":{"blacklist":true},"kgbkdabomfdpfoibliicpmibceaoohgh":{"blacklist":true},"kgdhnhadbnpeibkghaebmhmngobdafag":{"blacklist":true},"kgdkcodealpfjolmiagcogfbgmaamegh":{"blacklist":true},"kgdmldjagfciieddcnlhampgkajkpanc":{"blacklist":true},"kibgmcdcfmcglajcfbecilngejnfppjp":{"blacklist":true},"kiipngoehgkgkackngaidmhmnchfbmio":{"blacklist":true},"kinhljbhjmcmoddhdoodekeklmjapjff":{"blacklist":true},"kkhomejdleoonmbdhcigkhkjcghngncf":{"blacklist":true},"kleaapgdkahaekcocmkbgfainbhihccj":{"blacklist":true},"kljhmdlkclaglodecegamnpioaflmage":{"blacklist":true},"kmlebjoghkhpapfhbdikannggmmffnco":{"blacklist":true},"kojkdbedffnppdoalcfkkeelbhbklhgp":{"blacklist":true},"kolbbghckjilleabphhgeggcgpfidofi":{"blacklist":true},"lambangeielkjcnmioccboaphdfcffib":{"blacklist":true},"lbaddolhebpnhdcdkicpcflhnfamcemn":{"blacklist":true},"lbficnmfealeidppcbgdcbemgfjodbkg":{"blacklist":true},"lceaiepehinnomgijphkmjccbigkljkj":{"blacklist":true},"lcfkojlnjnedeoepfemhdgkhiabkeadc":{"blacklist":true},"lcmpleboacinanffcdgenhhbkboclkjb":{"blacklist":true},"ldgfapfmnplpaohbbadnecegcpfkfall":{"blacklist":true},"ldmoahefokhfelhpbgfjpelcdbahdofk":{"blacklist":true},"leccghfplhenabeogpibljliijgapfgb":{"blacklist":true},"lfggokjjaanlfikbbapgnfemifmddalf":{"blacklist":true},"lgalokbapphhklmilicdefmgbjkcmldf":{"blacklist":true},"lgcnahanhlfpceencjmlehpfklokhojk":{"blacklist":true},"lhajoamjgchgljkdjigcgmmcehjkagan":{"blacklist":true},"likifpgnijjfbdegfepoalpamlgnfofi":{"blacklist":true},"liomofjeffddiiccaolcnllbhnipbkhe":{"blacklist":true},"ljcicfibknpmlcmcecddjlbgkejehhpa":{"blacklist":true},"ljeihpebkahejeacdalhkhmckmggppif":{"blacklist":true},"ljmjoloiepllcndinchenhomcdcgbgef":{"blacklist":true},"lkdimamelhbiijkiljlnedmhnnkkmlbl":{"blacklist":true},"lkfdchejjogilmloogbbjlnlpbhgjfab":{"blacklist":true},"lkhcbijhgfchgdmklonlobkfbcadbokg":{"blacklist":true},"lljnngafekbnkpdfophmcdlbfebcbcld":{"blacklist":true},"lnahlgmhpghkhmafjppdidhcoaomipfg":{"blacklist":true},"lnbeebaenahmkbffnimghceldeeihfak":{"blacklist":true},"lncjcfkpannmofmpgdfoonkniofdnaba":{"blacklist":true},"lndempehphjoeimfchjflohpmhamiamf":{"blacklist":true},"lnjgjionmhobdfdegbciceafphgemjnc":{"blacklist":true},"lnlaeblencbjjjeaanegaldcjfekeled":{"blacklist":true},"lodollblmkailkkdiijmoccefdfjohgk":{"blacklist":true},"loggadfheaoeabmkgolecncpfdfioefa":{"blacklist":true},"lojppnndedobolgfepahepphhloediji":{"blacklist":true},"loldehkdjdncebfnncknlkdchjclifbn":{"blacklist":true},"lookpbabilcplifjdeifacodednpacmk":{"blacklist":true},"lpgiafapdmlapiokjnmpbbfkomiceoml":{"blacklist":true},"lplmcpcnhpbffpcfiaddbeaplhhbengd":{"blacklist":true},"maakimnachffhlgdhfomaejeeaikgjap":{"blacklist":true},"magllcifjcllaafcdplnajmobccbcdlo":{"blacklist":true},"mamfageekafifnickhgkibkofcclfefe":{"blacklist":true},"mandondadnlimicalgkbkaohmeopdojj":{"blacklist":true},"mbmdaiddhfoljplpdhohimgieioblfif":{"blacklist":true},"mcbkimglepddodbiongpohpeidioafgk":{"blacklist":true},"mcknnlhkkdbcppajgefagceglahcafjd":{"blacklist":true},"mdiehnlecbjlppbpaaipmlnhhjgepfcg":{"blacklist":true},"mdngbiejioalifclonjepjjfppmbgned":{"blacklist":true},"megkcfpbmemnpkgadkoompnoajcolpni":{"blacklist":true},"mfffdpnblflpobcnekhekiahepofaane":{"blacklist":true},"mfhfkclojmdocagbmecgcnlofppebebd":{"blacklist":true},"mfncimdpmknolnnnccdmkpnpkaofonkc":{"blacklist":true},"mfooalpniplhaaealemjpchkchmmgdko":{"blacklist":true},"mgdgiplcofghdmpekdeeceolepakodcb":{"blacklist":true},"mhbffdldpckobeihgebaamjalehefnia":{"blacklist":true},"mjalegijammcloleihdmooifidcjggjp":{"blacklist":true},"mjgobkikdipfikmaoakdcdbicpioljgg":{"blacklist":true},"mjolnadmlahbpepjaemohnkhpjkbhmef":{"blacklist":true},"mknjbohhleiicbpagpgmhoaigbblmnic":{"blacklist":true},"mkobblpffgbncfhijabakfafmkjdmmnm":{"blacklist":true},"mlmegahemifabfmdnndafagnncfbnahn":{"blacklist":true},"mlmmbepkgelpbenpobinockmiehdahai":{"blacklist":true},"mlnoedbhndgbjcbeadjfnmjloejlgojk":{"blacklist":true},"mmjodihhmnpkldljaifiajmlnpflfhpm":{"blacklist":true},"mndoohjdoechinpkfbkolflbonciahfo":{"blacklist":true},"mnhcgaghminpdabllkbkecahjfkdiabk":{"blacklist":true},"mnichagcickblneeijmfnmoiakigmmhf":{"blacklist":true},"mnllienogacopjnkmhgnniopjpgjpopp":{"blacklist":true},"mogepbcllienegdibkfpmombhefhcoic":{"blacklist":true},"mpgehpkneknbopplhmmkfijfiniddipf":{"blacklist":true},"mplhbhmkccidaokcelbcbcmhhedebcng":{"blacklist":true},"mplpabdbfbloeiboikmdbnggfnjbjmlh":{"blacklist":true},"naopgnjebjeeedbbhcadkhkmeefmloho":{"blacklist":true},"nbieffehfdniifkgdckbndjhojohbfjj":{"blacklist":true},"nckmikohoilfkcoahbjpbgbpegcjgngm":{"blacklist":true},"ncpdanjmicnihdlijomcggnnekloephc":{"blacklist":true},"ndhkiimgbjnendpcfbiadlifmangejoa":{"blacklist":true},"ndibdjnfmopecpmkdieinmbadjfpblof":{"active_permissions":{"api":["plugin","tabs","webRequest","webRequestBlocking","webRequestInternal"],"explicit_host":["hxxp://*/*","hxxp://dnt.cloud.avg.com/*","hxxp://dntf.cloud.avg.com/*","hxxps://*/*"],"scriptable_host":["hxxp://*/*","hxxp://toolbar.avg.com/*","hxxps://*/*"]},"creation_flags":1,"disable_reasons":1,"from_bookmark":false,"from_webstore":false,"install_time":"13004120154213864","location":3,"manifest":{"background_page":"content/background.html","browser_action":{"default_icon":"content/icons/avg_icon_16.png","default_title":"AVG