TrojanDownloader:Win32/Adload.DA

Zpráva

JainaImmortal · #1 Příspěvek od **JainaImmortal** » 25 dub 2013 16:06

Dobré odpoledne.
Systém Windows mi hlásí, že mám v počítači tento vir: TrojanDownloader:Win32/Adload.DA. Počítač jsem projela několika antivirovými programy, ale bohužel nic nenašly. Budu vděčná za jakoukoliv radu.
Zde je log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jana Svobodová at 2013-04-25 16:53:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 61 GB (21%) free of 292 GB
Total RAM: 4025 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:54:38, on 25.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16476)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jana Svobodová.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://blekko.com/ws/?source=c3348dd4&t ... p=homepage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5701w514
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch/{5 ... 9BBE91A68E}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Jana Svobodová\AppData\Roaming\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll
O3 - Toolbar: FaceSmooch Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_2A35AC1489B543F1B97BCDDAD923F0ED] "C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jana Svobodová\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files (x86)\Stylish Profile\ct.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 19152 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {069ED2C2-CFE8-4B6C-A191-7D6846F8F408}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"taskhost.exe"
taskeng.exe {A02F62CB-5264-43D6-9E5F-E19BE4275ACC}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe"
"C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe"
"C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\diMaster.dll" /prefetch:1
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Users\Jana Svobodová\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe"
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 3792
"C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart C4600 series#1359817644" -Startup
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6500.0.1490593949\293560340" --supports-dual-gpus=false --gpu-vendor-id=0x8086 --gpu-device-id=0x2a42 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.1892 --ignored=" --type=renderer " /prefetch:12
C:\Windows\system32\msiexec.exe /V
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/16/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-accelerated-2d-canvas --channel="6500.2.2029589195\1412548983" /prefetch:3
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/16/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-accelerated-2d-canvas --channel="6500.3.933348722\1061000236" /prefetch:3
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/16/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/ --extension-process --renderer-print-preview --enable-threaded-compositing --disable-accelerated-2d-canvas --channel="6500.4.1811266587\914790195" /prefetch:3
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\sppsvc.exe
wmiadap.exe /F /T /R
"C:\Users\Jana Svobodová\Desktop\RSITx64.exe"
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/16/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --disable-accelerated-2d-canvas --channel="6500.7.947015082\313468295" /prefetch:3
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6500.8.1480577939\1091361222" --lang=cs --ignored=" --type=renderer " /prefetch:13
"C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AutocompleteDynamicTrial_0/LiveSpellingExperiment/ForceCompositingMode/thread/InfiniteCache/No/NewMenuStyle/NewStyle/NewTabButton/default/OmniboxHQPReplaceHUPProhibitTrumpingInlineableResult/Standard/OmniboxHQPUseCursorPosition/Standard/OmniboxSearchSuggestTrialStarted2013Q1/16/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictor/Disabled/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_18/UMA-Uniformity-Trial-50-Percent/group_01/ --renderer-print-preview --enable-threaded-compositing --disable-accelerated-2d-canvas --channel="6500.9.230420597\2088327170" /prefetch:3
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -secured -Embedding
scan:b-f+ onlinedefs:0 boot:"*"- file:"%SYSTEMDRIVE%\*"+"%TEMP%"-"%TMP%"- container:"*"+"dxsndb"- containerdepth:8 dataexchange:"%APPDATA%\cltLMH.dxsndb"
\??\C:\Windows\system32\conhost.exe "1675541582633762138-1691553812-103569514951195421613369498379206122092081892267

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289412251-517033032-1418875622-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2289412251-517033032-1418875622-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289412251-517033032-1418875622-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2289412251-517033032-1418875622-1000UA.job
C:\Windows\tasks\Norton Security Scan for Jana Svobodová.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "extensions.enabledItems" - "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1, 6, 2, 48, toolbar@ask.com:3.14.1.100013, wrc@avast.com:7.0.1426, ffxtlbr@babylon.com:1.2.0, {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0, {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2, fbdislike@doweb.fr:1.2.1, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6, {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1, {8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4, {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20100830W, {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, m3ffxtbr@mywebsearch.com:1.1, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.28, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.10, {8675f4b3-2f19-11ed-2d6b-1823600c0a19}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.11"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =668083&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.21.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npnul32.dll
nppdf32.dll
np_gp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
search.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\
ascsurfingprotection@iobit.com
fbdislike@doweb.fr
ffxtlbr@babylon.com
{3112ca9c-de6d-4884-a869-9855de68056c}
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{6236BA26-C117-4007-928C-DE0716C7FA80}
{6236BA26-C117-4007-928C-DE0716C7FA82}
{6236BA26-C117-4007-928C-DE0716C7FA96}
{6236BA26-C117-4007-928C-DE0716C7FA99}
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{800b5000-a755-47e1-992b-48a1c1357f07}
{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
{8675f4b3-2f19-11ed-2d6b-1823600c0a19}
{872b5b88-9db5-4310-bdd0-ac189557e5f5}
{8769adce-dba5-48e9-afb5-67b12cdf2e61}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
{EEE6C361-6118-11DC-9C72-001320C79847}

C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\
askcom.xml
daemon-search.xml
icq-search.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml
mywebsearch.xml
Search.xml
sweetim.xml
web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Jana [2010-12-31 1992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-07 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-04-15 6305912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-07 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll [2013-02-05 94112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - C:\Users\Jana [2010-12-31 1992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 77576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-04-17 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-04-15 4529272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\ADVANC~2\BROWER~1\ASCPLU~1.DLL [2013-01-15 656704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-04-17 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-03-07 1497560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll [2010-04-27 2393184]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - FaceSmooch Toolbar - C:\Program Files (x86)\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{03EB0E9C-7A91-4381-A220-9B52B641CDB1} - IObit Apps Toolbar - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.0\iobitappsToolbarIE.dll [2013-02-23 1352512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-08-07 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-06-19 1808168]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-30 200704]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-08-06 828960]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 1281512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Jana [2010-12-31 1992]
"GoogleChromeAutoLaunch_2A35AC1489B543F1B97BCDDAD923F0ED"=C:\Users\Jana [2010-12-31 1992]
"Google Update"=C:\Users\Jana [2010-12-31 1992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-01-08 18705664]
"Advanced SystemCare 6"=C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe [2013-01-15 491840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
~C:\Program Files (x86)\ICQ7M\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2012-12-25 4474832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2012-12-10 1354736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-21 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-08-01 128296]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-08-05 181480]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2009-10-20 111928]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
"SearchSettings"=C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-02-23 1297728]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2012-12-25 4474832]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-04-24 17:50:55 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-04-24 17:50:15 ----D---- C:\Program Files\Microsoft Security Client
2013-04-24 17:10:37 ----D---- C:\Program Files\trend micro
2013-04-24 17:10:08 ----D---- C:\rsit
2013-04-24 16:46:59 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-04-17 17:46:03 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-04-17 17:45:47 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-04-14 12:25:51 ----D---- C:\ProgramData\SoftSafe
2013-04-13 09:56:44 ----A---- C:\Windows\system32\win32k.sys
2013-04-13 09:55:51 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-04-13 09:55:51 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-04-13 09:55:51 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-04-13 09:55:51 ----A---- C:\Windows\system32\smss.exe
2013-04-13 09:55:51 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-04-13 09:55:51 ----A---- C:\Windows\system32\csrsrv.dll
2013-04-13 09:55:04 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-04-13 09:54:05 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\wininet.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\vbscript.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\mshtmled.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\mshtml.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\msfeeds.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\jsproxy.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\jscript9.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\jscript.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\ieUnatt.exe
2013-04-13 09:54:05 ----A---- C:\Windows\system32\ieui.dll
2013-04-13 09:54:05 ----A---- C:\Windows\system32\ieframe.dll
2013-04-13 09:54:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-04-13 09:54:04 ----A---- C:\Windows\SYSWOW64\url.dll
2013-04-13 09:54:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-04-13 09:54:04 ----A---- C:\Windows\system32\urlmon.dll
2013-04-13 09:54:04 ----A---- C:\Windows\system32\url.dll
2013-04-13 09:54:04 ----A---- C:\Windows\system32\iertutil.dll
2013-04-07 17:24:40 ----D---- C:\Users\Jana Svobodová\AppData\Roaming\NetBeans
2013-04-07 17:16:38 ----D---- C:\Program Files\glassfish-3.1.2.2
2013-04-07 17:01:56 ----D---- C:\Program Files\NetBeans 7.3
2013-04-07 17:00:23 ----A---- C:\Windows\system32\deployJava1.dll
2013-04-07 17:00:22 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-04-07 17:00:22 ----A---- C:\Windows\system32\javaws.exe
2013-04-07 17:00:04 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-04-07 17:00:04 ----A---- C:\Windows\system32\javaw.exe
2013-04-07 17:00:04 ----A---- C:\Windows\system32\java.exe
2013-04-07 16:57:38 ----D---- C:\Program Files\Java
2013-04-04 17:07:57 ----D---- C:\Program Files\Microsoft Silverlight
2013-04-04 17:07:57 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-04-04 17:02:32 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-04-04 16:45:24 ----A---- C:\Windows\system32\drivers\SmartDefragDriver.sys
2013-04-04 16:38:02 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-04-04 16:37:58 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-28 19:51:35 ----D---- C:\Program Files (x86)\GEONExT

======List of files/folders modified in the last 1 month======

2013-04-25 16:54:36 ----SHD---- C:\Windows\Installer
2013-04-25 16:54:33 ----D---- C:\Windows\Temp
2013-04-25 16:54:32 ----HD---- C:\Config.Msi
2013-04-25 16:54:23 ----D---- C:\ProgramData\Skype
2013-04-25 16:54:14 ----RD---- C:\Program Files (x86)\Skype
2013-04-25 16:54:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-04-25 16:51:54 ----D---- C:\Windows\system32\config
2013-04-25 16:51:44 ----D---- C:\Users\Jana Svobodová\AppData\Roaming\Skype
2013-04-25 03:19:21 ----D---- C:\Windows\system32\catroot2
2013-04-25 03:19:14 ----D---- C:\Windows\winsxs
2013-04-25 03:18:33 ----D---- C:\Windows
2013-04-25 03:18:19 ----D---- C:\Windows\debug
2013-04-25 03:17:02 ----D---- C:\Windows\system32\drivers
2013-04-25 03:01:05 ----SHD---- C:\System Volume Information
2013-04-24 20:39:45 ----SHD---- C:\Boot
2013-04-24 17:51:51 ----D---- C:\Windows\system32\catroot
2013-04-24 17:50:55 ----SD---- C:\ProgramData\Microsoft
2013-04-24 17:50:55 ----RD---- C:\Program Files (x86)
2013-04-24 17:50:15 ----D---- C:\Program Files
2013-04-24 17:15:18 ----D---- C:\Windows\system32\Tasks
2013-04-23 15:35:53 ----D---- C:\Windows\Prefetch
2013-04-21 20:03:59 ----D---- C:\ProgramData\Microsoft Help
2013-04-21 12:36:47 ----D---- C:\Windows\System32
2013-04-21 12:36:47 ----D---- C:\Windows\inf
2013-04-21 12:36:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-21 11:10:54 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-17 18:07:09 ----D---- C:\Program Files (x86)\Common Files
2013-04-17 17:46:03 ----D---- C:\Windows\SysWOW64
2013-04-17 17:45:37 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-04-17 17:45:36 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-04-17 17:45:36 ----A---- C:\Windows\SYSWOW64\java.exe
2013-04-17 17:45:36 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-04-17 17:45:33 ----D---- C:\Program Files (x86)\Java
2013-04-14 12:25:55 ----D---- C:\ProgramData\InstallMate
2013-04-14 12:25:51 ----HD---- C:\ProgramData
2013-04-13 19:31:23 ----D---- C:\Windows\SYSWOW64\migration
2013-04-13 19:31:23 ----D---- C:\Windows\system32\migration
2013-04-13 19:31:23 ----D---- C:\Program Files\Internet Explorer
2013-04-13 19:31:23 ----D---- C:\Program Files (x86)\Internet Explorer
2013-04-13 15:59:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-04-13 15:11:49 ----D---- C:\Windows\rescache
2013-04-13 11:18:43 ----D---- C:\Program Files (x86)\McAfee Security Scan
2013-04-13 09:39:35 ----D---- C:\ProgramData\Adobe
2013-04-12 20:06:13 ----D---- C:\Windows\system32\NDF
2013-04-04 20:20:26 ----D---- C:\Windows\AppPatch
2013-04-04 20:20:25 ----D---- C:\Windows\system32\DriverStore
2013-04-04 16:40:40 ----D---- C:\ProgramData\IObit
2013-04-02 12:34:28 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-01-20 230320]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-09 564824]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1207010.003\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1207010.003\SYMEFA64.SYS [2011-03-15 912504]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-03-07 28504]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx64.sys [2011-11-14 1156216]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-11-10 482936]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111124.030\IDSvia64.sys [2011-08-05 488568]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS [2011-04-21 386168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-04-07 1208320]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2012-07-05 33224]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-05-11 174200]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-06-19 272432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2012-07-05 21904]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-02 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-02 21160]
S3 cpudrv64;cpudrv64; \??\C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 GPU-Z;GPU-Z; \??\C:\Users\JANA [2010-12-31 1992]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111124.036\ENG64.SYS [2011-08-06 117880]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111124.036\EX64.SYS [2011-08-06 2048632]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-02-14 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-05 216064]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1207010.003\SRTSP64.SYS [2011-03-31 744568]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-02-14 57856]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdvancedSystemCareService6;Advanced SystemCare Service 6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-02-25 528192]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 Application Updater;Application Updater; C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe [2013-02-23 805752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 22056]
R2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe [2011-04-17 130008]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-13 256904]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 135664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 25 dub 2013 16:30

Zdravim

Odinstalujte Advanced SystemCare 5 a IObit Malware Fighter a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe

Ulozte nejlepe na Plochu
Spustte tradicne dvouklikem a postupujte dle pokynu utility
Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Prohledat
Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

JainaImmortal · #3 Příspěvek od **JainaImmortal** » 25 dub 2013 17:43

Děkuji za pomoc. Zde jsou ty logy:
Security Check log:
Results of screen317's Security Check version 0.99.63
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Microsoft Security Essentials
Norton AntiVirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware verze 1.75.0.1300
Java(TM) 6 Update 30
Java 7 Update 21
Adobe Flash Player 11.7.700.169
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (3.5.11) Firefox out of Date!
Google Chrome 26.0.1410.43
Google Chrome 26.0.1410.64
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Norton AntiVirus Engine 18.7.1.3 ccSvcHst.exe
IObit IObit Malware Fighter IMFsrv.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
IObit IObit Malware Fighter IMF.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Junkware Removal Tool log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jana Svobodov on źt 25.04.2013 at 18:11:15,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Failed to delete: [Folder] "C:\Program Files (x86)\Common Files\spigot"