Do Not Track"},"chrome_url_overrides":{"newtab":"content/redirect.html"},"content_scripts":[{"all_frames":true,"js":["content/js/content.js"],"matches":["hxxp://*/*","hxxps://*/*"],"run_at":"document_start"},{"js":["content/js/ntinject.js"],"matches":["hxxp://toolbar.avg.com/*"]}],"current_locale":"cs","default_locale":"en","description":"AVG Secure Search","icons":{"128":"content/icons/128-AVG-logo.png","16":"content/icons/16-AVG-logo.png","48":"content/icons/48-AVG-logo.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDaBhCcd8V6V8SwALoaT+A51wnypeg3PtHPFZ6/1OKPFykl5ejJUJj4iBdO6hwupZS9r69OFb9AF0NPAxXqMfuh/mVqguifgJiqVV7tLaQ5tGAIy0pACKYaTICVePngldEIu1VNSf8A+YoQIt0LL7arZL5E/0iIoqX4Yd04Q8X2HwIDAQAB","name":"AVG Secure Search","options_page":"content/options.html","permissions":["tabs","plugin","webRequest","webRequestBlocking","hxxp://*/*","hxxps://*/*","hxxp://dnt.cloud.avg.com/","hxxp://dntf.cloud.avg.com/"],"version":"14.0.2.14"},"path":"ndibdjnfmopecpmkdieinmbadjfpblof\\14.0.2.14_0","state":0,"was_installed_by_default":false},"ndiogongcmocdgjciemhagfhpjamehpe":{"blacklist":true},"negkalblfongjbphdcbbhddlickhlamd":{"blacklist":true},"nepfiodmbijheamafkiglonfkjebdjmf":{"blacklist":true},"nfecfkjnlkbphobjbcnphimihniieehc":{"blacklist":true},"nhbfbnmmdjkjahhfdeklgphihfodfgnb":{"blacklist":true},"nhboiakpmibkbkbeehchlfkggmhphpnk":{"blacklist":true},"nhkmojkfnknbbmhbnacjdlodokeophkl":{"blacklist":true},"nibohffepnilngkecenfdgnokfhmnkod":{"blacklist":true},"nidmbljkkcbdfklgdkklgjgmhejmbojn":{"blacklist":true},"nidodbfomffkfabciljelkbdiabkeehe":{"blacklist":true},"nifbebeekindefklojhchehidpikbjfc":{"blacklist":true},"nihhbeikpchdddoillfdcdinnnnllmna":{"blacklist":true},"nlgapikcofpablcmfgaoodlhiejiehhh":{"blacklist":true},"nloaaepkhcnmoakooihnefhhggbmemed":{"blacklist":true},"nmgpbidjnaebdlbdbpjggenmbaolmfoi":{"blacklist":true},"nmmnodocfckpoddcgihiihcdinaonckb":{"blacklist":true},"nmphbnbmgfccfhcmibikmhcgajjpelpf":{"blacklist":true},"nnioepmjbjjlflmdgjanlcmbjahljeeo":{"blacklist":true},"nochkknnbahbhmmknnmdhagelcnfagom":{"blacklist":true},"noefghcilkpcabnhhilojimkkjplhcnd":{"blacklist":true},"npadaghbcdejfngcjpbnoikajdnongca":{"blacklist":true},"npolaghondefgiomhkbiiompikfjneep":{"blacklist":true},"oakhllhnbcpgagdafgbninlpjdemdmjk":{"blacklist":true},"oanjogmonneelfpnfmdlalfddkeckdej":{"blacklist":true},"obgljnmbldahelaakfdbjkplokjoneip":{"blacklist":true},"ocmhjnhildbnglmlfimkjnnfgddelacb":{"blacklist":true},"ocnlnkjmfnolmbclblfhfhcakldceiec":{"blacklist":true},"odeckaficnaplobiiaomegfbokokehhb":{"blacklist":true},"odnamglmogfldajnhkfodmloofeokcmm":{"blacklist":true},"oghphhcagopecifjblgdcfihjnlcbcfc":{"blacklist":true},"ogjbodghhojomghbdfnlkppdagkfjede":{"blacklist":true},"oidjdpbndkjhmhmgdoggibcjnippkcgo":{"blacklist":true},"oilfokmpgejhjhecdjjpikloibggpenf":{"blacklist":true},"ojglppmhgfohhfeinlhklglifnbfebak":{"blacklist":true},"ojmdhklabgbnnkkilmkcfcemdhognifc":{"blacklist":true},"omceiakkomngangmllpgbjcoeloglald":{"blacklist":true},"omnicnmbagoinlpamknknbcgopadcoci":{"blacklist":true},"onfbaaifbbahonepmednhkjbhdgogkbl":{"blacklist":true},"onjaecbdddgibdijafoemfiachlbcgkj":{"blacklist":true},"onpnpccdagncipgnoofbhchlbajcjnkd":{"blacklist":true},"oocfbmollajebjjpkahmlnclfhkjijea":{"blacklist":true},"ookcgejbfhcmcanfkfmmmpahflnlajbl":{"blacklist":true},"oomelpjfeldbopnleifpjibbpekflhlg":{"blacklist":true},"opnnngnphijodjhemhdafpnnpdjggofe":{"blacklist":true},"pajgiddgjidlcajihkjoacjbplimkgfe":{"blacklist":true},"pbdgmppmccanplobanhfkjndjkmmabgk":{"blacklist":true},"pbekednmpdekknlffkiopooofokfmkla":{"blacklist":true},"pbglijbamgmlcpnnpbfjkbdeheejjloj":{"blacklist":true},"pcaedgdgamlfffkfblocmakhgieggoak":{"blacklist":true},"peahabnpipmmfiajjjhgfggbeigbmbgp":{"blacklist":true},"peiijdmlgbelnnmnkighhkpeihmmamio":{"blacklist":true},"pfaooklcbjnkgconjjepimkohgcjmdji":{"blacklist":true},"pfcelnbmkeoaeicedjomcjkcammlkdbk":{"blacklist":true},"pfgmgcnbngcnhjddppmnloflcidemopc":{"blacklist":true},"pfhlnanelpgjbhndafjamnpfhkjadoip":{"blacklist":true},"pfoiaildicnbcjojocjlpcibenphhbln":{"blacklist":true},"pfonklmafadkmcedjlodommcoipgbcde":{"blacklist":true},"pgelifedkjaohmjehecojkfldinjlamn":{"blacklist":true},"pgjpnfpidejcmjibaaohcmehfohacckf":{"blacklist":true},"pgldfhecfiofkhnbgcncepnkjkeoahlk":{"blacklist":true},"phkpgooenaonkpnabopdbjjfmphclela":{"blacklist":true},"pihcfdffalbcnmbghijdfcaanagapelf":{"blacklist":true},"pjdhkkcnlbfebiokpeghfffajaabahfo":{"blacklist":true},"pjgbfgdpkbfimabdalhjmmeeelbmkcac":{"blacklist":true},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"]},"app_launcher_ordinal":"t","from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"]},"install_time":"12996861573756047","lastpingday":"12999772794768215","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxps://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"cs","default_locale":"en","description":"Rychlý e-mail s možností vyhledávání a menším množstvím spamu.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","name":"Gmail","options_page":"hxxps://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"hxxp://clients2.google.com/service/update2/crx","version":"7"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\7_0","state":1,"was_installed_by_default":true},"pjloefkigphblpjminnlpbhjchjafcfc":{"blacklist":true},"pkbbbncikcipejaiiiioboongndhmjgl":{"blacklist":true},"pkbkgagehkkoajkpgnmjegibihpalfdk":{"blacklist":true},"pkbkkendemaimikinaefldfljliecapm":{"blacklist":true},"pkdlpbfmpolnhligegklimbccminkioc":{"blacklist":true},"pkhidkonipdjidjglnkfcfhnkfnlefbk":{"blacklist":true},"plfijddblbcdcnammpdmfccchkbdekmm":{"blacklist":true},"pnaiiipilbpcceggeanphcpkkihnojan":{"blacklist":true},"pndadpldhngimdmhnajebjldbmcbpjol":{"blacklist":true},"pnnbdjcjeiobikdfikegpclkcimgafpp":{"blacklist":true},"pnpfkfanlgljpkpilhgiimfadggfmhcd":{"blacklist":true},"pnpgiaejfbdapllkchhgchjpdbcpiooa":{"blacklist":true},"pobponmhkpmphbnfhpjdagklbkmjhked":{"blacklist":true},"ppmfajacidhcjbddpgmcmigffpppcadd":{"blacklist":true}},"toolbarsize":-1},"google":{"services":{"last_username":"jiri.buchlovsky@gmail.com","username":"jiri.buchlovsky@gmail.com"}},"homepage":"","homepage_changed":true,"homepage_is_newtabpage":true,"invalidator":{"invalidation_state":"CicKJQoGCgQIAxABEhIJz4+UfCkABZMRcEu84dzS1KgaBwiCLBADGAoSFBuogjIqMImKvzcEQs8Uc21vOgyV","max_invalidation_versions":[{"max-version":"1352388186014000","name":"APP","source":"1004"},{"max-version":"1352388058817000","name":"NIGORI","source":"1004"},{"max-version":"1357657743113000","name":"PASSWORD","source":"1004"},{"max-version":"1352388208832000","name":"PREFERENCE","source":"1004"},{"max-version":"1357657743113000","name":"SESSION","source":"1004"}]},"is_google_plus_user":true,"net":{"hxxp_server_properties":{"servers":{"2542116.fls.doubleclick.net:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"accounts.google.com:443":{"settings":{"4":100,"5":10,"6":0},"supports_spdy":true},"accounts.google.cz:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"apis.google.com:443":{"settings":{"4":100},"supports_spdy":true},"clients2.google.com:443":{"settings":{"4":100,"5":10,"6":0},"supports_spdy":true},"clients2.googleusercontent.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"clients4.google.com:443":{"settings":{"4":100,"5":13,"6":0},"supports_spdy":true},"cm.g.doubleclick.net:443":{"settings":{"4":100},"supports_spdy":true},"csi.gstatic.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"fls.doubleclick.net:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"fonts.googleapis.com:443":{"settings":{"4":100,"5":2,"6":17},"supports_spdy":true},"googleads.g.doubleclick.net:443":{"settings":{"4":100,"5":10,"6":0},"supports_spdy":true},"lh6.googleusercontent.com:443":{"settings":{"4":100,"5":26,"6":2},"supports_spdy":true},"r.twimg.com:443":{"supports_spdy":true},"ssl.google-analytics.com:443":{"settings":{"4":100,"5":16,"6":1},"supports_spdy":true},"ssl.gstatic.com:443":{"settings":{"4":100,"5":21,"6":0},"supports_spdy":true},"themes.googleusercontent.com:443":{"settings":{"4":100,"5":26,"6":0},"supports_spdy":true},"www.google.com:443":{"settings":{"4":100,"5":10,"6":0},"supports_spdy":true},"www.google.cz:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"www.googleadservices.com:443":{"settings":{"4":100,"5":16,"6":2},"supports_spdy":true},"www.googleapis.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true},"www.gstatic.com:443":{"settings":{"4":100,"5":32,"6":0},"supports_spdy":true}},"version":1}},"ntp":{"app_page_names":["Aplikace"],"promo_resource_cache_update":"1359646552.113864","shown_page":2048},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files\\Google\\Chrome\\Application\\24.0.1312.56","migrated_to_pepper_flash":true,"plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files\\Google\\Chrome\\Application\\24.0.1312.56\\PepperFlash\\pepflashplayer.dll","version":"11.5.31.2"},{"enabled":true,"name":"Chrome Remote Desktop Viewer","path":"internal-remoting-viewer","version":""},{"enabled":true,"name":"Native Client","path":"C:\\Program Files\\Google\\Chrome\\Application\\24.0.1312.56\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files\\Google\\Chrome\\Application\\24.0.1312.56\\pdf.dll","version":""},{"enabled":true,"name":"Adobe Acrobat","path":"C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Browser\\nppdf32.dll","version":"10.1.4.38"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin2.