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\user.js
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\mywebsearch.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}
Successfully deleted the following from C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\prefs.js

user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2269050.CTID", "CT2269050");
user_pref("CT2269050.CurrentServerDate", "4-11-2011");
user_pref("CT2269050.DialogsAlignMode", "LTR");
user_pref("CT2269050.DownloadReferralCookieData", "");
user_pref("CT2269050.EMailNotifierPollDate", "Fri Nov 04 2011 18:44:59 GMT+0100");
user_pref("CT2269050.FirstServerDate", "8-8-2010");
user_pref("CT2269050.FirstTime", true);
user_pref("CT2269050.FirstTimeFF3", true);
user_pref("CT2269050.FirstTimeSettingsDone", true);
user_pref("CT2269050.FixPageNotFoundErrors", true);
user_pref("CT2269050.GroupingServerCheckInterval", 1440);
user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2269050.Initialize", true);
user_pref("CT2269050.InitializeCommonPrefs", true);
user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
user_pref("CT2269050.InstallationType", "UnknownIntegration");
user_pref("CT2269050.InstalledDate", "Sun Aug 08 2010 10:46:29 GMT+0200");
user_pref("CT2269050.InvalidateCache", false);
user_pref("CT2269050.IsGrouping", false);
user_pref("CT2269050.IsMulticommunity", false);
user_pref("CT2269050.IsOpenThankYouPage", false);
user_pref("CT2269050.IsOpenUninstallPage", false);
user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Nov 04 2011 18:39:58 GMT+0100");
user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2269050.LastLogin_2.7.0.14", "Sun Aug 29 2010 16:50:50 GMT+0200");
user_pref("CT2269050.LastLogin_2.7.2.0", "Fri Nov 04 2011 18:39:59 GMT+0100");
user_pref("CT2269050.LatestVersion", "3.7.0.6");
user_pref("CT2269050.Locale", "en");
user_pref("CT2269050.LoginCache", 4);
user_pref("CT2269050.MCDetectTooltipHeight", "83");
user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2269050.MCDetectTooltipWidth", "295");
user_pref("CT2269050.RadioIsPodcast", false);
user_pref("CT2269050.RadioLastCheckTime", "Fri Nov 04 2011 18:40:00 GMT+0100");
user_pref("CT2269050.RadioLastUpdateIPServer", "3");
user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
user_pref("CT2269050.RadioMediaID", "12473383");
user_pref("CT2269050.RadioMediaType", "Media Player");
user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
user_pref("CT2269050.RadioStationName", "Hotmix%20108");
user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2269050.SearchFromAddressBarIsInit", true);
user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
user_pref("CT2269050.SearchInNewTabEnabled", true);
user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Nov 04 2011 18:39:58 GMT+0100");
user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SettingsCheckIntervalMin", 120);
user_pref("CT2269050.SettingsLastCheckTime", "Fri Nov 04 2011 18:39:56 GMT+0100");
user_pref("CT2269050.SettingsLastUpdate", "1314606801");
user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Oct 22 2011 12:10:14 GMT+0200");
user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT2269050.UserID", "UN81724020624090526");
user_pref("CT2269050.WeatherNetwork", "");
user_pref("CT2269050.WeatherPollDate", "Fri Nov 04 2011 18:40:01 GMT+0100");
user_pref("CT2269050.WeatherUnit", "C");
user_pref("CT2269050.alertChannelId", "666138");
user_pref("CT2269050.backendstorage./9b+7e+x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e,x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e-x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e.x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e/x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D706E6B6C71757176");
user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747376747172777B777C242F4B49474F42357D5D5C3D");
user_pref("CT2269050.backendstorage./9b+7e0x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e1x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e2x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e3x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e4x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e5x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e6x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e7x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e8x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e9x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e:x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e;x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e<x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e=x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e>x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e?x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e@x305", "2423");
user_pref("CT2269050.backendstorage./9b+7eax305", "2423");
user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("CT2269050.backendstorage./9b+7ebx305", "2423");
user_pref("CT2269050.backendstorage./9b+7ecx305", "2423");
user_pref("CT2269050.backendstorage./9b+7edx305", "2423");
user_pref("CT2269050.backendstorage./9b+7etx305", "2423");
user_pref("CT2269050.backendstorage./9b-0?3g>d", "673C6B6B713F436E7A4377777A20757A7C7B2523234E7E2A7E55282825282A2A305F312E");
user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484778213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3D3E6B696B436F727A7746777375744C4A7D7B5152");
user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F726F726D727771737975");
user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
user_pref("CT2269050.clientLogIsEnabled", true);
user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2269050.myStuffEnabled", true);
user_pref("CT2269050.myStuffPublihserMinWidth", 400);
user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Sep 01 2011 11:38:08 GMT+0200");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
user_pref("browser.search.order.1", "Blekko");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=111252");
user_pref("extensions.BabylonToolbar.bbDpng", 1);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar.instlDay", "15438");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=111252&babsrc=KW_ss&mntrId=a43664880000000000000617c4af9496&q=");
user_pref("extensions.BabylonToolbar.lastDP", 1);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.5");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 77142030);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111252");
user_pref("extensions.BabylonToolbar_i.hardId", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar_i.id", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar_i.instlDay", "15438");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
user_pref("extensions.asktb.abar-war-timeout", "4000");
user_pref("extensions.asktb.apn_dbr", "cr_17.0.963.83");
user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
user_pref("extensions.asktb.cbid", "CV");
user_pref("extensions.asktb.config-updated", true);
user_pref("extensions.asktb.cr-o", "14654cr");
user_pref("extensions.asktb.crumb", "2012.04.02+09.17.31-toolbar004iad-CZ-TWVsbmlrLEN6ZWNoIFJlcHVibGlj");
user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
user_pref("extensions.asktb.displaybehavior", "");
user_pref("extensions.asktb.displaytext", "");
user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX1384");
user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
user_pref("extensions.asktb.fresh-install", false);
user_pref("extensions.asktb.guid", "4d5527e4-4fd8-4fb6-b225-6da3d4642fa5");
user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxp
user_pref("extensions.asktb.if", "new");
user_pref("extensions.asktb.l", "dis");
user_pref("extensions.asktb.last-config-req", "1338571890054");
user_pref("extensions.asktb.last-v", "3.14.1.100010");
user_pref("extensions.asktb.locale", "en_EU");
user_pref("extensions.asktb.location", "Melnik,Czech Republic");
user_pref("extensions.asktb.lstation", "");
user_pref("extensions.asktb.new-tab-enabled", true);
user_pref("extensions.asktb.news-native-on", true);
user_pref("extensions.asktb.o", "14654");
user_pref("extensions.asktb.oldVersion", "5.14.1.20007");
user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
user_pref("extensions.asktb.pstate", "");
user_pref("extensions.asktb.qsrc", "2871");
user_pref("extensions.asktb.r", "6");
user_pref("extensions.asktb.sa", "NO");
user_pref("extensions.asktb.search-suggestions-enabled", true);
user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
user_pref("extensions.asktb.socialmini-first", true);
user_pref("extensions.asktb.socialmini-interval", "1200000");
user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
user_pref("extensions.asktb.socialmini-max-items", "30");
user_pref("extensions.asktb.socialmini-native-on", true);
user_pref("extensions.asktb.socialmini-speed", "10000");
user_pref("extensions.asktb.socialmini-transition-first-open", false);
user_pref("extensions.asktb.themeid", "");
user_pref("extensions.asktb.timeinstalled", "2.4.2012 18:18:57");
user_pref("extensions.asktb.to", "");
user_pref("extensions.asktb.v", "3.14.1.100013");
user_pref("extensions.asktb.version", "5.14.1.20007");
user_pref("extensions.asktb.volume", "");
user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZKman000&ptnrS=ZKman000&ptb=OgWrqxxGirzS0ReV2v_hKA&ind=2010121
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("google.toolbar.button_option.cached.gtbSearchBooks", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBooks\" t
user_pref("google.toolbar.button_option.cached.gtbSearchCalendar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchCalend
user_pref("google.toolbar.button_option.cached.gtbSearchDocs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchDocs\" too
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
user_pref("somoto.Var1", "0");
user_pref("somoto.Var10", "0");
user_pref("somoto.Var2", "0");
user_pref("somoto.Var3", "0");
user_pref("somoto.Var4", "0");
user_pref("somoto.Var5", "0");
user_pref("somoto.Var6", "0");
user_pref("somoto.Var7", "0");
user_pref("somoto.Var8", "0");
user_pref("somoto.Var9", "0");
user_pref("somoto.bubble_height", "336");
user_pref("somoto.bubble_screenx", "329");
user_pref("somoto.bubble_screeny", "231");
user_pref("somoto.bubble_scroll", "0");
user_pref("somoto.bubble_src", "hxxp%3A//www.facesmooch.com/moods_share.php%3Fa%3Dfacesmooch");
user_pref("somoto.bubble_type", "0");
user_pref("somoto.bubble_width", "513");
user_pref("somoto.cache.aff_toolbar_settings_xml", "20/22/1/5/112");
user_pref("somoto.cache.weather_gae", "20/22/1/5/112");
user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/faces ... 0DEF49}?q=");
user_pref("somoto.firstlaunch", "0");
user_pref("somoto.guid", "%7BA5CE8C1D-D70B-49E6-A0FA-B6B20A0DEF49%7D");
user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/facesmooch/{A5CE8C1D ... B20A0DEF49}");
user_pref("somoto.old_dnscatch", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("somoto.old_homepage", "hxxp://seznam.cz/");
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://seznam.cz/");
user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history", "best%20of%20both%20worlds");
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.simapp_id", "{AF690BD8-D3AD-11DE-8726-00262D51A8D8}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
user_pref("sweetim.toolbar.version", "1.0.0.9");
Emptied folder: C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\minidumps [18 files]

~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dlfienamagdnkekbbbocojppncdambda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.04.2013 at 18:29:59,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner log:
# AdwCleaner v2.202 - Log vytvooen 25/04/2013 v 18:35:06
# Aktualizováno 23/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jana Svobodová - JANA
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jana Svobodová\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Složka Nalezeno : C:\Program Files (x86)\Common Files\spigot
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Local\APN
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\Conduit
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\SweetIMToolbarData
Složka Nalezeno : C:\Users\JANASV~1\AppData\Local\Temp\boost_interprocess
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\daemon-search.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-3.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\web-search.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Nalezeno : HKCU\Software\AppDataLow\HavingFunOnline
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKCU\Software\SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\DVDVideoSoftTB
Klíe Nalezeno : HKLM\Software\DVDVideoSoftTB
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Nalezeno : HKLM\Software\SimplyGen
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16476

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v3.5.11 (cs)

Soubor : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\prefs.js

Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.crumb", "2012.04.02+09.17.31-toolbar004iad-CZ-TWVsbmlrLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.defSearchChange", true);
Nalezeno : user_pref("icqtoolbar.engineVerified", true);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1338382298);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "Labsk%C3%A1%20111%2C%2C%20%C5%A0pindler%C5%AFv%20Ml%C3%BDn%20543%20[...]
Nalezeno : user_pref("icqtoolbar.hpChange", true);
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1317307525");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.5.11");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uniqueID", "126444287312644428731264448347149");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1338571894);
Nalezeno : user_pref("icqtoolbar.userEngineApproved", true);
Nalezeno : user_pref("icqtoolbar.userHpApproved", true);
Nalezeno : user_pref("icqtoolbar.version", "1.2.9");
Nalezeno : user_pref("icqtoolbar.voucherHideClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherWasShown", 0);
Nalezeno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [15790 octets] - [25/04/2013 18:35:06]

########## EOF - C:\AdwCleaner[R1].txt - [15851 octets] ##########

JainaImmortal · #4 Příspěvek od **JainaImmortal** » 25 dub 2013 17:43

Děkuji za pomoc. Zde jsou ty logy:
Security Check log:
Results of screen317's Security Check version 0.99.63
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Microsoft Security Essentials
Norton AntiVirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware verze 1.75.0.1300
Java(TM) 6 Update 30
Java 7 Update 21
Adobe Flash Player 11.7.700.169
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (3.5.11) Firefox out of Date!
Google Chrome 26.0.1410.43
Google Chrome 26.0.1410.64
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Norton AntiVirus Engine 18.7.1.3 ccSvcHst.exe
IObit IObit Malware Fighter IMFsrv.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
IObit IObit Malware Fighter IMF.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Junkware Removal Tool log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jana Svobodov on źt 25.04.2013 at 18:11:15,36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Failed to delete: [Folder] "C:\Program Files (x86)\Common Files\spigot"

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\search.xml"
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\user.js
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\mywebsearch.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\search.xml
Successfully deleted: [File] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\sweetim.xml
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{acaa314b-eeba-48e4-ad47-84e31c44796c}
Successfully deleted: [Folder] C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}
Successfully deleted the following from C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\prefs.js