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin3.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin4.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin5.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin6.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"QuickTime Plug-in 7.7.2","path":"C:\\Program Files\\Mozilla Firefox\\plugins\\npqtplugin7.dll","version":"7.7.2 (1680.56)"},{"enabled":true,"name":"Google Talk Plugin","path":"C:\\Users\\Jura\\AppData\\Roaming\\Mozilla\\plugins\\npgoogletalk.dll","version":"3.10.2.10212"},{"enabled":true,"name":"Google Talk Plugin Video Accelerator","path":"C:\\Users\\Jura\\AppData\\Roaming\\Mozilla\\plugins\\npgtpo3dautoplugin.dll","version":"0,1,44,23"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~1\\MIF5BA~1\\Office14\\NPAUTHZ.DLL","version":"14.0.4730.1010"},{"enabled":true,"name":"Microsoft Office 2010","path":"C:\\PROGRA~1\\MIF5BA~1\\Office14\\NPSPWRAP.DLL","version":"14.0.4761.1000"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files\\Google\\Update\\1.3.21.123\\npGoogleUpdate3.dll","version":"1.3.21.123"},{"enabled":true,"name":"Java(TM) Platform SE 7 U9","path":"C:\\Program Files\\Java\\jre7\\bin\\plugin2\\npjp2.dll","version":"10.9.2.05"},{"enabled":true,"name":"Silverlight Plug-In","path":"C:\\Program Files\\Microsoft Silverlight\\5.1.10411.0\\npctrl.dll","version":"5.1.10411.0"},{"enabled":true,"name":"Nokia Suite Enabler Plugin","path":"C:\\Program Files\\Nokia\\Nokia Suite\\npNokiaSuiteEnabler.dll","version":"1, 0, 0, 1"},{"enabled":true,"name":"Pando Web Plugin","path":"C:\\Program Files\\Pando Networks\\Media Booster\\npPandoWebPlugin.dll","version":"2.3.3.8"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Windows\\system32\\Macromed\\Flash\\NPSWF32_11_4_402_287.dll","version":"11,4,402,287"},{"enabled":true,"name":"Java Deployment Toolkit 7.0.70.11","path":"C:\\Windows\\system32\\npDeployJava1.dll","version":"10.7.2.11"},{"enabled":true,"name":"Adobe Flash Player"},{"enabled":false,"name":"Adobe Reader"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":true,"name":"Chrome Remote Desktop Viewer"},{"enabled":true,"name":"Google Talk"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Java(TM)"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"Native Client"},{"enabled":true,"name":"Nokia Suite Enabler Plugin"},{"enabled":true,"name":"Pando Web Plugin"},{"enabled":true,"name":"QuickTime Player"},{"enabled":true,"name":"Silverlight"}]},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"name":"První uživatel"},"promo":{"ntp_bubble_promo":[{"closed":false,"end":1361228340.0,"gplus_required":false,"group":0,"increment":1,"increment_frequency":0,"increment_max":1,"max_views":1,"num_groups":1,"segment":1,"start":1352329200.0,"text":"Prohlížeč Chrome byl automaticky aktualizován.<br/>\n Nyní používáte nejnovější a nejvyšší verzi.","views":0}],"ntp_notification_promo":[{"closed":false,"end":1357685940.0,"gplus_required":false,"group":0,"increment":1,"increment_frequency":0,"increment_max":1,"max_views":15,"num_groups":1,"segment":1,"start":1356303600.0,"text":"Máte chytrý telefon nebo tablet? <a href=\"hxxps://www.google.com/chrome/mobile/?utm_sourc ... =ntp-promo\"> Pořiďte si Chrome pro mobilní zařízení</a>","views":0}]},"session":{"restore_on_startup":1,"restore_on_startup_migrated":true,"urls_to_restore_on_startup":null},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","App Notifications","Encryption keys"],"app_notifications":false,"app_settings":false,"apps":false,"autofill":false,"autofill_profile":false,"bookmarks":false,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAvfizkR5euE+WldD0HRguSQAAAAACAAAAAAAQZgAAAAEAACAAAACZq1/eSad4AFN5BNEtv8hidOrne+G9i7wPEbaoqv5joQAAAAAOgAAAAAIAACAAAABU0TkviyI2baThnoM2AsoB1M56FpoyCBTnZNa/z7FnZ0AAAADty7SSWJbijp1CU1wGBGOpQEF9KT5IXjzdFTA5BhUGPKAVrEIpHr6GEwk+5bzGqWKTe4woV7xjyubyfgAqlK+dQAAAANG4AXrkb4SF+x72PC3O55bfOIASovRm7GAgen8S62ztSi20zHligpri77jXu67n4OcA6UbqZMUbsd7kTE9o/X0=","extension_settings":false,"extensions":false,"has_setup_completed":true,"keep_everything_synced":true,"last_synced_time":"13004120160266864","passwords":false,"preferences":false,"search_engines":false,"session_sync_guid":"session_syncubpM9sTVpn8VI18VzXwNMw==","sessions":false,"suppress_start":false,"themes":false,"typed_urls":false},"sync_promo":{"show_ntp_bubble":false,"startup_count":2,"user_skipped":true,"view_count":2},"translate_language_blacklist":["en"]}