user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
user_pref("CT2269050.CTID", "CT2269050");
user_pref("CT2269050.CurrentServerDate", "4-11-2011");
user_pref("CT2269050.DialogsAlignMode", "LTR");
user_pref("CT2269050.DownloadReferralCookieData", "");
user_pref("CT2269050.EMailNotifierPollDate", "Fri Nov 04 2011 18:44:59 GMT+0100");
user_pref("CT2269050.FirstServerDate", "8-8-2010");
user_pref("CT2269050.FirstTime", true);
user_pref("CT2269050.FirstTimeFF3", true);
user_pref("CT2269050.FirstTimeSettingsDone", true);
user_pref("CT2269050.FixPageNotFoundErrors", true);
user_pref("CT2269050.GroupingServerCheckInterval", 1440);
user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
user_pref("CT2269050.Initialize", true);
user_pref("CT2269050.InitializeCommonPrefs", true);
user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
user_pref("CT2269050.InstallationType", "UnknownIntegration");
user_pref("CT2269050.InstalledDate", "Sun Aug 08 2010 10:46:29 GMT+0200");
user_pref("CT2269050.InvalidateCache", false);
user_pref("CT2269050.IsGrouping", false);
user_pref("CT2269050.IsMulticommunity", false);
user_pref("CT2269050.IsOpenThankYouPage", false);
user_pref("CT2269050.IsOpenUninstallPage", false);
user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Nov 04 2011 18:39:58 GMT+0100");
user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
user_pref("CT2269050.LastLogin_2.7.0.14", "Sun Aug 29 2010 16:50:50 GMT+0200");
user_pref("CT2269050.LastLogin_2.7.2.0", "Fri Nov 04 2011 18:39:59 GMT+0100");
user_pref("CT2269050.LatestVersion", "3.7.0.6");
user_pref("CT2269050.Locale", "en");
user_pref("CT2269050.LoginCache", 4);
user_pref("CT2269050.MCDetectTooltipHeight", "83");
user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2269050.MCDetectTooltipWidth", "295");
user_pref("CT2269050.RadioIsPodcast", false);
user_pref("CT2269050.RadioLastCheckTime", "Fri Nov 04 2011 18:40:00 GMT+0100");
user_pref("CT2269050.RadioLastUpdateIPServer", "3");
user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
user_pref("CT2269050.RadioMediaID", "12473383");
user_pref("CT2269050.RadioMediaType", "Media Player");
user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
user_pref("CT2269050.RadioStationName", "Hotmix%20108");
user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIGINAL_CTID&SearchSource=1");
user_pref("CT2269050.SearchFromAddressBarIsInit", true);
user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");
user_pref("CT2269050.SearchInNewTabEnabled", true);
user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Nov 04 2011 18:39:58 GMT+0100");
user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
user_pref("CT2269050.SettingsCheckIntervalMin", 120);
user_pref("CT2269050.SettingsLastCheckTime", "Fri Nov 04 2011 18:39:56 GMT+0100");
user_pref("CT2269050.SettingsLastUpdate", "1314606801");
user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Oct 22 2011 12:10:14 GMT+0200");
user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1312887586");
user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
user_pref("CT2269050.UserID", "UN81724020624090526");
user_pref("CT2269050.WeatherNetwork", "");
user_pref("CT2269050.WeatherPollDate", "Fri Nov 04 2011 18:40:01 GMT+0100");
user_pref("CT2269050.WeatherUnit", "C");
user_pref("CT2269050.alertChannelId", "666138");
user_pref("CT2269050.backendstorage./9b+7e+x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e,x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e-x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e.x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e/x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e06cg5el8:", "6E6D706E6B6C71757176");
user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747376747172777B777C242F4B49474F42357D5D5C3D");
user_pref("CT2269050.backendstorage./9b+7e0x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e1x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e2x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e3x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e4x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e5x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e6x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e7x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e8x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e9x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e:x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e;x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e<x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e=x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e>x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e?x305", "2423");
user_pref("CT2269050.backendstorage./9b+7e@x305", "2423");
user_pref("CT2269050.backendstorage./9b+7eax305", "2423");
user_pref("CT2269050.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545138505C");
user_pref("CT2269050.backendstorage./9b+7ebx305", "2423");
user_pref("CT2269050.backendstorage./9b+7ecx305", "2423");
user_pref("CT2269050.backendstorage./9b+7edx305", "2423");
user_pref("CT2269050.backendstorage./9b+7etx305", "2423");
user_pref("CT2269050.backendstorage./9b-0?3g>d", "673C6B6B713F436E7A4377777A20757A7C7B2523234E7E2A7E55282825282A2A305F312E");
user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F6456604F6852645858635E604E376B7167617059");
user_pref("CT2269050.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6E6A68707374757677");
user_pref("CT2269050.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484778213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");
user_pref("CT2269050.backendstorage./9b5ba==9cjag", "3D3E6B696B436F727A7746777375744C4A7D7B5152");
user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6F726F726D727771737975");
user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2269050.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2269050.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2269050.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2269050.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
user_pref("CT2269050.clientLogIsEnabled", true);
user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2269050.myStuffEnabled", true);
user_pref("CT2269050.myStuffPublihserMinWidth", 400);
user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("CommunityToolbar.ToolbarsList", "CT2269050");
user_pref("CommunityToolbar.ToolbarsList2", "CT2269050");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Sep 01 2011 11:38:08 GMT+0200");
user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=");
user_pref("browser.search.order.1", "Blekko");
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=111252");
user_pref("extensions.BabylonToolbar.bbDpng", 1);
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", true);
user_pref("extensions.BabylonToolbar.id", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar.instlDay", "15438");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=111252&babsrc=KW_ss&mntrId=a43664880000000000000617c4af9496&q=");
user_pref("extensions.BabylonToolbar.lastDP", 1);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.5");
user_pref("extensions.BabylonToolbar.newTab", true);
user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.propectorlck", 77142030);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.ptch_0717", true);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111252");
user_pref("extensions.BabylonToolbar_i.hardId", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar_i.id", "a43664880000000000000617c4af9496");
user_pref("extensions.BabylonToolbar_i.instlDay", "15438");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1717:28:43");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
user_pref("extensions.asktb.abar-war-timeout", "4000");
user_pref("extensions.asktb.apn_dbr", "cr_17.0.963.83");
user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
user_pref("extensions.asktb.cbid", "CV");
user_pref("extensions.asktb.config-updated", true);
user_pref("extensions.asktb.cr-o", "14654cr");
user_pref("extensions.asktb.crumb", "2012.04.02+09.17.31-toolbar004iad-CZ-TWVsbmlrLEN6ZWNoIFJlcHVibGlj");
user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
user_pref("extensions.asktb.displaybehavior", "");
user_pref("extensions.asktb.displaytext", "");
user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX1384");
user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
user_pref("extensions.asktb.fresh-install", false);
user_pref("extensions.asktb.guid", "4d5527e4-4fd8-4fb6-b225-6da3d4642fa5");
user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxp
user_pref("extensions.asktb.if", "new");
user_pref("extensions.asktb.l", "dis");
user_pref("extensions.asktb.last-config-req", "1338571890054");
user_pref("extensions.asktb.last-v", "3.14.1.100010");
user_pref("extensions.asktb.locale", "en_EU");
user_pref("extensions.asktb.location", "Melnik,Czech Republic");
user_pref("extensions.asktb.lstation", "");
user_pref("extensions.asktb.new-tab-enabled", true);
user_pref("extensions.asktb.news-native-on", true);
user_pref("extensions.asktb.o", "14654");
user_pref("extensions.asktb.oldVersion", "5.14.1.20007");
user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
user_pref("extensions.asktb.pstate", "");
user_pref("extensions.asktb.qsrc", "2871");
user_pref("extensions.asktb.r", "6");
user_pref("extensions.asktb.sa", "NO");
user_pref("extensions.asktb.search-suggestions-enabled", true);
user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
user_pref("extensions.asktb.socialmini-first", true);
user_pref("extensions.asktb.socialmini-interval", "1200000");
user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
user_pref("extensions.asktb.socialmini-max-items", "30");
user_pref("extensions.asktb.socialmini-native-on", true);
user_pref("extensions.asktb.socialmini-speed", "10000");
user_pref("extensions.asktb.socialmini-transition-first-open", false);
user_pref("extensions.asktb.themeid", "");
user_pref("extensions.asktb.timeinstalled", "2.4.2012 18:18:57");
user_pref("extensions.asktb.to", "");
user_pref("extensions.asktb.v", "3.14.1.100013");
user_pref("extensions.asktb.version", "5.14.1.20007");
user_pref("extensions.asktb.volume", "");
user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZKman000&ptnrS=ZKman000&ptb=OgWrqxxGirzS0ReV2v_hKA&ind=2010121
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("google.toolbar.button_option.cached.gtbSearchBooks", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchBooks\" t
user_pref("google.toolbar.button_option.cached.gtbSearchCalendar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchCalend
user_pref("google.toolbar.button_option.cached.gtbSearchDocs", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchDocs\" too
user_pref("google.toolbar.button_option.cached.gtbSearchPhotos", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchPhotos\"
user_pref("google.toolbar.button_option.cached.gtbSearchScholar", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\" id=\"gtbSearchScholar
user_pref("google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml", "<toolbarbutton xmlns=\"hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.o
user_pref("google.toolbar.search-icon", "data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/
user_pref("somoto.Var1", "0");
user_pref("somoto.Var10", "0");
user_pref("somoto.Var2", "0");
user_pref("somoto.Var3", "0");
user_pref("somoto.Var4", "0");
user_pref("somoto.Var5", "0");
user_pref("somoto.Var6", "0");
user_pref("somoto.Var7", "0");
user_pref("somoto.Var8", "0");
user_pref("somoto.Var9", "0");
user_pref("somoto.bubble_height", "336");
user_pref("somoto.bubble_screenx", "329");
user_pref("somoto.bubble_screeny", "231");
user_pref("somoto.bubble_scroll", "0");
user_pref("somoto.bubble_src", "hxxp%3A//www.facesmooch.com/moods_share.php%3Fa%3Dfacesmooch");
user_pref("somoto.bubble_type", "0");
user_pref("somoto.bubble_width", "513");
user_pref("somoto.cache.aff_toolbar_settings_xml", "20/22/1/5/112");
user_pref("somoto.cache.weather_gae", "20/22/1/5/112");
user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/faces ... 0DEF49}?q=");
user_pref("somoto.firstlaunch", "0");
user_pref("somoto.guid", "%7BA5CE8C1D-D70B-49E6-A0FA-B6B20A0DEF49%7D");
user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/facesmooch/{A5CE8C1D ... B20A0DEF49}");
user_pref("somoto.old_dnscatch", "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=");
user_pref("somoto.old_homepage", "hxxp://seznam.cz/");
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://seznam.cz/");
user_pref("sweetim.toolbar.previous.keyword.URL", "chrome://browser-region/locale/region.properties");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history", "best%20of%20both%20worlds");
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.simapp_id", "{AF690BD8-D3AD-11DE-8726-00262D51A8D8}");
user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com");
user_pref("sweetim.toolbar.version", "1.0.0.9");
Emptied folder: C:\Users\Jana Svobodov \AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\minidumps [18 files]

~~~ Chrome

Successfully deleted: [Registry Key] hkey_local_machine\software\google\chrome\extensions\dlfienamagdnkekbbbocojppncdambda

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 25.04.2013 at 18:29:59,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner log:
# AdwCleaner v2.202 - Log vytvooen 25/04/2013 v 18:35:06
# Aktualizováno 23/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jana Svobodová - JANA
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jana Svobodová\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Složka Nalezeno : C:\Program Files (x86)\Common Files\spigot
Složka Nalezeno : C:\ProgramData\ICQ\ICQToolbar
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Local\APN
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\Conduit
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Složka Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\SweetIMToolbarData
Složka Nalezeno : C:\Users\JANASV~1\AppData\Local\Temp\boost_interprocess
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\daemon-search.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-1.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-2.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-3.xml
Soubor Nalezeno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\web-search.xml

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Nalezeno : HKCU\Software\AppDataLow\HavingFunOnline
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Somoto Toolbar
Klíe Nalezeno : HKCU\Software\SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\DVDVideoSoftTB
Klíe Nalezeno : HKLM\Software\DVDVideoSoftTB
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Nalezeno : HKLM\Software\SimplyGen
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Nalezeno : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Klíe Nalezeno : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16476

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v3.5.11 (cs)

Soubor : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\prefs.js

Nalezeno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Nalezeno : user_pref("extensions.asktb.crumb", "2012.04.02+09.17.31-toolbar004iad-CZ-TWVsbmlrLEN6ZWNoIFJlcHVibG[...]
Nalezeno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Nalezeno : user_pref("icqtoolbar.allowSendURL", false);
Nalezeno : user_pref("icqtoolbar.defSearchChange", true);
Nalezeno : user_pref("icqtoolbar.engineVerified", true);
Nalezeno : user_pref("icqtoolbar.geolastmodified", 1338382298);
Nalezeno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nalezeno : user_pref("icqtoolbar.history", "Labsk%C3%A1%20111%2C%2C%20%C5%A0pindler%C5%AFv%20Ml%C3%BDn%20543%20[...]
Nalezeno : user_pref("icqtoolbar.hpChange", true);
Nalezeno : user_pref("icqtoolbar.icqgeo", 42);
Nalezeno : user_pref("icqtoolbar.installTime", "1317307525");
Nalezeno : user_pref("icqtoolbar.installsource", "1");
Nalezeno : user_pref("icqtoolbar.newtab_state", "1");
Nalezeno : user_pref("icqtoolbar.numberOfSearches", 0);
Nalezeno : user_pref("icqtoolbar.previousFFVersion", "3.5.11");
Nalezeno : user_pref("icqtoolbar.skip_default_search", "no");
Nalezeno : user_pref("icqtoolbar.suggestions", false);
Nalezeno : user_pref("icqtoolbar.uniqueID", "126444287312644428731264448347149");
Nalezeno : user_pref("icqtoolbar.usageStatstTimestamp", 1338571894);
Nalezeno : user_pref("icqtoolbar.userEngineApproved", true);
Nalezeno : user_pref("icqtoolbar.userHpApproved", true);
Nalezeno : user_pref("icqtoolbar.version", "1.2.9");
Nalezeno : user_pref("icqtoolbar.voucherHideClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Nalezeno : user_pref("icqtoolbar.voucherWasShown", 0);
Nalezeno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Nalezeno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Nalezeno : user_pref("icqtoolbar.xmlLanguage", "cs");
Nalezeno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [15790 octets] - [25/04/2013 18:35:06]

########## EOF - C:\AdwCleaner[R1].txt - [15851 octets] ##########

#5 Příspěvek od **vyosek** » 25 dub 2013 21:58

V tom zabezpeceni musime udelat poradek - na PC muze byt jen jeden antivir - takze ponechte Avast, ostatni odinstalujte

``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Microsoft Security Essentials
Norton AntiVirus

Spustte znovu AdwCleaner

Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
Kliknete na Smazat
PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

JainaImmortal · #6 Příspěvek od **JainaImmortal** » 26 dub 2013 17:21

Zde je log:
# AdwCleaner v2.202 - Log vytvooen 26/04/2013 v 18:16:59
# Aktualizováno 23/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Jana Svobodová - JANA
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jana Svobodová\Desktop\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Složka Vymazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Vymazáno : C:\Users\Jana Svobodová\AppData\Local\APN
Složka Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\Conduit
Složka Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
Složka Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Složka Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\SweetIMToolbarData
Složka Vymazáno : C:\Users\JANASV~1\AppData\Local\Temp\boost_interprocess
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\.autoreg
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\daemon-search.xml
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin.xml
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-1.xml
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-2.xml
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\icqplugin-3.xml
Soubor Vymazáno : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\searchplugins\web-search.xml

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Klíe Vymazáno : HKCU\Software\AppDataLow\HavingFunOnline
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Somoto Toolbar
Klíe Vymazáno : HKCU\Software\SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\DVDVideoSoftTB
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Vymazáno : HKLM\Software\SimplyGen
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE488029-49ED-4AE2-9880-E28D8381ABD7}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Klíe Vymazáno : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16476

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v3.5.11 (cs)

Soubor : C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\prefs.js

Vymazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
Vymazáno : user_pref("extensions.asktb.crumb", "2012.04.02+09.17.31-toolbar004iad-CZ-TWVsbmlrLEN6ZWNoIFJlcHVibG[...]
Vymazáno : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Vymazáno : user_pref("icqtoolbar.allowSendURL", false);
Vymazáno : user_pref("icqtoolbar.defSearchChange", true);
Vymazáno : user_pref("icqtoolbar.engineVerified", true);
Vymazáno : user_pref("icqtoolbar.geolastmodified", 1338382298);