-\\ Opera v12.13.1734.0

File : C:\Users\Jura\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [55600 octets] - [05/02/2013 14:18:23]

########## EOF - C:\AdwCleaner[R1].txt - [55661 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Delete
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.111 - Logfile created 02/05/2013 at 15:00:30
# Updated 05/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : Jura - JURA-NBNEPCOMG
# Boot Mode : Normal
# Running from : C:\Users\Jura\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Folder Deleted : C:\Users\Jura\AppData\Local\vghd
Folder Deleted : C:\Users\Jura\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jura\AppData\Roaming\SimilarSites

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\cacaoweb
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SimilarSites
Key Deleted : HKLM\Software\SimilarSites
Key Deleted : HKLM\SOFTWARE\Software
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://eu.ask.com/?l=dis&o=1586&gct=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\Jura\AppData\Roaming\Mozilla\Firefox\Profiles\j6e48guo.default-1353018396439\prefs.js

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v24.0.1312.57

File : C:\Users\Jura\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"backup":{"_signature":"fgWCs7EOmT3VP9ZBvu8Kc64cdGbTin7ENmyw2b/GVUw=","_version":4,"browser":{"show[...]

-\\ Opera v12.13.1734.0

File : C:\Users\Jura\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4720 octets] - [05/02/2013 15:00:30]

########## EOF - C:\AdwCleaner[S1].txt - [4780 octets] ##########

Poprosim o DDS http://forum.viry.cz/viewtopic.php?f=13&t=125171

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.5.1
Run by Jura at 15:38:19 on 2013-02-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2814.934 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ManyCam 2.4\ManyCam.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\Jura\AppData\Local\Akamai\netsession_win.exe
C:\Users\Jura\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\AIMP2\AIMP3.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\programy\Miranda IM\miranda32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uProxyOverride = <local>;*.local
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [ManyCam] "c:\program files\manycam 2.4\ManyCam.exe"
uRun: [Akamai NetSession Interface] "c:\users\jura\appdata\local\akamai\netsession_win.exe"
uRun: [BitTorrent] "c:\program files\bittorrent\BitTorrent.exe" /MINIMIZED
uRun: [NokiaSuite.exe] c:\program files\nokia\nokia suite\NokiaSuite.exe -tray
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [AIMP3] c:\program files\aimp2\AIMP3.exe
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [ATKOSD2] c:\program files\asus\atk package\atkosd2\ATKOSD2.exe
mRun: [ATKMEDIA] c:\program files\asus\atk package\atk media\DMedia.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
StartupFolder: c:\users\jura\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\jura\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\jura\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\srspre~1.lnk - c:\windows\installer\{e5cf6b9c-3abe-43c9-9413-ad5ffc98f049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:\windows\installer\{1ce60928-8325-49a8-8b06-633e48dd2b67}\Icon3E5562ED7.ico
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\jura\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\jura\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 193.179.143.3 192.168.1.1
TCP: Interfaces\{10A3C7F9-D839-4438-ADDF-7BCB276FB438} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{89B0EC20-2CC4-482D-BBBF-A946F0E830FB} : DHCPNameServer = 193.179.143.3 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-7-4 164048]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-7-6 303744]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-9-28 217600]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2012-9-28 291840]
R2 AODDriver4.2;AODDriver4.2;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2012-4-9 48256]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-7-4 19024]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-7-4 51792]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-7-4 40384]
R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2012-4-24 624856]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-11-12 2358656]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-5-14 86656]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-7-4 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2011-7-4 40384]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-7-3 102400]
R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2011-7-3 119408]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\drivers\JME.sys [2011-7-3 98928]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-7-3 30392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-2-7 14216]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-2-7 8456]
S3 hipeer20;Remobo Instant Private Network;c:\windows\system32\drivers\remobo32.sys [2010-8-1 26112]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-11-25 34384]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2011-8-19 26112]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 25600]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 VSPerfDrv100;Performance Tools Driver 10.0;d:\programy\visual\team tools\performance tools\VSPerfDrv100.sys [2011-1-18 54144]
S3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\wat\WatAdminSvc.exe [2011-7-6 1343400]
S3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\drivers\wod0205.sys [2012-10-2 28936]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile="c:\program files\pspad editor\PSPad.exe" "%1" [UserChoice]
FileExt: .vbs: VBSFile=c:\windows\system32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2013-02-05 13:24:22 -------- d-----w- C:\Downloads
2013-02-05 10:06:30 -------- d-sh--w- C:\$RECYCLE.BIN
2013-02-05 10:06:29 -------- d-----w- c:\users\jura\appdata\local\temp
2013-02-05 00:26:17 -------- d-----r- c:\program files\Skype
2013-02-04 14:46:32 98816 ----a-w- c:\windows\sed.exe
2013-02-04 14:46:32 256000 ----a-w- c:\windows\PEV.exe
2013-02-04 14:46:32 208896 ----a-w- c:\windows\MBR.exe
2013-02-04 13:54:31 -------- d-----w- c:\program files\trend micro
2013-02-04 12:56:10 -------- d-----w- C:\MaxAVLiveUpdate
2013-02-04 10:42:37 -------- d-----w- c:\programdata\Max Secure
2013-02-04 10:26:30 -------- d-----w- c:\users\jura\appdata\local\Max Secure Software
2013-02-03 20:28:11 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-01 22:33:16 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3db9c87d-3750-4d34-9b7c-97343e154880}\mpengine.dll
2013-01-28 13:34:22 -------- d-----w- c:\programdata\ClickIT
2013-01-23 08:29:12 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-18 21:06:00 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-01-18 21:06:00 271768 ----a-w- c:\program files\mozilla firefox\updater.exe
2013-01-18 21:06:00 19352 ----a-w- c:\program files\mozilla firefox\xpcom.dll
2013-01-18 21:06:00 17802648 ----a-w- c:\program files\mozilla firefox\xul.dll
2013-01-18 21:06:00 157712 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-01-16 08:09:32 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2013-01-16 08:09:32 32768 ------w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2013-01-16 08:09:32 225280 ------w- c:\program files\common files\installshield\iscript\iscript.dll
2013-01-16 08:09:32 176128 ------w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2013-01-13 12:02:27 -------- d-----w- c:\users\jura\appdata\roaming\Dev-Cpp
2013-01-13 12:02:12 -------- d-----w- C:\Dev-Cpp
2013-01-12 09:01:59 -------- d-----w- c:\users\jura\appdata\roaming\AIMP3
2013-01-11 16:28:42 -------- d-----w- c:\users\jura\appdata\roaming\CodeBlocks
2013-01-09 09:53:17 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 09:53:16 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 09:53:15 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 09:53:01 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 09:51:59 46592 ----a-w- c:\windows\system32\fpb.rs
.
==================== Find3M ====================
.
2013-02-05 12:59:37 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-02-05 12:59:37 282296 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-02-05 12:16:16 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-02-05 12:16:16 139648 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-02-05 12:16:05 282296 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-02-04 18:51:21 138056 ----a-w- c:\users\jura\appdata\roaming\PnkBstrK.sys
2013-01-17 00:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-08 20:50:28 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 20:50:28 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 18:20:19 477240 ------w- c:\windows\system32\drivers\sptd.sys
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 15:39:26,27 ===============

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  DDS::
  uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
  mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
  
  Folder::
  c:\program files\AVG Secure Search
  c:\users\Jura\AppData\Local\Akamai
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "ISUSPM Startup"=-
  "Akamai NetSession Interface"=-
  "BitTorrent"=-
  "NokiaSuite.exe"=-
  "Pando Media Booster"=-
  "AIMP3"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Adobe ARM"=-
  "ISUSScheduler"=-
  "AdobeCS5ServiceManager"=-
  "SunJavaUpdateSched"=-
  "QuickTime Task"=-
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}]
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  
  File::
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
  C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Zde je požadovaný log, jen si nejsem jistý, jestli kvůli omezení funkčnosti proběhlo vše správně.

ComboFix 13-02-03.03 - Jura 11.02.2013 0:35.2.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2814.1839 [GMT 1:00]
Spuštěný z: c:\users\Jura\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Jura\Desktop\CFscript.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job"
"c:\windows\tasks\ROC_JAN2013_TB_rmv.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jura\AppData\Local\Akamai
c:\users\Jura\AppData\Local\Akamai\admintool.exe
c:\users\Jura\AppData\Local\Akamai\client.ini
c:\users\Jura\AppData\Local\Akamai\ControlPanel.exe
c:\users\Jura\AppData\Local\Akamai\CplTasks.xml
c:\users\Jura\AppData\Local\Akamai\euc_state.json
c:\users\Jura\AppData\Local\Akamai\extraroot.pem
c:\users\Jura\AppData\Local\Akamai\guid.ini
c:\users\Jura\AppData\Local\Akamai\installer.txt
c:\users\Jura\AppData\Local\Akamai\installer_no_upload_silent.exe
c:\users\Jura\AppData\Local\Akamai\Languages\csy.dll
c:\users\Jura\AppData\Local\Akamai\Languages\dan.dll
c:\users\Jura\AppData\Local\Akamai\Languages\deu.dll
c:\users\Jura\AppData\Local\Akamai\Languages\esp.dll
c:\users\Jura\AppData\Local\Akamai\Languages\fin.dll
c:\users\Jura\AppData\Local\Akamai\Languages\fra.dll
c:\users\Jura\AppData\Local\Akamai\Languages\chs.dll
c:\users\Jura\AppData\Local\Akamai\Languages\cht.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ita.dll
c:\users\Jura\AppData\Local\Akamai\Languages\jpn.dll
c:\users\Jura\AppData\Local\Akamai\Languages\kor.dll
c:\users\Jura\AppData\Local\Akamai\Languages\nld.dll
c:\users\Jura\AppData\Local\Akamai\Languages\nor.dll
c:\users\Jura\AppData\Local\Akamai\Languages\plk.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ptb.dll
c:\users\Jura\AppData\Local\Akamai\Languages\ptg.dll
c:\users\Jura\AppData\Local\Akamai\Languages\rus.dll
c:\users\Jura\AppData\Local\Akamai\Languages\sve.dll
c:\users\Jura\AppData\Local\Akamai\Languages\trk.dll
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130204_104405.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130204_104639.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130204_180323.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_002509.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_070416.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_094713.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_094907.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_094942.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_101807.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_140523.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130205_224921.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130206_051221.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130206_051803.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130206_183541.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130206_234648.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130207_070607.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130208_005441.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130208_082842.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130208_141508.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130209_181652.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130209_224615.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130210_092412.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130210_123001.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130210_151048.sent
c:\users\Jura\AppData\Local\Akamai\Logs\daemon.debug.log.130210_233011.upload
c:\users\Jura\AppData\Local\Akamai\Logs\daemon1.debug.log
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_002756.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_012756.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_022756.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_032757.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_042757.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_052757.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_062758.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_072759.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_082800.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_092800.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_102801.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_104403.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_104645.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_114646.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_124646.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_134647.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_180336.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_190336.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_200337.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_210338.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_220339.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130204_230340.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_000341.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_002507.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_070429.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_080429.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_090430.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_094713.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_094911.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_094942.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_101813.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_111813.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_121814.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_131815.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_140526.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_150527.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_160527.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_170528.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_180529.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_190529.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_200529.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_210530.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_220530.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130205_224919.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_051225.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_051802.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_183545.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_193546.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_203546.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_213546.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_223547.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_233548.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130206_234647.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_070612.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_080612.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_090613.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_100614.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_110615.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_120615.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_130616.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_140616.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_150617.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_160617.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_170617.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_180617.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_190618.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_200618.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_210619.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_220620.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130207_230620.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_000621.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_005439.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_082851.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_092852.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_102853.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_112853.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_122854.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_132854.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130208_141506.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_181657.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_191658.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_201658.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_211659.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_221659.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130209_224615.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_092417.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_102417.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_112417.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_122418.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_123000.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_151054.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_161054.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_171055.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_181056.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_191056.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_201057.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_211058.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_221058.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_231058.sent
c:\users\Jura\AppData\Local\Akamai\Logs\debug.log.130210_233010.upload
c:\users\Jura\AppData\Local\Akamai\netsession_win.exe
c:\users\Jura\AppData\Local\Akamai\readme.txt
c:\users\Jura\AppData\Local\Akamai\root.pem
c:\users\Jura\AppData\Local\Akamai\rswinui.exe
c:\users\Jura\AppData\Local\Akamai\uninstall.exe
c:\users\Jura\AppData\Local\Akamai\user.dat
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-10 do 2013-02-10 )))))))))))))))))))))))))))))))
.
.
2013-02-10 23:37 . 2013-02-10 23:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-08 14:15 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A7FE2D14-3121-4E01-9E64-41BA27F706B1}\mpengine.dll
2013-02-07 23:07 . 2013-02-07 23:10 -------- d-----w- c:\program files\Common Files\3DO Shared
2013-02-07 23:07 . 2013-02-07 23:07 -------- d-----w- c:\program files\3DO
2013-02-07 23:04 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-02-05 13:24 . 2013-02-05 13:24 -------- d-----w- C:\Downloads
2013-02-05 00:26 . 2013-02-05 00:26 -------- d-----r- c:\program files\Skype
2013-02-05 00:26 . 2013-02-05 00:26 -------- d-----w- c:\program files\Common Files\Skype
2013-02-04 13:54 . 2013-02-04 13:54 -------- d-----w- c:\program files\trend micro
2013-02-04 13:54 . 2013-02-04 13:54 -------- d-----w- C:\rsit
2013-02-04 12:56 . 2013-02-04 12:56 -------- d-----w- C:\MaxAVLiveUpdate
2013-02-04 10:42 . 2013-02-04 10:50 -------- d-----w- c:\programdata\Max Secure
2013-02-04 10:26 . 2013-02-04 10:26 -------- d-----w- c:\users\Jura\AppData\Local\Max Secure Software
2013-02-03 20:28 . 2013-02-04 18:10 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-01-28 13:34 . 2013-01-28 13:34 -------- d-----w- c:\programdata\ClickIT
2013-01-23 08:29 . 2013-01-12 02:30 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-16 08:09 . 2001-09-05 05:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-01-16 08:09 . 2001-09-05 05:18 225280 ------w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2013-01-16 08:09 . 2001-09-05 05:14 176128 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-01-16 08:09 . 2001-09-05 05:13 32768 ------w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-01-13 12:02 . 2013-01-13 12:12 -------- d-----w- c:\users\Jura\AppData\Roaming\Dev-Cpp
2013-01-13 12:02 . 2013-01-14 16:02 -------- d-----w- C:\Dev-Cpp
2013-01-12 09:01 . 2013-02-10 15:13 -------- d-----w- c:\users\Jura\AppData\Roaming\AIMP3
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-09 19:50 . 2012-04-04 08:49 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-09 19:50 . 2011-07-12 06:44 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-05 12:59 . 2011-09-29 20:48 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-02-05 12:59 . 2011-07-29 06:50 282296 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-02-05 12:16 . 2011-07-29 06:50 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2013-02-05 12:16 . 2011-07-29 06:50 139648 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-02-05 12:16 . 2011-07-29 06:50 282296 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-02-04 18:51 . 2011-09-29 19:15 138056 ----a-w- c:\users\Jura\AppData\Roaming\PnkBstrK.sys
2013-01-17 00:28 . 2011-07-04 18:25 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-16 14:13 . 2012-12-21 23:52 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 23:52 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26 . 2013-01-09 09:51 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 09:51 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 09:51 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 09:51 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 09:51 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 09:51 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 09:51 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 09:51 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 09:51 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 09:51 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 09:51 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 09:51 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 09:51 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 09:51 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 09:51 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 09:51 51712 ----a-w- c:\windows\system32\esrb.rs
2012-11-30 04:53 . 2013-01-09 09:52 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47 . 2013-01-09 09:52 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 09:52 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 4096 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55 . 2013-01-09 09:52 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38 . 2013-01-09 09:52 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:52 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:52 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38 . 2013-01-09 09:52 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56 . 2013-01-09 09:53 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48 . 2013-01-09 09:51 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45 . 2013-01-09 09:53 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-20 04:51 . 2013-01-09 09:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2012-11-15 18:20 . 2011-07-04 17:51 477240 ------w- c:\windows\system32\drivers\sptd.sys
2012-11-14 02:09 . 2012-12-12 22:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 22:17 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 22:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 22:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 22:17 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 22:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-02-06 20:24 . 2013-02-06 20:24 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ManyCam"="c:\program files\ManyCam 2.4\ManyCam.exe" [2010-03-03 1824040]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-01-13 509320]
"ATKOSD2"="c:\program files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
c:\users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 105160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2011-7-3 156952]
VPN Client.lnk - c:\windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico [2012-11-22 6144]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-04-13 09:25 8555040 ------w- c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Plus\Room\safedrv.sys [x]
R3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo32.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;d:\programy\Visual\Team Tools\Performance Tools\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSP;aswSP; [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [x]
S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;c:\windows\system32\DRIVERS\JME.sys [x]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 16:40 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 193.179.143.3 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Akamai - c:\users\Jura\AppData\Local\Akamai\uninstall.exe
AddRemove-VirtuaGirl_is1 - c:\users\Jura\AppData\Local\vghd\bin\unins001.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5980)
c:\users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\P4G\BatteryLife.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-02-11 00:42:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-10 23:41
.
Před spuštěním: 4 362 498 048
Po spuštění: 4 296 036 352
.
- - End Of File - - 590FAC81FBEF029ED7CD479DBF7B75D4