Vymazáno : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazáno : user_pref("icqtoolbar.history", "Labsk%C3%A1%20111%2C%2C%20%C5%A0pindler%C5%AFv%20Ml%C3%BDn%20543%20[...]
Vymazáno : user_pref("icqtoolbar.hpChange", true);
Vymazáno : user_pref("icqtoolbar.icqgeo", 42);
Vymazáno : user_pref("icqtoolbar.installTime", "1317307525");
Vymazáno : user_pref("icqtoolbar.installsource", "1");
Vymazáno : user_pref("icqtoolbar.newtab_state", "1");
Vymazáno : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazáno : user_pref("icqtoolbar.previousFFVersion", "3.5.11");
Vymazáno : user_pref("icqtoolbar.skip_default_search", "no");
Vymazáno : user_pref("icqtoolbar.suggestions", false);
Vymazáno : user_pref("icqtoolbar.uniqueID", "126444287312644428731264448347149");
Vymazáno : user_pref("icqtoolbar.usageStatstTimestamp", 1338571894);
Vymazáno : user_pref("icqtoolbar.userEngineApproved", true);
Vymazáno : user_pref("icqtoolbar.userHpApproved", true);
Vymazáno : user_pref("icqtoolbar.version", "1.2.9");
Vymazáno : user_pref("icqtoolbar.voucherHideClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Vymazáno : user_pref("icqtoolbar.voucherWasShown", 0);
Vymazáno : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Vymazáno : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Vymazáno : user_pref("icqtoolbar.xmlLanguage", "cs");
Vymazáno : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

-\\ Google Chrome v26.0.1410.64

Soubor : C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [15867 octets] - [25/04/2013 18:35:06]
AdwCleaner[R2].txt - [15928 octets] - [25/04/2013 18:41:35]
AdwCleaner[S1].txt - [14819 octets] - [26/04/2013 18:16:59]

########## EOF - C:\AdwCleaner[S1].txt - [14880 octets] ##########

#7 Příspěvek od **vyosek** » 26 dub 2013 18:39

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

JainaImmortal · #8 Příspěvek od **JainaImmortal** » 27 dub 2013 11:15

RKill log:
Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/26/2013 08:44:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\PLFSetI.exe (PID: 3292) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* Explorer Policy Removed: NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
C:\Users\Jana Svobodová\Desktop\rkill\rkill-04-26-2013-08-44-09.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
* HKCU\SOFTWARE\Classes\.exe has been deleted!
* HKCU\SOFTWARE\Classes\.bat "@" exists and is set to batfile!
* HKCU\SOFTWARE\Classes\.bat has been deleted!
* HKCU\SOFTWARE\Classes\.com "@" exists and is set to comfile!
* HKCU\SOFTWARE\Classes\.com has been deleted!

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/26/2013 08:44:21 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

Combofix log:
ComboFix 13-04-26.01 - Jana Svobodová 26.04.2013 20:52:39.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4025.2671 [GMT 2:00]
Spuštěný z: c:\users\Jana Svobodovß\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-03-26 do 2013-04-26 )))))))))))))))))))))))))))))))
.
.
2013-04-26 16:24 . 2013-04-26 16:24 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-25 15:57 . 2013-04-25 15:57 -------- d-----w- c:\windows\ERUNT
2013-04-25 15:57 . 2013-04-25 16:11 -------- d-----w- C:\JRT
2013-04-24 15:10 . 2013-04-25 14:54 -------- d-----w- c:\program files\trend micro
2013-04-24 15:10 . 2013-04-25 14:54 -------- d-----w- C:\rsit
2013-04-24 14:46 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-17 16:07 . 2013-04-17 16:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-17 15:45 . 2013-04-17 15:45 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-15 13:32 . 2013-04-15 13:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-04-15 13:32 . 2013-04-15 13:32 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-04-13 07:56 . 2013-04-13 07:56 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-13 07:55 . 2013-04-13 07:55 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-13 07:55 . 2013-04-13 07:55 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-13 07:55 . 2013-04-13 07:55 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-13 07:55 . 2013-04-13 07:55 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-13 07:55 . 2013-04-13 07:55 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-13 07:55 . 2013-04-13 07:55 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-13 07:55 . 2013-04-13 07:55 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-07 15:24 . 2013-04-07 15:24 -------- d-----w- c:\users\Jana Svobodová\AppData\Roaming\NetBeans
2013-04-07 15:24 . 2013-04-07 15:24 -------- d-----w- c:\users\Jana Svobodová\AppData\Local\NetBeans
2013-04-07 15:16 . 2013-04-07 15:18 -------- d-----w- c:\program files\glassfish-3.1.2.2
2013-04-07 15:01 . 2013-04-07 15:24 -------- d-----w- c:\program files\NetBeans 7.3
2013-04-07 15:01 . 2013-04-07 15:01 -------- d-----w- c:\users\Jana Svobodová\.nbi
2013-04-07 15:00 . 2013-04-07 14:59 963488 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-07 15:00 . 2013-04-07 14:59 310688 ----a-w- c:\windows\system32\javaws.exe
2013-04-07 15:00 . 2013-04-07 14:59 1085344 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-07 15:00 . 2013-04-07 14:59 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-07 15:00 . 2013-04-07 14:59 188832 ----a-w- c:\windows\system32\javaw.exe
2013-04-07 15:00 . 2013-04-07 14:59 188320 ----a-w- c:\windows\system32\java.exe
2013-04-07 14:57 . 2013-04-07 14:59 -------- d-----w- c:\program files\Java
2013-04-04 15:07 . 2013-04-04 15:08 -------- d-----w- c:\program files\Microsoft Silverlight
2013-04-04 15:07 . 2013-04-04 15:07 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-04-04 15:02 . 2013-04-04 15:02 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-04-04 14:45 . 2010-11-26 16:02 17720 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-04-04 14:38 . 2013-03-06 22:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-04-04 14:37 . 2013-03-06 22:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-28 17:51 . 2013-03-28 17:51 -------- d-----w- c:\program files (x86)\GEONExT
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-17 15:45 . 2013-02-16 10:37 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-04-17 15:45 . 2010-05-30 06:54 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-04-13 13:59 . 2012-04-07 10:14 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-13 13:59 . 2011-05-30 17:19 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-10 03:46 . 2013-04-23 13:35 9317456 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBB38EF8-F0AC-4F03-9EB5-243C89DC2469}\mpengine.dll
2013-04-04 15:03 . 2013-04-04 15:03 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-04 15:03 . 2013-04-04 15:03 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-04 15:03 . 2013-04-04 15:03 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-04 15:03 . 2013-04-04 15:03 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 15:03 . 2013-04-04 15:03 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-04 15:03 . 2013-04-04 15:03 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-04 12:50 . 2012-11-09 15:14 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-02 10:34 . 2009-11-03 18:12 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-04-01 17:58 . 2009-11-08 11:22 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 22:33 . 2012-03-03 11:54 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 22:33 . 2011-03-23 13:08 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 22:33 . 2009-11-03 17:53 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 22:33 . 2009-11-03 17:53 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 22:33 . 2009-11-03 17:53 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 22:33 . 2009-11-03 17:53 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 22:32 . 2011-03-23 13:07 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 22:32 . 2011-03-23 13:08 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-14 16:43 . 2013-02-14 16:43 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-14 16:43 . 2013-02-14 16:43 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 16:39 . 2013-02-14 16:39 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-14 16:39 . 2013-02-14 16:39 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-14 16:39 . 2013-02-14 16:39 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-02-14 16:39 . 2013-02-14 16:39 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-14 16:39 . 2013-02-14 16:39 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-14 16:39 . 2013-02-14 16:39 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-14 16:39 . 2013-02-14 16:39 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-14 16:38 . 2013-02-14 16:38 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-02-14 16:38 . 2013-02-14 16:38 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-02-14 16:38 . 2013-02-14 16:38 338432 ----a-w- c:\windows\system32\conhost.exe
2013-02-14 16:38 . 2013-02-14 16:38 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2013-02-14 16:38 . 2013-02-14 16:38 243200 ----a-w- c:\windows\system32\wow64.dll
2013-02-14 16:38 . 2013-02-14 16:38 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-02-14 16:38 . 2013-02-14 16:38 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-02-14 16:38 . 2013-02-14 16:38 1161216 ----a-w- c:\windows\system32\kernel32.dll
2013-02-14 16:38 . 2013-02-14 16:38 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-02-14 16:38 . 2013-02-14 16:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-02-14 16:34 . 2013-02-14 16:34 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-02-14 16:33 . 2013-02-14 16:33 800768 ----a-w- c:\windows\system32\usp10.dll
2013-02-14 16:33 . 2013-02-14 16:33 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2013-02-14 16:32 . 2013-02-14 16:32 55296 ----a-w- c:\windows\SysWow64\cero.rs
2013-02-14 16:32 . 2013-02-14 16:32 55296 ----a-w- c:\windows\system32\cero.rs
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"GoogleChromeAutoLaunch_2A35AC1489B543F1B97BCDDAD923F0ED"="c:\users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-04-09 1312720]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-01-15 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-07-24 588648]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-21 261888]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [2009-08-04 199464]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-08-01 128296]
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2009-08-05 181480]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 aswVmm;aswVmm; [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GPU-Z;GPU-Z;c:\users\JANASV~1\AppData\Local\Temp\GPU-Z.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-02-14 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-05 216064]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-02-14 57856]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-01 1255736]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S0 aswRvrt;aswRvrt; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 17720]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2013-02-25 528192]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-04-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 13:59]
.
2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 09:19]
.
2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-13 09:19]
.
2013-04-26 c:\windows\Tasks\Norton Security Scan for Jana Svobodová.job
- c:\program files (x86)\Norton Security Scan\Engine\2.7.0.52\Nss.exe [2010-01-23 21:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 22:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-07 349480]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-06 8060960]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-30 200704]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.Google.com
mDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5738&r=27361009j926l0388z175t5701w514
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to iPhone Converter - c:\users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm
IE: Free YouTube to Mp3 Converter - c:\users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 81.30.225.2 81.30.224.2
FF - ProfilePath - c:\users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: <?xmlversion=1.0?><RDF xmlns=http://www.w3.org/1999/02/22-rdf-syntax-ns# xmlns:em=http://www.mozilla.org/2004/em-rdf#><Description about=urn:mozilla:install-manifest><em:id>fbdislike@doweb.fr: fbdislike@doweb.fr - %profile%\extensions\fbdislike@doweb.fr
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Stylish Profile: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Express Tab: {6236BA26-C117-4007-928C-DE0716C7FA82} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: VFT Flv: {8675f4b3-2f19-11ed-2d6b-1823600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-1823600c0a19}
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\programdata\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-{AB607A9B-9186-5B6A-E4E7-0973AECCE198} - c:\progra~3\INSTAL~1\{0BC0D~1\Setup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,02,44,cf,5c,07,35,b1,4b,9e,6b,f4,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@Allowed: (B 1 4 5 6) (S-1-5-5-0-198068)
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@Allowed: (B 1 4 5 6) (S-1-5-5-0-198068)
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
c:\program files (x86)\IObit\Game Booster 3\gbtray.exe
.
**************************************************************************
.
Celkový čas: 2013-04-26 21:12:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-04-26 19:12
.
Před spuštěním: Volných bajtů: 66 745 614 336
Po spuštění: Volných bajtů: 66 276 024 320
.
- - End Of File - - 82C8C7E8424412F8A89635163C816807

#9 Příspěvek od **vyosek** » 27 dub 2013 19:46

Odinstalujte Advanced SystemCare 6 a nasledne i vse od IOBit - jsou to cinske smejdy a spise jen skodi nez jsou uzitkem. Hledaji nesmyslne a neexistujici problemy, databazi haveti ukradli jine renomovane spolecnosti

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

JainaImmortal · #10 Příspěvek od **JainaImmortal** » 28 dub 2013 12:17

Extras log:
OTL Extras logfile created on: 4/28/2013 12:24:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jana Svobodová\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.93 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.58% Memory free
7.86 Gb Paging File | 5.95 Gb Available in Paging File | 75.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.30 Gb Total Space | 61.58 Gb Free Space | 21.58% Space Free | Partition Type: NTFS
Drive D: | 2.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 6.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JANA | User Name: Jana Svobodová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Classes\<extension>]
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1643B3EA-C453-48AC-A6A2-0961CBBF5FF7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{18A05192-4109-4641-B4BE-8CBBC490364C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22E7D0C6-0D61-4601-A496-00D8CE60B076}" = lport=10243 | protocol=6 | dir=in | app=system |
"{26F835A0-9BE6-4B64-83EC-ED6A5DE99F93}" = lport=139 | protocol=6 | dir=in | app=system |
"{2784576F-0B77-45DB-ADB7-D665EB43E712}" = lport=138 | protocol=17 | dir=in | app=system |
"{3564E29A-3C42-458C-A4B1-A4944CBCFB19}" = rport=137 | protocol=17 | dir=out | app=system |
"{4353C980-5C9D-4BDA-B741-40E71FAFA49C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44EFCB73-964A-4589-8CC2-F201530F4C46}" = rport=138 | protocol=17 | dir=out | app=system |
"{50C52027-E8AC-4B9B-BE78-28BB2A41596D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D5E1E37-1D33-4746-9C5F-E2E5E92A5BA4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6383F83A-6304-46D5-AE1E-5A92D65F2B41}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CC8441C-A042-41F6-9315-57B8AB5406D3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{75F60339-1B81-4DF0-AB7C-BE6045BB7220}" = rport=139 | protocol=6 | dir=out | app=system |
"{7A994E69-1B91-43F8-8DD0-4644774A5CF1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863DF4F3-8219-4085-B544-75226FB7F639}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A5C9A16-943A-441D-BCBB-6522B938DD3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94E74637-170A-495E-AFA4-300FE94F45BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A1EAE459-3B80-4E35-8963-612990D2C7F5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{B4F481FE-7C03-4B6D-B048-5052D9285234}" = lport=445 | protocol=6 | dir=in | app=system |
"{B86299E0-5C17-4495-B989-D814F0C69F52}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{B8EC35FA-C076-41C3-BEBF-4F03A4A81696}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C23B9799-F0E3-440A-AEF8-3E24CD45A4C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFFD551C-9501-448B-AD6E-2FAC1D1128AF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC5CE523-1DC4-4BD8-B138-0727449F2919}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EEA5D7F4-8FD0-415F-BF6E-95FC875BCB36}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0054C529-B696-49CD-A328-387AB5273CB8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{00C89236-5FF7-4909-8545-3CDFA6542D45}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{016A37AD-6DEB-4A4F-B718-A16FDB7EB5D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{028E0872-8C4E-4024-9968-FF84A782D34C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{0454EBBC-FC22-4F01-A249-AAD0790A3844}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{08293A23-A8D3-401C-BBBE-D4FE8158624E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{08FEAFB4-F2CB-460A-9756-1DC361F52E5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0A32683B-7BE1-42A3-8569-676C5EC67E1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B04EF46-27E7-4C1F-BF35-A38CF5A44E3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0CC6A06A-5FC0-4ABE-B3E4-D1F22B777069}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{0D830F87-079C-428E-97F6-FFD0455398B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0DB6F52F-2488-4615-B42D-CC238964C6BE}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{0ECCB6FF-B600-46CB-9859-998782A1E1A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0F434C16-B878-4C98-BE49-0D3434851ECF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1180ACC4-AB17-43A0-8CAD-B43920FF9BB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14121AD6-A8AD-43B9-A883-DFB37DFA5A57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{181DF56A-27E7-4192-BF0F-945480F7C64D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B233F9C-1F60-4538-9964-85A11DC3D18E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1BA60D94-A085-4935-BABF-FD26F3748E2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D1130DE-E9A3-4C2A-AE96-435514861DAA}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{1D8927BB-460A-4802-BBFC-5AD64EB3671B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E02E66D-47A6-42BF-893D-51E3AF1C747C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F5BEA3D-9CB6-4DF5-B449-99112BF72749}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1FA3E32A-AE9D-42AF-BB76-709C9C4795C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{21799F46-00AB-4E8E-A80F-FDFE6538A399}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2208AB06-F8FA-40DF-996D-EB8F70955008}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{226D4B1F-67DF-4E24-9207-7A6572D311CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22BAD65F-2E5A-428A-96A2-EBC119933526}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{232CDF79-71FD-4447-8107-79FE75B05D29}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2381D490-FDF9-45D4-B1B4-88AC56C83ECD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2407ED09-69CA-4D5C-9F74-B55A4B4352F6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{252AC91C-91C9-499C-957C-928A540B8559}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25645131-AA6E-48E7-A141-397A3BFBE542}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{25CB1568-06D2-4183-8F71-0189DAB55630}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25FAF16E-860A-4A48-BFAB-DA3CB0C74F49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{27EB1FF3-6CEC-465C-B6F2-CDED325DFD71}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{28554A0F-0C91-47D7-B43D-D352F0FB7E67}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{29C0D7DE-AAB5-4FF7-9344-02B65ACF7845}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29D60340-4C06-496B-AF5C-77D8A03134DA}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{2BF98685-1AB4-4C50-99F4-F0FDE539B2E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{2D1A0FF7-BF55-4DE7-8249-26C3C182D14D}" = dir=in | app=c:\users\jana svobodová\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{2D746A64-D00A-470A-BA22-1DB6C9C9649D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DD5DF32-36E1-46A6-A8AA-F65E61B500CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2E9BDA92-71A0-4192-9CC0-1A9DE7841C87}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2FD742A9-541F-4273-A8A9-B1945A751815}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{301D19D6-1948-478D-AF1C-A4A91C1D106A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{318F76DA-6CDB-4AE7-BBAE-697BA69B9C1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{32B4A8C4-073C-4CFE-8C8F-2E38CB0BE81E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33307213-2EBC-4ECC-A274-DAF209030DBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{342D3D1D-BE28-4F13-8F1F-3E59139A19FE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{34E6941C-64B2-4142-AD6B-6637ABA069E3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35908FBE-7A59-4BA1-B397-B3798D2746C3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{36B68BEC-C798-4839-83EE-7757B998BBA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{37239097-0498-43CE-AC9B-028B29C64976}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{376FA9C3-320F-4BF3-87F6-3BD763C1C577}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3808FAF8-BF75-4BE9-9C7B-C2FED4F271FE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{38BD4ADC-AADD-4BA5-9CB5-1AEEF9492FA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{394DC1B0-F730-423C-AA1D-9A35EF72F558}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3BD2E5B9-CC5E-4CC2-8B96-DF788272FB7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C19FA97-47B4-4ED3-88B4-AA4F112B404D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D23D1A1-3FC4-4FB9-A7B5-90CD56CEC495}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3DA986B0-92D7-4F28-87A3-B0B4A59C2290}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{3E947A9F-F095-4CEF-B036-F4E0B36FBD1C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3F36463E-388D-45DE-99DE-7A5477620E05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{408B2380-AAC0-45CF-A3F9-BDB062C77043}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{411AC64E-FE89-4691-B2A2-064A00EBD4C4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{418E8A36-8374-4A0A-9F90-9BF876DD28DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{419483B8-E53B-4670-B436-BD62DAEF765A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4271EBA1-1BF5-4D96-839B-968FDC4FF4D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4293EB80-5EC7-4DB5-AA11-F4CE61B23513}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"{436384C4-38A0-4B49-AA9D-0E675746F732}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{449CF86A-B3EA-4097-B340-4EA760E2BB91}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4A5457DC-51AE-41E4-BADA-AFFBF4829283}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F25B40C-87E6-458A-885A-8E313FE0CD11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50653367-AA6B-4630-81A9-98E0F58CDC20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{523D7D3C-8877-4528-AD67-6B7CA2A3FB2E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{52D3E015-F7D5-4B4F-9D6D-4BFDE1F62085}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{53692208-E29E-46AA-BEBB-B2BA3144C4D1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{53965D25-02C2-4CE2-8C21-3ED52AF13A9B}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{54B6545C-6CC4-444F-B555-8B4FC5E818BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{550D6DFB-3127-4185-A9EF-EE2798A3B7F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{55772733-5E92-4AE3-B7FE-B3A7DD572B5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CC0BBF9-5BE6-4B93-AD9D-0E04397C8FFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D2C7653-9115-461E-9BE2-713D5EC34E5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D96FA42-5E9E-4048-B326-6BB22CF02712}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5EC4809A-A2D9-46DE-BE0C-BA107256E41E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FC889D3-A76C-47DE-910F-365D04725605}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FC9E084-C0F5-46D9-8ABD-683416E72E5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{609A4245-D841-4261-A812-596FC951DE07}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{60D6F8A7-F000-40F7-B33A-2689559B07C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{62DC5EDD-2447-4B8A-A89E-212F4B31396D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{645E1936-DE06-440F-88EE-6708009BF6D8}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"{6713D3EF-EB2A-41B4-A40C-01073C82C196}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67A02783-C80D-48F3-81A8-E52FE294F0EB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{692A0B9A-25E3-46C5-9DC4-C38DC6E8E3D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D8E0A1F-DD25-4F20-BCB8-BDD27F162CF1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{6DB2AABD-81EA-4AE4-8D9E-1FABD729FEA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6E134634-C6FC-436D-A043-18B029162933}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6EC83B24-8B59-45F6-9F6B-AAA6B01B25F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F1DBFF5-BC6C-40BD-AC60-2DDFE20D23F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F9C2DE9-0776-4723-BAE9-09DF6B6867B1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{704361C7-9F35-4F2E-8106-1A8C784957EA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{709F98C6-1B56-469C-AA7C-7E33F537B2FB}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{723DB2A5-4445-4753-9354-7B5634674E97}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{733F5160-F838-4F47-A6E3-88E74AEFCE84}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{73972B12-7618-4ADD-B7EF-29E756DF4301}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73FDBDAF-F7D5-470C-8AF2-7F39CB5502B3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{75490A3F-827F-45AC-9C55-803EB4C7B3CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{762B1044-8DBC-409E-8361-810AA3B6855C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7AF1EFA1-8DB4-494C-8EFA-78E9B66C23F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7BA6536C-C70E-41ED-997C-7E9776480689}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{7C70F054-79B2-47BD-9668-57932E4F6CED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7DC3183F-6846-4E0D-BF1C-3C6384280672}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7EDFF3DE-8025-4B93-A992-05A1D1D09622}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7F5F7190-B018-41D9-BC5C-2BF29F5C2DDD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{83EC9395-3F12-494A-8405-7770C4C73A1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{851E38E1-C90C-48B5-A23E-60B605C05DE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8537E439-D91E-4A62-BAE6-22A38BFFD172}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{85C29A1B-4E32-4DA6-B458-935014E85C35}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{86C6CD10-5C99-43FF-A880-CCB5F46A3DAA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{86FDDF51-ABA1-49AF-92F3-D97360A7B5D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{892F61BB-8E6C-4618-BBAE-702F45C04B28}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{89FF4168-3A9C-4BC0-9F86-2D1CB080D161}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8C6CAD9A-2E8E-4CC4-8B9E-B18F99E20439}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D052CA4-07E6-430E-8357-31C8F9BE0DDF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{918D135C-7F98-4C24-8AA9-4763CB2D08BD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{91B4A0E1-6A64-4B19-A732-96D88DBFF8D9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{91E7F569-078C-4427-B0CF-4D5E4543A77F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92E6AA14-A8C0-4366-9F3B-16771862FB05}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{93066D14-861D-4310-9F54-C4FFC2DA15E4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{942DD49C-8874-45C9-820A-244C76153F7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{94FC469A-CFBA-44F1-BC24-331C39B573F8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{953CD61C-4916-4B02-BA8A-FC5FF530FFA3}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{95D61ED2-0A12-4BAB-904C-DC26ABD100CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{95F7CD92-5E3F-4BA9-94C6-C8BCBB0AD653}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{966403A7-6FC0-4D07-9E9F-D15A044755D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9794DF32-9BE2-4AB2-8FF1-12B630E267B3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{98943058-AD06-4222-8708-2EBD163B300C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{990A73CA-5570-4B29-A8B3-35626BC3A5AF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A05DEDF-BA64-4B8C-98BF-7C3636F01048}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A3F2388-A371-421F-A85B-4659362016D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A75922A-FCF6-47E4-B93B-237276C38E61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9C448AEA-7B0F-445E-8FEA-1949B2A87C59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9D4D9B5D-0F3F-426E-A93C-2DFD2A73AA9F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E81624D-7E5E-412E-9360-F98DA34B7A54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0A2ACC2-D39B-4443-B611-22B2407425B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A412DD3E-EC21-4411-86E5-5EE5C37535FD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{A5A48B92-8A06-46CC-AB98-D30EDF70F628}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{A6CA522A-5A7E-4263-8CF8-9C0B84E3E530}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A73DC5F6-E7AB-4CD3-A87E-F59CE3695A51}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A88A2151-BAC2-43CA-984F-8FB553D2BE06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A9165DF2-EAA2-4F94-BEB6-01B1EEB208CF}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{A9F46A1D-85E9-4882-9378-E356B0B53E38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB334125-CF28-48BF-8751-C4E40B58EACE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB569BB4-0DFC-45C7-961F-11CB81A5951D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADF84370-E004-4294-9392-B4FAF0A7E852}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AEE02498-DB90-41DF-8B90-5F8EC6BF4812}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{B05AEE31-739B-4A62-A5B7-55D81862EC6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B16A1D11-3357-4E76-9502-4A07DC81C58F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B5E3730D-9200-4F0E-89F1-6B9D4424D657}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B5F855EF-D414-4491-926D-3935BF245BBD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6C02FF4-1C6E-4CF3-866E-662660C4B0C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8B9014F-8820-4689-A4AC-A8D0771405E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B903E0D4-9667-4AB1-86F7-096E39BBC7EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{B9936052-BEED-4B8F-BEEA-43804867048B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBFE11A4-8571-420B-B2AD-B7394271B202}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC721057-E598-44A8-AAE7-E53E596F3588}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BCECE0A1-589B-42F9-B27A-1DF9031387E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BD3C0D29-EE02-4F06-9760-0E56DE9949D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BE52FD2D-E53F-4DC2-8DF2-BBCD704A707E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BF1382E7-B4AA-4474-8BF9-CABB00321E6F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C01CB481-A97C-4FA2-B43C-964175FB70A5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3F864C8-C1B1-4125-A55C-D59F6BE0F8C3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{C584F2B4-8960-499B-A4D4-88751D7077E6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{C72D58BF-42E8-45CB-A72D-7D06B0500435}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7F34907-23A2-4FF4-90BF-0A107C1ED8D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8049CA1-6DCB-4D03-8598-650493560E7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9A8B3A9-B6AB-4C2D-BAA7-428B5BA16824}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CB995BAE-0178-4D09-A5D6-1797063907AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE4CD7C1-FFD4-4C0E-9193-8EFFC8861E2C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D4EB3A75-438C-441F-B790-D5DFBFFB9C0F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D73A5AAE-3D6B-4045-AA26-EB472A282A63}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{D8017F8F-BFE6-4F9D-A7ED-17BC6950126D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8AABB03-CA8D-478A-9763-5281D43A0491}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D9BD93A8-4F31-4807-BFE7-E451142FD7FD}" = protocol=6 | dir=out | app=system |
"{DB1B25B4-F332-4C1E-A5D0-A813F7951ADD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB83D37C-D171-4FE2-89B5-ADFE9BC16323}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DD622D01-7868-4BB9-AB54-010815C84E6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E004B37D-0603-4931-8D11-63CE217C3D73}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E059D7FB-0124-4E4F-80DC-AAEED2A964D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E122DA6F-5B27-4F4F-99AE-8C1B5D93066F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1E7BF78-003D-48E3-A36E-F564C19E287E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E258E029-2588-4B51-B68A-049961905773}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5788F6C-33A6-4B48-92B6-04A7EC303D36}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E91258E1-3A5A-4964-8611-9A5E8153BAC8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{E94544F2-91B4-4E29-8345-22336265EBD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EAD41B59-032B-4E33-BECB-B35B806033B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBD0EACB-15DF-47A6-84E9-0F5074396248}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC6469AD-2E4E-4C42-BCC1-DB86B329E797}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC74820F-8C64-4EDE-9F70-BD970BEFAFAA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC93C6F1-1A28-484C-A5C7-2E7FA811CB5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC9FD7D1-0269-402B-A35D-8472B4BAD6FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF0B7E1E-3C80-4FD4-BBA3-816E54B1EC0F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EFC135B6-A40B-4AD7-A37C-2B698237249F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F02267A0-1236-4416-A250-A86BFA6F7233}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F309B4D1-3820-49DD-87E0-14974A422AD4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F45ACD5F-D12B-40C9-82FB-D024749ACA7E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F650DD67-DC77-40B9-A573-BDB264FE9BB7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F8E30AB5-6700-41A3-B569-871D80A9BED4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F8E84D8A-19B5-4925-AE23-C1F5448A4466}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F98A624A-004A-4BAE-BB55-63F5D2BC3D99}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{FDC33CD2-3DD7-49FB-83C9-E283CBD2CFCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE5B4DDD-9C16-4380-9BE9-A24A356EC168}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FEABAF62-9DC8-4576-B4FD-7DD3ABE145AD}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{FFE7E3D2-98C4-4854-9B22-9CED34C99A0B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"TCP Query User{1FA7BA3C-8B8E-4DF8-89B7-D64779DDEE27}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{303EA017-4EA1-4175-B630-31DFE4573F43}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"TCP Query User{5C7DD18A-516B-445F-AA86-4495571F634C}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{AEFBDA34-20EE-4B12-B1C1-641036D8E7F2}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{CEC41684-AF7B-466B-9CA7-1CF8C6409336}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{D4D81D59-6F62-44F3-AA4A-6B84D9A9EAE6}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{D4FF1848-68A7-41B2-84DE-FF7B244EC7E9}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{D8D8D904-5BE9-45DF-8E90-7A5E0D4F7641}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F6C0E6AE-8B6A-4460-AB20-A7FBFE06BE11}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{FCA84F3B-709C-4344-9D1A-DBC8025A5D97}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{1B22511B-3AA5-42AF-85A8-15D76A865FEF}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{2620A3F8-17E5-4B81-92B6-9B9FE06C4484}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{2698DCE3-54C8-40DF-80B5-2F981B424FF7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{2A7B4EF4-F71E-4586-AC3F-5FB867A2595F}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{2EBE749E-A70F-4B74-9F15-5E4937241B3D}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"UDP Query User{650653EA-E20C-4921-BBBF-CEF2335AB9C1}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{7C4CF7E3-6B66-4453-A91A-C8B04C588247}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{C62CAE6C-B382-41BB-83B9-07DE6D5700F9}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{C94F6F1B-D1E8-4C61-A2CD-0BCB87AD7CDA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{FD4C0EE8-612F-4CBE-9D4D-BE1DB8FBCEEF}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"nbi-glassfish-mod-3.1.2.23.2" = GlassFish Server Open Source Edition 3.1.2.2
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.1
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.21
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C34E19B2-F4D4-4C1F-A565-BA92627178D8}" = Sony Media Manager 2.0
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DC53BB56-FBB5-47BE-B342-E43CC83C0ECF}" = Sony Vegas 6.0c
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.04.04.8012
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AP Tuner 3.08" = AP Tuner 3.08
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"Counter-Strike 1.6 Non-Steam 1.0" = Counter-Strike 1.6 Non-Steam 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"FaceSmooch Toolbar" = FaceSmooch Toolbar
"FL Studio 10" = FL Studio 10
"Free 3D Video Maker_is1" = Free 3D Video Maker version 1.0.1.305
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.7.18
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 5.7.4.918
"Free Video Dub_is1" = Free Video Dub version 1.8.10.305
"Free Video to GIF Converter_is1" = 2.0
"Free Video to LG Phones Converter_is1" = Free Video to LG Phones Converter version 1.2.9
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.32.324
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Game Booster_is1" = Game Booster 3
"GEONExT_is1" = GEONExT 1.74
"GridVista" = Acer GridVista
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"Kantaris_is1" = Kantaris Media Player 0.7.7
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Music Editor Free" = Music Editor Free
"NSS" = Norton Security Scan
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"Origin" = Origin
"PhotoFiltre" = PhotoFiltre
"PoiZone" = PoiZone
"Port Royale_is1" = Port Royale
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče beta56 sestavení 134
"Reason Demo_is1" = Reason Demo 3.0.3
"Sakura" = Sakura
"Sawer" = Sawer
"Smart Defrag 2_is1" = Smart Defrag 2
"StarCraft II" = StarCraft II
"Steam App 570" = Dota 2
"Stylish Profile" = Stylish Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Toxic Biohazard" = Toxic Biohazard