Smazte stary CF a stahnete si novy odsud http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Spustte CF bez skriptu, log pak sem

Omlouvám se za zpoždění. Zde je požadovaný log.

ComboFix 13-02-18.02 - Jura 19.02.2013 11:36:49.3.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2814.1855 [GMT 1:00]
Spuštěný z: C:\Users\Jura\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení


((((((((((((((((((((((((( Soubory vytvořené od 2013-01-19 do 2013-02-19 )))))))))))))))))))))))))))))))


2013-02-19 10:42:16 . 2013-02-19 10:42:16 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-02-16 00:16:36 . 2013-01-08 04:57:31 6991832 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A7296CF-7417-402E-BBA8-66ACFB1A2125}\mpengine.dll
2013-02-14 18:35:35 . 2013-02-14 18:35:35 -------- d-----w- C:\Program Files\Screaming Bee
2013-02-14 18:30:24 . 2013-02-14 18:30:24 -------- d-----w- C:\Users\Jura\.nx
2013-02-13 19:45:09 . 2013-01-04 03:00:29 2347008 ----a-w- C:\Windows\system32\win32k.sys
2013-02-13 19:44:14 . 2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\system32\ntkrnlpa.exe
2013-02-13 19:44:13 . 2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\system32\ntoskrnl.exe
2013-02-13 19:43:44 . 2013-01-03 05:05:20 1293672 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 19:43:44 . 2013-01-03 05:04:43 187752 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 19:43:19 . 2013-01-04 04:50:52 169984 ----a-w- C:\Windows\system32\winsrv.dll
2013-02-11 14:50:45 . 2013-02-11 14:50:48 -------- d-----w- C:\Program Files\Cheat Engine 6.2
2013-02-10 23:37:16 . 2013-02-19 10:42:16 -------- d-----w- C:\Users\Jura\AppData\Local\temp
2013-02-07 23:07:42 . 2013-02-07 23:10:16 -------- d-----w- C:\Program Files\Common Files\3DO Shared
2013-02-07 23:07:42 . 2013-02-07 23:07:42 -------- d-----w- C:\Program Files\3DO
2013-02-07 23:04:19 . 1998-10-29 15:45:06 306688 ----a-w- C:\Windows\IsUninst.exe
2013-02-05 13:24:22 . 2013-02-05 13:24:22 -------- d-----w- C:\Downloads
2013-02-05 00:26:17 . 2013-02-05 00:26:18 -------- d-----r- C:\Program Files\Skype
2013-02-05 00:26:17 . 2013-02-05 00:26:17 -------- d-----w- C:\Program Files\Common Files\Skype
2013-02-04 13:54:31 . 2013-02-04 13:54:31 -------- d-----w- C:\Program Files\trend micro
2013-02-04 13:54:30 . 2013-02-04 13:54:36 -------- d-----w- C:\rsit
2013-02-04 12:56:10 . 2013-02-04 12:56:10 -------- d-----w- C:\MaxAVLiveUpdate
2013-02-04 10:42:37 . 2013-02-04 10:50:44 -------- d-----w- C:\ProgramData\Max Secure
2013-02-04 10:26:30 . 2013-02-04 10:26:30 -------- d-----w- C:\Users\Jura\AppData\Local\Max Secure Software
2013-02-03 20:28:11 . 2013-02-04 18:10:39 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-28 13:34:22 . 2013-01-28 13:34:22 -------- d-----w- C:\ProgramData\ClickIT
2013-01-23 08:29:12 . 2013-01-12 02:30:20 94112 ----a-w- C:\Windows\system32\WindowsAccessBridge.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-02-09 19:50:25 . 2012-04-04 08:49:17 697712 ----a-w- C:\Windows\system32\FlashPlayerApp.exe
2013-02-09 19:50:25 . 2011-07-12 06:44:37 74096 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-02-05 12:59:37 . 2011-09-29 20:48:23 282296 ----a-w- C:\Windows\system32\PnkBstrB.xtr
2013-02-05 12:59:37 . 2011-07-29 06:50:07 282296 ----a-w- C:\Windows\system32\PnkBstrB.exe
2013-02-05 12:16:16 . 2011-07-29 06:50:16 76888 ----a-w- C:\Windows\system32\PnkBstrA.exe
2013-02-05 12:16:16 . 2011-07-29 06:50:15 139648 ----a-w- C:\Windows\system32\drivers\PnkBstrK.sys
2013-02-05 12:16:05 . 2011-07-29 06:50:07 282296 ----a-w- C:\Windows\system32\PnkBstrB.ex0
2013-02-04 18:51:21 . 2011-09-29 19:15:15 138056 ----a-w- C:\Users\Jura\AppData\Roaming\PnkBstrK.sys
2013-01-17 00:28:58 . 2011-07-04 18:25:33 232336 ------w- C:\Windows\system32\MpSigStub.exe
2012-12-16 14:13:28 . 2012-12-21 23:52:08 295424 ----a-w- C:\Windows\system32\atmfd.dll
2012-12-16 14:13:20 . 2012-12-21 23:52:08 34304 ----a-w- C:\Windows\system32\atmlib.dll
2012-12-07 12:26:17 . 2013-01-09 09:51:58 308736 ----a-w- C:\Windows\system32\Wpc.dll
2012-12-07 12:20:43 . 2013-01-09 09:51:59 2576384 ----a-w- C:\Windows\system32\gameux.dll
2012-12-07 10:46:42 . 2013-01-09 09:51:59 43520 ----a-w- C:\Windows\system32\csrr.rs
2012-12-07 10:46:42 . 2013-01-09 09:51:59 30720 ----a-w- C:\Windows\system32\usk.rs
2012-12-07 10:46:41 . 2013-01-09 09:51:59 45568 ----a-w- C:\Windows\system32\oflc-nz.rs
2012-12-07 10:46:41 . 2013-01-09 09:51:59 44544 ----a-w- C:\Windows\system32\pegibbfc.rs
2012-12-07 10:46:41 . 2013-01-09 09:51:59 20480 ----a-w- C:\Windows\system32\pegi-pt.rs
2012-12-07 10:46:41 . 2013-01-09 09:51:58 23552 ----a-w- C:\Windows\system32\oflc.rs
2012-12-07 10:46:40 . 2013-01-09 09:51:58 20480 ----a-w- C:\Windows\system32\pegi-fi.rs
2012-12-07 10:46:39 . 2013-01-09 09:51:59 46592 ----a-w- C:\Windows\system32\fpb.rs
2012-12-07 10:46:39 . 2013-01-09 09:51:59 20480 ----a-w- C:\Windows\system32\pegi.rs
2012-12-07 10:46:38 . 2013-01-09 09:51:59 21504 ----a-w- C:\Windows\system32\grb.rs
2012-12-07 10:46:37 . 2013-01-09 09:51:59 40960 ----a-w- C:\Windows\system32\cob-au.rs
2012-12-07 10:46:37 . 2013-01-09 09:51:59 15360 ----a-w- C:\Windows\system32\djctq.rs
2012-12-07 10:46:36 . 2013-01-09 09:51:58 55296 ----a-w- C:\Windows\system32\cero.rs
2012-12-07 10:46:36 . 2013-01-09 09:51:58 51712 ----a-w- C:\Windows\system32\esrb.rs
2012-11-30 04:47:45 . 2013-01-09 09:52:54 293376 ----a-w- C:\Windows\system32\KernelBase.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:53 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:53 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:53 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:52 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:51 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:51 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:51 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:50 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 04:45:15 . 2013-01-09 09:52:49 4096 ---ha-w- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:53 5120 ---ha-w- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:53 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:53 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:51 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:51 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:51 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:50 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 04:45:14 . 2013-01-09 09:52:49 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 02:55:25 . 2013-01-09 09:52:54 271360 ----a-w- C:\Windows\system32\conhost.exe
2012-11-30 02:38:59 . 2013-01-09 09:52:50 6144 ---ha-w- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 . 2013-01-09 09:52:50 4608 ---ha-w- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 . 2013-01-09 09:52:50 3584 ---ha-w- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 . 2013-01-09 09:52:50 3072 ---ha-w- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:48:41 . 2013-01-09 09:51:28 49152 ----a-w- C:\Windows\system32\taskhost.exe
2012-11-22 04:45:03 . 2013-01-09 09:53:17 626688 ----a-w- C:\Windows\system32\usp10.dll
2013-02-06 20:24:34 . 2013-02-06 20:24:17 262552 ----a-w- C:\Program Files\mozilla firefox\components\browsercomps.dll