"Ultra AVI Converter_is1" = Ultra AVI Converter 6.2.0411
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.0.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"26a4a266234db9d8" = Twinstar-Launcher
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/7/2009 5:22:32 AM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 1/29/2010 3:53:19 AM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 3/9/2010 4:04:31 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 3/10/2010 3:52:45 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 5/6/2010 2:20:00 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 1/30/2011 2:35:14 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 4/26/2013 3:47:11 PM | Computer Name = Jana | Source = Google Update | ID = 20
Description =

[ OSession Events ]
Error - 6/18/2010 6:54:44 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/28/2011 7:51:02 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/2/2011 11:10:11 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/24/2012 10:40:51 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/26/2013 9:05:01 AM | Computer Name = Jana | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby MBAMService bylo dosaženo časového
limitu (30000 ms).

Error - 4/26/2013 10:11:50 AM | Computer Name = Jana | Source = BROWSER | ID = 8032
Description =

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba Skype C2C Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba hpqcxs08 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba Služba HP CUE DeviceDiscovery byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 4/26/2013 2:57:17 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 4/26/2013 3:01:35 PM | Computer Name = Jana | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 4/26/2013 3:02:29 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 4/26/2013 3:46:37 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Live ID Sign-in Assistant bylo
dosaženo časového limitu (30000 ms).

Error - 4/26/2013 3:46:37 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7000
Description = Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku
následující chyby: %%1053

< End of report >

JainaImmortal · #11 Příspěvek od **JainaImmortal** » 28 dub 2013 12:17

Extras log:
OTL Extras logfile created on: 4/28/2013 12:24:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jana Svobodová\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.93 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.58% Memory free
7.86 Gb Paging File | 5.95 Gb Available in Paging File | 75.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.30 Gb Total Space | 61.58 Gb Free Space | 21.58% Space Free | Partition Type: NTFS
Drive D: | 2.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 6.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JANA | User Name: Jana Svobodová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Classes\<extension>]
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.pif [@ = piffile] -- Reg Error: Key error. File not found
.vbs [@ = VBSFile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PeaZip] -- Reg Error: Value error.
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1643B3EA-C453-48AC-A6A2-0961CBBF5FF7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{18A05192-4109-4641-B4BE-8CBBC490364C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{22E7D0C6-0D61-4601-A496-00D8CE60B076}" = lport=10243 | protocol=6 | dir=in | app=system |
"{26F835A0-9BE6-4B64-83EC-ED6A5DE99F93}" = lport=139 | protocol=6 | dir=in | app=system |
"{2784576F-0B77-45DB-ADB7-D665EB43E712}" = lport=138 | protocol=17 | dir=in | app=system |
"{3564E29A-3C42-458C-A4B1-A4944CBCFB19}" = rport=137 | protocol=17 | dir=out | app=system |
"{4353C980-5C9D-4BDA-B741-40E71FAFA49C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44EFCB73-964A-4589-8CC2-F201530F4C46}" = rport=138 | protocol=17 | dir=out | app=system |
"{50C52027-E8AC-4B9B-BE78-28BB2A41596D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5D5E1E37-1D33-4746-9C5F-E2E5E92A5BA4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6383F83A-6304-46D5-AE1E-5A92D65F2B41}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6CC8441C-A042-41F6-9315-57B8AB5406D3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{75F60339-1B81-4DF0-AB7C-BE6045BB7220}" = rport=139 | protocol=6 | dir=out | app=system |
"{7A994E69-1B91-43F8-8DD0-4644774A5CF1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{863DF4F3-8219-4085-B544-75226FB7F639}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A5C9A16-943A-441D-BCBB-6522B938DD3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{94E74637-170A-495E-AFA4-300FE94F45BB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A1EAE459-3B80-4E35-8963-612990D2C7F5}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{B4F481FE-7C03-4B6D-B048-5052D9285234}" = lport=445 | protocol=6 | dir=in | app=system |
"{B86299E0-5C17-4495-B989-D814F0C69F52}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{B8EC35FA-C076-41C3-BEBF-4F03A4A81696}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C23B9799-F0E3-440A-AEF8-3E24CD45A4C1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CFFD551C-9501-448B-AD6E-2FAC1D1128AF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC5CE523-1DC4-4BD8-B138-0727449F2919}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{EEA5D7F4-8FD0-415F-BF6E-95FC875BCB36}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0054C529-B696-49CD-A328-387AB5273CB8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{00C89236-5FF7-4909-8545-3CDFA6542D45}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{016A37AD-6DEB-4A4F-B718-A16FDB7EB5D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{028E0872-8C4E-4024-9968-FF84A782D34C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{0454EBBC-FC22-4F01-A249-AAD0790A3844}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{08293A23-A8D3-401C-BBBE-D4FE8158624E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{08FEAFB4-F2CB-460A-9756-1DC361F52E5D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0A32683B-7BE1-42A3-8569-676C5EC67E1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0B04EF46-27E7-4C1F-BF35-A38CF5A44E3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0CC6A06A-5FC0-4ABE-B3E4-D1F22B777069}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{0D830F87-079C-428E-97F6-FFD0455398B7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0DB6F52F-2488-4615-B42D-CC238964C6BE}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{0ECCB6FF-B600-46CB-9859-998782A1E1A7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0F434C16-B878-4C98-BE49-0D3434851ECF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1180ACC4-AB17-43A0-8CAD-B43920FF9BB5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{14121AD6-A8AD-43B9-A883-DFB37DFA5A57}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{181DF56A-27E7-4192-BF0F-945480F7C64D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1B233F9C-1F60-4538-9964-85A11DC3D18E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1BA60D94-A085-4935-BABF-FD26F3748E2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D1130DE-E9A3-4C2A-AE96-435514861DAA}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{1D8927BB-460A-4802-BBFC-5AD64EB3671B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1E02E66D-47A6-42BF-893D-51E3AF1C747C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F5BEA3D-9CB6-4DF5-B449-99112BF72749}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1FA3E32A-AE9D-42AF-BB76-709C9C4795C5}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\rm.exe |
"{21799F46-00AB-4E8E-A80F-FDFE6538A399}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2208AB06-F8FA-40DF-996D-EB8F70955008}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{226D4B1F-67DF-4E24-9207-7A6572D311CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22BAD65F-2E5A-428A-96A2-EBC119933526}" = protocol=17 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{232CDF79-71FD-4447-8107-79FE75B05D29}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2381D490-FDF9-45D4-B1B4-88AC56C83ECD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2407ED09-69CA-4D5C-9F74-B55A4B4352F6}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{252AC91C-91C9-499C-957C-928A540B8559}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25645131-AA6E-48E7-A141-397A3BFBE542}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{25CB1568-06D2-4183-8F71-0189DAB55630}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{25FAF16E-860A-4A48-BFAB-DA3CB0C74F49}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{27EB1FF3-6CEC-465C-B6F2-CDED325DFD71}" = protocol=6 | dir=in | app=c:\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{28554A0F-0C91-47D7-B43D-D352F0FB7E67}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{29C0D7DE-AAB5-4FF7-9344-02B65ACF7845}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{29D60340-4C06-496B-AF5C-77D8A03134DA}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{2BF98685-1AB4-4C50-99F4-F0FDE539B2E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{2D1A0FF7-BF55-4DE7-8249-26C3C182D14D}" = dir=in | app=c:\users\jana svobodová\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{2D746A64-D00A-470A-BA22-1DB6C9C9649D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DD5DF32-36E1-46A6-A8AA-F65E61B500CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2E9BDA92-71A0-4192-9CC0-1A9DE7841C87}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2FD742A9-541F-4273-A8A9-B1945A751815}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{301D19D6-1948-478D-AF1C-A4A91C1D106A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{318F76DA-6CDB-4AE7-BBAE-697BA69B9C1C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{32B4A8C4-073C-4CFE-8C8F-2E38CB0BE81E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{33307213-2EBC-4ECC-A274-DAF209030DBC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{342D3D1D-BE28-4F13-8F1F-3E59139A19FE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{34E6941C-64B2-4142-AD6B-6637ABA069E3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35908FBE-7A59-4BA1-B397-B3798D2746C3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{36B68BEC-C798-4839-83EE-7757B998BBA3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{37239097-0498-43CE-AC9B-028B29C64976}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{376FA9C3-320F-4BF3-87F6-3BD763C1C577}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3808FAF8-BF75-4BE9-9C7B-C2FED4F271FE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{38BD4ADC-AADD-4BA5-9CB5-1AEEF9492FA4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{394DC1B0-F730-423C-AA1D-9A35EF72F558}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3BD2E5B9-CC5E-4CC2-8B96-DF788272FB7A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3C19FA97-47B4-4ED3-88B4-AA4F112B404D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3D23D1A1-3FC4-4FB9-A7B5-90CD56CEC495}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3DA986B0-92D7-4F28-87A3-B0B4A59C2290}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{3E947A9F-F095-4CEF-B036-F4E0B36FBD1C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3F36463E-388D-45DE-99DE-7A5477620E05}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{408B2380-AAC0-45CF-A3F9-BDB062C77043}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{411AC64E-FE89-4691-B2A2-064A00EBD4C4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{418E8A36-8374-4A0A-9F90-9BF876DD28DA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{419483B8-E53B-4670-B436-BD62DAEF765A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4271EBA1-1BF5-4D96-839B-968FDC4FF4D9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4293EB80-5EC7-4DB5-AA11-F4CE61B23513}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe |
"{436384C4-38A0-4B49-AA9D-0E675746F732}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{449CF86A-B3EA-4097-B340-4EA760E2BB91}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4A5457DC-51AE-41E4-BADA-AFFBF4829283}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4F25B40C-87E6-458A-885A-8E313FE0CD11}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50653367-AA6B-4630-81A9-98E0F58CDC20}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{523D7D3C-8877-4528-AD67-6B7CA2A3FB2E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{52D3E015-F7D5-4B4F-9D6D-4BFDE1F62085}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{53692208-E29E-46AA-BEBB-B2BA3144C4D1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\videospin.exe |
"{53965D25-02C2-4CE2-8C21-3ED52AF13A9B}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe |
"{54B6545C-6CC4-444F-B555-8B4FC5E818BA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{550D6DFB-3127-4185-A9EF-EE2798A3B7F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{55772733-5E92-4AE3-B7FE-B3A7DD572B5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5CC0BBF9-5BE6-4B93-AD9D-0E04397C8FFD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D2C7653-9115-461E-9BE2-713D5EC34E5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5D96FA42-5E9E-4048-B326-6BB22CF02712}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5EC4809A-A2D9-46DE-BE0C-BA107256E41E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FC889D3-A76C-47DE-910F-365D04725605}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5FC9E084-C0F5-46D9-8ABD-683416E72E5C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{609A4245-D841-4261-A812-596FC951DE07}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{60D6F8A7-F000-40F7-B33A-2689559B07C9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{62DC5EDD-2447-4B8A-A89E-212F4B31396D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{645E1936-DE06-440F-88EE-6708009BF6D8}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe |
"{6713D3EF-EB2A-41B4-A40C-01073C82C196}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{67A02783-C80D-48F3-81A8-E52FE294F0EB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{692A0B9A-25E3-46C5-9DC4-C38DC6E8E3D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6D8E0A1F-DD25-4F20-BCB8-BDD27F162CF1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{6DB2AABD-81EA-4AE4-8D9E-1FABD729FEA5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6E134634-C6FC-436D-A043-18B029162933}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6EC83B24-8B59-45F6-9F6B-AAA6B01B25F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F1DBFF5-BC6C-40BD-AC60-2DDFE20D23F5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6F9C2DE9-0776-4723-BAE9-09DF6B6867B1}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{704361C7-9F35-4F2E-8106-1A8C784957EA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{709F98C6-1B56-469C-AA7C-7E33F537B2FB}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{723DB2A5-4445-4753-9354-7B5634674E97}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{733F5160-F838-4F47-A6E3-88E74AEFCE84}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{73972B12-7618-4ADD-B7EF-29E756DF4301}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{73FDBDAF-F7D5-470C-8AF2-7F39CB5502B3}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{75490A3F-827F-45AC-9C55-803EB4C7B3CE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{762B1044-8DBC-409E-8361-810AA3B6855C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7AF1EFA1-8DB4-494C-8EFA-78E9B66C23F9}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7BA6536C-C70E-41ED-997C-7E9776480689}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{7C70F054-79B2-47BD-9668-57932E4F6CED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7DC3183F-6846-4E0D-BF1C-3C6384280672}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7EDFF3DE-8025-4B93-A992-05A1D1D09622}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{7F5F7190-B018-41D9-BC5C-2BF29F5C2DDD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{83EC9395-3F12-494A-8405-7770C4C73A1D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{851E38E1-C90C-48B5-A23E-60B605C05DE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8537E439-D91E-4A62-BAE6-22A38BFFD172}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{85C29A1B-4E32-4DA6-B458-935014E85C35}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{86C6CD10-5C99-43FF-A880-CCB5F46A3DAA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{86FDDF51-ABA1-49AF-92F3-D97360A7B5D6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{892F61BB-8E6C-4618-BBAE-702F45C04B28}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{89FF4168-3A9C-4BC0-9F86-2D1CB080D161}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8C6CAD9A-2E8E-4CC4-8B9E-B18F99E20439}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D052CA4-07E6-430E-8357-31C8F9BE0DDF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{918D135C-7F98-4C24-8AA9-4763CB2D08BD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{91B4A0E1-6A64-4B19-A732-96D88DBFF8D9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{91E7F569-078C-4427-B0CF-4D5E4543A77F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{92E6AA14-A8C0-4366-9F3B-16771862FB05}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{93066D14-861D-4310-9F54-C4FFC2DA15E4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{942DD49C-8874-45C9-820A-244C76153F7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{94FC469A-CFBA-44F1-BC24-331C39B573F8}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{953CD61C-4916-4B02-BA8A-FC5FF530FFA3}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{95D61ED2-0A12-4BAB-904C-DC26ABD100CA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{95F7CD92-5E3F-4BA9-94C6-C8BCBB0AD653}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\videospin\programs\umi.exe |
"{966403A7-6FC0-4D07-9E9F-D15A044755D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9794DF32-9BE2-4AB2-8FF1-12B630E267B3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{98943058-AD06-4222-8708-2EBD163B300C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{990A73CA-5570-4B29-A8B3-35626BC3A5AF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A05DEDF-BA64-4B8C-98BF-7C3636F01048}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A3F2388-A371-421F-A85B-4659362016D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9A75922A-FCF6-47E4-B93B-237276C38E61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9C448AEA-7B0F-445E-8FEA-1949B2A87C59}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9D4D9B5D-0F3F-426E-A93C-2DFD2A73AA9F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E81624D-7E5E-412E-9360-F98DA34B7A54}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A0A2ACC2-D39B-4443-B611-22B2407425B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A412DD3E-EC21-4411-86E5-5EE5C37535FD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{A5A48B92-8A06-46CC-AB98-D30EDF70F628}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{A6CA522A-5A7E-4263-8CF8-9C0B84E3E530}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A73DC5F6-E7AB-4CD3-A87E-F59CE3695A51}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A88A2151-BAC2-43CA-984F-8FB553D2BE06}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A9165DF2-EAA2-4F94-BEB6-01B1EEB208CF}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{A9F46A1D-85E9-4882-9378-E356B0B53E38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB334125-CF28-48BF-8751-C4E40B58EACE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AB569BB4-0DFC-45C7-961F-11CB81A5951D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{ADF84370-E004-4294-9392-B4FAF0A7E852}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{AEE02498-DB90-41DF-8B90-5F8EC6BF4812}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{B05AEE31-739B-4A62-A5B7-55D81862EC6E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{B16A1D11-3357-4E76-9502-4A07DC81C58F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B5E3730D-9200-4F0E-89F1-6B9D4424D657}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B5F855EF-D414-4491-926D-3935BF245BBD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B6C02FF4-1C6E-4CF3-866E-662660C4B0C0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B8B9014F-8820-4689-A4AC-A8D0771405E3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B903E0D4-9667-4AB1-86F7-096E39BBC7EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{B9936052-BEED-4B8F-BEEA-43804867048B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BBFE11A4-8571-420B-B2AD-B7394271B202}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BC721057-E598-44A8-AAE7-E53E596F3588}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BCECE0A1-589B-42F9-B27A-1DF9031387E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BD3C0D29-EE02-4F06-9760-0E56DE9949D2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BE52FD2D-E53F-4DC2-8DF2-BBCD704A707E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{BF1382E7-B4AA-4474-8BF9-CABB00321E6F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C01CB481-A97C-4FA2-B43C-964175FB70A5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C3F864C8-C1B1-4125-A55C-D59F6BE0F8C3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.913\agent.exe |
"{C584F2B4-8960-499B-A4D4-88751D7077E6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe |
"{C72D58BF-42E8-45CB-A72D-7D06B0500435}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7F34907-23A2-4FF4-90BF-0A107C1ED8D3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C8049CA1-6DCB-4D03-8598-650493560E7D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C9A8B3A9-B6AB-4C2D-BAA7-428B5BA16824}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CB995BAE-0178-4D09-A5D6-1797063907AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CE4CD7C1-FFD4-4C0E-9193-8EFFC8861E2C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D4EB3A75-438C-441F-B790-D5DFBFFB9C0F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D73A5AAE-3D6B-4045-AA26-EB472A282A63}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{D8017F8F-BFE6-4F9D-A7ED-17BC6950126D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D8AABB03-CA8D-478A-9763-5281D43A0491}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D9BD93A8-4F31-4807-BFE7-E451142FD7FD}" = protocol=6 | dir=out | app=system |
"{DB1B25B4-F332-4C1E-A5D0-A813F7951ADD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DB83D37C-D171-4FE2-89B5-ADFE9BC16323}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{DD622D01-7868-4BB9-AB54-010815C84E6A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E004B37D-0603-4931-8D11-63CE217C3D73}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E059D7FB-0124-4E4F-80DC-AAEED2A964D2}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E122DA6F-5B27-4F4F-99AE-8C1B5D93066F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1E7BF78-003D-48E3-A36E-F564C19E287E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E258E029-2588-4B51-B68A-049961905773}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5788F6C-33A6-4B48-92B6-04A7EC303D36}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E91258E1-3A5A-4964-8611-9A5E8153BAC8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe |
"{E94544F2-91B4-4E29-8345-22336265EBD1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EAD41B59-032B-4E33-BECB-B35B806033B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBD0EACB-15DF-47A6-84E9-0F5074396248}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC6469AD-2E4E-4C42-BCC1-DB86B329E797}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC74820F-8C64-4EDE-9F70-BD970BEFAFAA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC93C6F1-1A28-484C-A5C7-2E7FA811CB5E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EC9FD7D1-0269-402B-A35D-8472B4BAD6FA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF0B7E1E-3C80-4FD4-BBA3-816E54B1EC0F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{EFC135B6-A40B-4AD7-A37C-2B698237249F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F02267A0-1236-4416-A250-A86BFA6F7233}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F309B4D1-3820-49DD-87E0-14974A422AD4}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F45ACD5F-D12B-40C9-82FB-D024749ACA7E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F650DD67-DC77-40B9-A573-BDB264FE9BB7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{F8E30AB5-6700-41A3-B569-871D80A9BED4}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F8E84D8A-19B5-4925-AE23-C1F5448A4466}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F98A624A-004A-4BAE-BB55-63F5D2BC3D99}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.515\agent.exe |
"{FDC33CD2-3DD7-49FB-83C9-E283CBD2CFCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FE5B4DDD-9C16-4380-9BE9-A24A356EC168}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{FEABAF62-9DC8-4576-B4FD-7DD3ABE145AD}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{FFE7E3D2-98C4-4854-9B22-9CED34C99A0B}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\bioware\star wars - the old republic\launcher.exe |
"TCP Query User{1FA7BA3C-8B8E-4DF8-89B7-D64779DDEE27}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{303EA017-4EA1-4175-B630-31DFE4573F43}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"TCP Query User{5C7DD18A-516B-445F-AA86-4495571F634C}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{AEFBDA34-20EE-4B12-B1C1-641036D8E7F2}C:\program files (x86)\tera\tera-launcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"TCP Query User{CEC41684-AF7B-466B-9CA7-1CF8C6409336}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"TCP Query User{D4D81D59-6F62-44F3-AA4A-6B84D9A9EAE6}C:\program files (x86)\icq7m\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"TCP Query User{D4FF1848-68A7-41B2-84DE-FF7B244EC7E9}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{D8D8D904-5BE9-45DF-8E90-7A5E0D4F7641}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F6C0E6AE-8B6A-4460-AB20-A7FBFE06BE11}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{FCA84F3B-709C-4344-9D1A-DBC8025A5D97}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{1B22511B-3AA5-42AF-85A8-15D76A865FEF}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{2620A3F8-17E5-4B81-92B6-9B9FE06C4484}C:\program files (x86)\tera\tera-launcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"UDP Query User{2698DCE3-54C8-40DF-80B5-2F981B424FF7}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{2A7B4EF4-F71E-4586-AC3F-5FB867A2595F}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{2EBE749E-A70F-4B74-9F15-5E4937241B3D}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\counter-strike 1.6 non-steam\hl.exe |
"UDP Query User{650653EA-E20C-4921-BBBF-CEF2335AB9C1}C:\program files (x86)\icq7m\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"UDP Query User{7C4CF7E3-6B66-4453-A91A-C8B04C588247}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{C62CAE6C-B382-41BB-83B9-07DE6D5700F9}C:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\turbine\the lord of the rings online\lotroclient.exe |
"UDP Query User{C94F6F1B-D1E8-4C61-A2CD-0BCB87AD7CDA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{FD4C0EE8-612F-4CBE-9D4D-BE1DB8FBCEEF}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{64A3A4F4-B792-11D6-A78A-00B0D0170170}" = Java SE Development Kit 7 Update 17 (64-bit)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"nbi-glassfish-mod-3.1.2.23.2" = GlassFish Server Open Source Edition 3.1.2.2
"nbi-nb-base-7.3.0.0.201302132200" = NetBeans IDE 7.3
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{31CF6C0E-51F0-41D2-B088-A6A143C4303C}" = SweetIM Toolbar for Internet Explorer 3.6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1" = PeaZip 3.1
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = The Sims Medieval
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = Media Player Utilities 4.21
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0405-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Czech) 2007
"{90120000-0017-0405-0000-0000000FF1CE}_OMUI.cs-cz_{13E6D9FD-5FE8-43A6-9874-515A50909DEF}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_OMUI.cs-cz_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.cs-cz_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.cs-cz_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_OMUI.cs-cz_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_OMUI.cs-cz_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0405-0000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2007
"{90120000-0100-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0405-0000-0000000FF1CE}" = Microsoft Office X MUI (Czech) 2007
"{90120000-0101-0405-0000-0000000FF1CE}_OMUI.cs-cz_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Czech)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{99D7DE4C-2775-4B16-B155-7F09AE939E8E}" = Microsoft Works
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C34E19B2-F4D4-4C1F-A565-BA92627178D8}" = Sony Media Manager 2.0
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}" = System Requirements Lab for Intel
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{DC53BB56-FBB5-47BE-B342-E43CC83C0ECF}" = Sony Vegas 6.0c
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"12bbe590-c890-11d9-9669-0800200c9a66_is1" = The Lord of the Rings Online™ v03.04.04.8012
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AP Tuner 3.08" = AP Tuner 3.08
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover
"ASIO4ALL" = ASIO4ALL
"avast" = avast! Free Antivirus
"Counter-Strike 1.6 Non-Steam 1.0" = Counter-Strike 1.6 Non-Steam 1.0
"DAEMON Tools Lite" = DAEMON Tools Lite
"FaceSmooch Toolbar" = FaceSmooch Toolbar
"FL Studio 10" = FL Studio 10
"Free 3D Video Maker_is1" = Free 3D Video Maker version 1.0.1.305
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.7.18
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 5.7.4.918
"Free Video Dub_is1" = Free Video Dub version 1.8.10.305
"Free Video to GIF Converter_is1" = 2.0
"Free Video to LG Phones Converter_is1" = Free Video to LG Phones Converter version 1.2.9
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.10.32.324
"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Game Booster_is1" = Game Booster 3
"GEONExT_is1" = GEONExT 1.74
"GridVista" = Acer GridVista
"Guild Wars 2" = Guild Wars 2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"IL Download Manager" = IL Download Manager
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"Kantaris_is1" = Kantaris Media Player 0.7.7
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"Music Editor Free" = Music Editor Free
"NSS" = Norton Security Scan
"OMUI.cs-cz" = Microsoft Office Language Pack 2007 - Czech/èeština
"Origin" = Origin
"PhotoFiltre" = PhotoFiltre
"PoiZone" = PoiZone
"Port Royale_is1" = Port Royale
"PSPad editor_is1" = PSPad editor
"rajče.net_is1" = rajče beta56 sestavení 134
"Reason Demo_is1" = Reason Demo 3.0.3
"Sakura" = Sakura
"Sawer" = Sawer
"Smart Defrag 2_is1" = Smart Defrag 2
"StarCraft II" = StarCraft II
"Steam App 570" = Dota 2
"Stylish Profile" = Stylish Profile
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Toxic Biohazard" = Toxic Biohazard
"Ultra AVI Converter_is1" = Ultra AVI Converter 6.2.0411
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 2.0.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"26a4a266234db9d8" = Twinstar-Launcher
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 11/7/2009 5:22:32 AM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 1/29/2010 3:53:19 AM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 3/9/2010 4:04:31 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 3/10/2010 3:52:45 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 5/6/2010 2:20:00 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

Error - 1/30/2011 2:35:14 PM | Computer Name = Jana | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 4/26/2013 3:47:11 PM | Computer Name = Jana | Source = Google Update | ID = 20
Description =

[ OSession Events ]
Error - 6/18/2010 6:54:44 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/28/2011 7:51:02 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/2/2011 11:10:11 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/24/2012 10:40:51 AM | Computer Name = Jana | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 4/26/2013 9:05:01 AM | Computer Name = Jana | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby MBAMService bylo dosaženo časového
limitu (30000 ms).

Error - 4/26/2013 10:11:50 AM | Computer Name = Jana | Source = BROWSER | ID = 8032
Description =

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba Skype C2C Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba hpqcxs08 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 4/26/2013 2:50:05 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7034
Description = Služba Služba HP CUE DeviceDiscovery byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 4/26/2013 2:57:17 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 4/26/2013 3:01:35 PM | Computer Name = Jana | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 4/26/2013 3:02:29 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 4/26/2013 3:46:37 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Windows Live ID Sign-in Assistant bylo
dosaženo časového limitu (30000 ms).

Error - 4/26/2013 3:46:37 PM | Computer Name = Jana | Source = Service Control Manager | ID = 7000
Description = Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku
následující chyby: %%1053

< End of report >

JainaImmortal · #12 Příspěvek od **JainaImmortal** » 28 dub 2013 12:21

OTL log
OTL logfile created on: 4/28/2013 12:24:58 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jana Svobodová\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3.93 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 58.58% Memory free
7.86 Gb Paging File | 5.95 Gb Available in Paging File | 75.65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.30 Gb Total Space | 61.58 Gb Free Space | 21.58% Space Free | Partition Type: NTFS
Drive D: | 2.71 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive E: | 6.43 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: JANA | User Name: Jana Svobodová | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2013/04/28 12:23:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jana Svobodová\Desktop\OTL.exe
PRC - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/03/07 00:32:44 | 004,767,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/02/05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2012/11/06 12:46:46 | 003,673,728 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2012/07/12 01:16:06 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009/08/27 22:48:32 | 001,194,504 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2009/08/21 02:25:56 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009/08/07 11:18:54 | 000,311,592 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
PRC - [2009/08/07 11:18:42 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009/08/05 06:45:00 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009/08/04 23:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009/08/01 02:29:12 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2009/06/05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2008/07/30 04:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013/04/09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2009/02/03 02:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2008/07/30 04:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe

========== Services (SafeList) ==========

SRV:64bit: - [2013/03/07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/08/06 06:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/18 02:20:34 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/03/28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2013/04/15 15:27:46 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/04/13 15:59:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/05/04 13:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/07 11:18:54 | 000,311,592 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2009/06/04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/03/07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013/03/07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013/03/07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013/03/07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/03/07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2013/03/07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/03/07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2013/02/14 17:55:32 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/02/14 17:55:32 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/12/09 11:16:00 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/03/07 02:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/26 18:02:18 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/10/05 17:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/09/02 18:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/02 13:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/02 13:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/02 13:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/20 13:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2009/06/20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009/06/19 06:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/06/05 02:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/26 14:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/05/06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009/05/06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009/04/08 16:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/04/07 03:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/11/19 18:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008/11/19 18:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008/11/19 18:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5701w514
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5701w514
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.Google.com
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.Google.com/
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.Google.com/
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{263372EE-B06C-4CD2-B4C0-BA6679088D40}: "URL" = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... AW_csCZ352
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\search13: "URL" = http://search13.net/search.php?q={searchTerms}
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=668083"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://seznam.cz/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100013
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA82}:1.0.2
FF - prefs.js..extensions.enabledItems: fbdislike@doweb.fr:1.2.1
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1
FF - prefs.js..extensions.enabledItems: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.2.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.28
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:3.2
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.10
FF - prefs.js..extensions.enabledItems: {8675f4b3-2f19-11ed-2d6b-1823600c0a19}:1.0.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=green ... =668083&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jana Svobodová\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jana Svobodová\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jana Svobodová\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jana Svobodová\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/03/20 16:12:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/04/04 16:37:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/12/08 12:31:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/02 18:18:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/04/10 17:34:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/12/08 12:31:08 | 000,000,000 | ---D | M]

[2009/11/03 21:06:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Extensions
[2013/04/28 12:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions