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32:48 129272 ----a-w- C:\Users\Jura\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ManyCam"="C:\Program Files\ManyCam 2.4\ManyCam.exe" [2010-03-03 10:13:20 1824040]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2010-11-20 21:29:41 1174016]
"Skype"="C:\Program Files\Skype\Phone\skype.exe" [2012-07-13 12:33:24 17418928]
"BitTorrent"="C:\Program Files\BitTorrent\BitTorrent.exe" [2013-01-05 08:45:38 980376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" [2010-01-13 12:24:48 509320]
"ATKOSD2"="C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-02-04 12:05:32 7350912]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 11:59:12 170624]
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 20:28:32 59240]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 15:06:40 642728]

C:\Users\Jura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Jura\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe [2012-1-8 105160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe [2011-7-3 156952]
VPN Client.lnk - C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico [2012-11-22 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2010-04-13 09:25:00 8555040 ------w- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

R1 aswSP;aswSP; [x]
R2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe [x]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [x]
R2 PanService;PandoraService;C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [x]
R2 TeamViewer6;TeamViewer 6;C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW73.sys [x]
R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys [x]
R3 epmntdrv;epmntdrv;C:\Windows\system32\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;C:\Windows\system32\EuGdiDrv.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;C:\Program Files\Garena Plus\Room\safedrv.sys [x]
R3 hipeer20;Remobo Instant Private Network;C:\Windows\system32\DRIVERS\remobo32.sys [x]
R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [x]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver;C:\Windows\system32\DRIVERS\JME.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\system32\DRIVERS\ManyCam.sys [x]
R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des [x]
R3 PTSimBus;PenTablet Bus Enumerator;C:\Windows\system32\DRIVERS\PTSimBus.sys [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;C:\Windows\system32\DRIVERS\PTSimHid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [x]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\Windows\system32\drivers\ScreamingBAudio.sys [x]
R3 SwitchBoard;SwitchBoard;C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;C:\Windows\system32\drivers\rdvgkmd.sys [x]
R3 VSPerfDrv100;Performance Tools Driver 10.0;D:\programy\Visual\Team Tools\Performance Tools\VSPerfDrv100.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe [x]
R3 wod0205;WeOnlyDo Network Adapter 2.5;C:\Windows\system32\DRIVERS\wod0205.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 sptd;sptd;C:\Windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys [x]
S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys [x]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-02 16:40:39 1607120 ----a-w- C:\Program Files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe

Obsah adresáře 'Naplánované úlohy'

2013-02-19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000Core.job
- C:\Users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 07:33:31 . 2011-09-16 16:09:29]

2013-02-19 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3741011086-1165501081-336709912-1000UA.job
- C:\Users\Jura\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-17 07:33:31 . 2011-09-16 16:09:29]


------- Doplňkový sken -------

uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\Jura\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 193.179.143.3 192.168.1.1


------- Asociace souborů -------

txtfile="C:\Program Files\PSPad editor\PSPad.exe" "%1"