[2010/10/09 09:45:52 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012/05/30 15:05:43 | 000,000,000 | ---D | M] ("Stylish Profile") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/08/15 11:00:55 | 000,000,000 | ---D | M] ("Express Tab") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
[2012/05/12 12:16:53 | 000,000,000 | ---D | M] ("Usage Stat") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/08/15 11:00:55 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2011/11/07 18:23:38 | 000,000,000 | ---D | M] (Feedback module) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
[2012/05/08 16:31:11 | 000,000,000 | ---D | M] ("VFT Flv") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{8675f4b3-2f19-11ed-2d6b-1823600c0a19}
[2012/08/29 12:57:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{8769adce-dba5-48e9-afb5-67b12cdf2e61}
[2009/11/04 17:24:52 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/08/31 10:45:04 | 000,000,000 | ---D | M] () -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\fbdislike@doweb.fr
[2010/03/29 19:01:48 | 000,000,694 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\icq-search.xml
[2013/04/23 15:55:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/01/25 21:35:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2013/04/25 16:54:14 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/07/14 10:17:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/05/07 11:20:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/30 09:45:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/12/29 12:24:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2013/04/25 16:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/04/25 16:54:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\JANA SVOBODOVÁ\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\13YZ7625.DEFAULT\EXTENSIONS\ASCSURFINGPROTECTION@IOBIT.COM
[2010/07/14 20:07:03 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010/07/14 20:07:03 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2010/07/14 20:07:03 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010/07/14 20:07:03 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010/07/14 20:07:03 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\Local\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Jana Svobodov\u00E1\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! WebRep = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\
CHR - Extension: Skype Click to Call = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.8.0.12323_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\
CHR - Extension: Gmail = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/04/26 21:04:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000..\Run: [Facebook Update] C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8:64bit: - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm File not found
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.30.225.2 81.30.224.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D00CD13D-E2E2-4006-BE24-294673135BDD}: DhcpNameServer = 81.30.225.2 81.30.224.2
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/03/06 20:00:54 | 000,131,720 | R--- | M] (InstallShield Software Corporation) - E:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008/02/22 17:08:27 | 000,058,601 | R--- | M] () - E:\autorun.ico -- [ UDF ]
O32 - AutoRun File - [2008/02/22 17:08:27 | 000,000,047 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2008/02/22 17:08:44 | 000,000,382 | R--- | M] () - E:\autorun.ini -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: VIDC.CFHD - C:\Windows\SysWow64\cfhd.dll (CineForm Inc.)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - C:\Windows\SysWow64\pvmjpg30.dll (Pegasus Imaging Corporation)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2013/04/28 12:23:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jana Svobodová\Desktop\OTL.exe
[2013/04/26 21:04:49 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/04/26 21:02:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/04/26 20:50:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/04/26 20:50:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/04/26 20:50:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/04/26 20:50:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/04/26 20:49:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/04/26 20:45:55 | 005,059,946 | R--- | C] (Swearware) -- C:\Users\Jana Svobodová\Desktop\ComboFix.exe
[2013/04/26 20:44:09 | 000,000,000 | ---D | C] -- C:\Users\Jana Svobodová\Desktop\rkill
[2013/04/26 20:42:53 | 001,752,992 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Jana Svobodová\Desktop\rkill.com
[2013/04/26 18:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/04/25 17:57:29 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/04/25 17:57:04 | 000,000,000 | ---D | C] -- C:\JRT
[2013/04/25 17:56:20 | 000,535,764 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Jana Svobodová\Desktop\JRT.exe
[2013/04/24 17:51:13 | 084,227,776 | ---- | C] (Microsoft Corporation) -- C:\Users\Jana Svobodová\Desktop\program.exe
[2013/04/24 17:46:47 | 013,509,072 | ---- | C] (Microsoft Corporation) -- C:\Users\Jana Svobodová\Desktop\mseinstall.exe
[2013/04/24 17:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/04/24 17:10:08 | 000,000,000 | ---D | C] -- C:\rsit
[2009/08/22 10:44:20 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2013/04/28 12:28:30 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/04/28 12:23:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jana Svobodová\Desktop\OTL.exe
[2013/04/28 12:07:02 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/28 11:59:03 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/28 11:59:03 | 000,017,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/28 11:49:07 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/28 11:46:34 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/28 11:45:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/28 11:45:43 | 3165,327,360 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/27 16:43:12 | 000,000,516 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Jana Svobodová.job
[2013/04/27 13:55:15 | 000,004,217 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\stažený soubor.jpg
[2013/04/27 12:57:36 | 001,606,824 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/27 12:57:36 | 000,675,888 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/04/27 12:57:36 | 000,661,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/27 12:57:36 | 000,145,790 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/04/27 12:57:36 | 000,125,810 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/26 21:04:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/04/26 20:46:27 | 005,059,946 | R--- | M] (Swearware) -- C:\Users\Jana Svobodová\Desktop\ComboFix.exe
[2013/04/26 20:43:18 | 001,752,992 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Jana Svobodová\Desktop\rkill.com
[2013/04/26 20:31:27 | 001,396,421 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\Fotografie1730.jpg
[2013/04/26 18:07:03 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/04/25 18:34:24 | 000,619,461 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\adwcleaner.exe
[2013/04/25 17:56:43 | 000,535,764 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Jana Svobodová\Desktop\JRT.exe
[2013/04/25 17:38:24 | 000,890,825 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\SecurityCheck.exe
[2013/04/25 17:14:49 | 000,011,268 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\troj.jpg
[2013/04/24 18:00:26 | 084,227,776 | ---- | M] (Microsoft Corporation) -- C:\Users\Jana Svobodová\Desktop\program.exe
[2013/04/24 17:48:40 | 013,509,072 | ---- | M] (Microsoft Corporation) -- C:\Users\Jana Svobodová\Desktop\mseinstall.exe
[2013/04/24 17:44:31 | 000,093,696 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\Výstřižek.JPG
[2013/04/24 17:44:24 | 012,917,756 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\mbar-1.05.0.1001.zip
[2013/04/24 17:09:30 | 000,935,175 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\RSITx64.exe
[2013/04/24 17:06:12 | 000,816,128 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\RogueKiller.exe
[2013/04/23 19:30:06 | 000,306,721 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\kotelník.png
[2013/04/22 18:50:16 | 738,167,682 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\The.Host.2013.HDRip.XviD-BiDA.avi
[2013/04/21 19:04:55 | 001,760,539 | ---- | M] () -- C:\Users\Jana Svobodová\Desktop\matematika.pdf
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/28 12:28:30 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/04/27 13:55:21 | 000,004,217 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\stažený soubor.jpg
[2013/04/26 20:50:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/04/26 20:50:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/04/26 20:50:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/04/26 20:50:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/04/26 20:50:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/04/26 20:31:25 | 001,396,421 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\Fotografie1730.jpg
[2013/04/25 18:33:37 | 000,619,461 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\adwcleaner.exe
[2013/04/25 17:37:51 | 000,890,825 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\SecurityCheck.exe
[2013/04/25 17:14:47 | 000,011,268 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\troj.jpg
[2013/04/24 17:53:55 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/04/24 17:44:23 | 000,093,696 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\Výstřižek.JPG
[2013/04/24 17:42:28 | 012,917,756 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\mbar-1.05.0.1001.zip
[2013/04/24 17:09:19 | 000,935,175 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\RSITx64.exe
[2013/04/24 17:05:50 | 000,816,128 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\RogueKiller.exe
[2013/04/23 19:30:02 | 000,306,721 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\kotelník.png
[2013/04/22 17:27:26 | 738,167,682 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\The.Host.2013.HDRip.XviD-BiDA.avi
[2013/04/21 19:04:49 | 001,760,539 | ---- | C] () -- C:\Users\Jana Svobodová\Desktop\matematika.pdf
[2013/03/21 20:16:00 | 000,000,075 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2013/03/21 19:36:50 | 000,000,145 | ---- | C] () -- C:\Windows\crackpdf.INI
[2012/12/08 12:20:08 | 000,186,649 | ---- | C] () -- C:\Windows\hpoins36.dat
[2012/11/28 20:58:55 | 000,002,783 | ---- | C] () -- C:\Users\Jana Svobodová\.recently-used.xbel
[2012/08/30 20:53:46 | 000,000,216 | ---- | C] () -- C:\Users\Jana Svobodová\AppData\Roaming\wklnhst.dat
[2012/05/05 13:15:30 | 000,000,809 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2012/05/01 16:54:28 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/05/01 16:54:28 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/05/01 16:54:28 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/04/08 17:26:12 | 000,000,632 | ---- | C] () -- C:\Windows\Sofplat.INI
[2011/11/17 10:30:22 | 000,000,102 | ---- | C] () -- C:\Users\Jana Svobodová\AppData\Local\fusioncache.dat
[2010/05/26 18:53:35 | 000,000,037 | ---- | C] () -- C:\Users\Jana Svobodová\geonext.ini
[2010/01/23 19:44:59 | 000,006,144 | ---- | C] () -- C:\Users\Jana Svobodová\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

JainaImmortal · #13 Příspěvek od **JainaImmortal** » 28 dub 2013 12:22

========== LOP Check ==========

[2012/12/01 12:09:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012/12/01 12:09:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2009/11/01 16:07:11 | 000,000,000 | -HSD | M] -- C:\Users\Jana Svobodová\AppData\Roaming\.#
[2012/03/08 18:53:49 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\.minecraft
[2012/05/05 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Audacity
[2012/08/07 19:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Christofer Persson
[2010/10/09 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/12/23 12:45:27 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\DAEMON Tools Lite
[2012/11/18 19:36:50 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft
[2009/10/30 21:07:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GameConsole
[2010/09/08 17:02:48 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GetRightToGo
[2010/02/05 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GHISLER
[2012/11/28 20:47:39 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\gtk-2.0
[2010/01/23 19:44:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\HighAndes
[2013/03/25 20:11:15 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\ICQ
[2013/03/12 17:25:28 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\IObit
[2013/03/21 20:32:46 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\iWesoft
[2012/07/09 19:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\LolClient
[2012/06/09 19:32:56 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\LolClient2
[2012/12/29 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Mumble
[2012/12/15 14:40:46 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Music Editor Free
[2010/09/03 17:50:08 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Need for Speed World
[2013/04/07 17:24:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\NetBeans
[2011/09/22 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Origin
[2010/05/15 18:14:41 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PeaZip
[2009/10/30 11:40:29 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PlayFirst
[2012/08/24 17:05:35 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PowerCinema
[2013/01/05 15:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Propellerhead Software
[2012/05/21 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Publish Providers
[2009/11/14 19:26:58 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\SoftDMA
[2012/05/21 15:53:09 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Sony
[2012/08/30 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Template
[2013/01/21 17:58:41 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\TS3Client
[2010/03/27 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\TSRWorkshop
[2012/04/23 19:04:27 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\twinstar_launcher
[2012/06/17 08:53:11 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Ubisoft
[2012/05/12 12:27:18 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Unity
[2010/09/29 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,618 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/01/23 11:27:56 | 000,000,516 | -H-- | C] () -- C:\Windows\Tasks\Norton Security Scan for Jana Svobodová.job
[2010/02/13 11:19:30 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010/02/13 11:19:31 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/07 12:14:04 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009/07/14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\erdnt\cache64\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 07:28:24 | 001,893,248 | ---- | M] (Microsoft Corporation) MD5=1F748D5439B65E0BEBD92F65048F030D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_0fb918de99201ffb\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2011/06/21 08:16:55 | 001,888,128 | ---- | M] (Microsoft Corporation) MD5=5279D4DD69C7C71524B8E7A5746D15CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_0f8ed978993fa916\tcpip.sys
[2010/06/14 08:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2013/02/14 18:43:43 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2012/03/30 12:19:17 | 001,877,872 | ---- | M] (Microsoft Corporation) MD5=5EFD096DEF47F8B88EF591DA92143440 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_0faa5514992a39a7\tcpip.sys
[2011/04/25 07:32:22 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=61DC720BB065D607D5823F13D2A64321 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_0f668bf97fd90dd3\tcpip.sys
[2012/03/30 13:09:53 | 001,895,280 | ---- | M] (Microsoft Corporation) MD5=624C5B3AA4C99B3184BB922D9ECE3FF0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_0f140fa780164fde\tcpip.sys
[2013/02/14 18:43:43 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2010/06/14 08:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011/09/29 18:17:51 | 001,886,064 | ---- | M] (Microsoft Corporation) MD5=AC3E29880DB5659532A1AA3439304A43 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_0fad20ca992955d7\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/02/14 18:43:43 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/02/14 18:43:43 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/02/14 18:43:43 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/02/14 18:43:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2011/06/21 08:27:14 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=B9D87C7707F058AC652A398CD28DE14B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_0f4d1e3b7feb1307\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2011/09/29 18:24:44 | 001,897,328 | ---- | M] (Microsoft Corporation) MD5=F18F56EFC0BFB9C87BA01C37B27F4DA5 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_0f170e9f80139ebc\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[26 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[31 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[6 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2009/11/01 16:07:11 | 000,000,000 | -HSD | M] -- C:\Users\Jana Svobodová\AppData\Roaming\.#
[2012/03/08 18:53:49 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\.minecraft
[2010/02/06 11:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Adobe
[2013/03/12 17:25:33 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Apple Computer
[2012/05/05 13:20:33 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Audacity
[2012/08/07 19:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Christofer Persson
[2010/10/09 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2009/10/31 16:41:18 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\CyberLink
[2012/12/23 12:45:27 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\DAEMON Tools Lite
[2012/11/18 19:36:50 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft
[2009/10/30 21:07:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GameConsole
[2010/09/08 17:02:48 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GetRightToGo
[2010/02/05 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\GHISLER
[2009/10/30 20:19:09 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Google
[2012/11/28 20:47:39 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\gtk-2.0
[2010/01/23 19:44:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\HighAndes
[2012/12/08 12:39:25 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\HP
[2012/12/15 13:03:10 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\HpUpdate
[2013/03/25 20:11:15 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\ICQ
[2009/10/30 15:27:12 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Identities
[2012/08/29 12:45:21 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Intel Drivers Update Utility
[2013/03/12 17:25:28 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\IObit
[2013/03/21 20:32:46 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\iWesoft
[2012/07/09 19:08:06 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\LolClient
[2012/06/09 19:32:56 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\LolClient2
[2009/10/30 15:28:14 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Macromedia
[2012/11/09 17:15:31 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Malwarebytes
[2009/08/22 08:06:24 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Media Center Programs
[2012/12/01 13:03:57 | 000,000,000 | --SD | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Microsoft
[2011/11/17 11:06:47 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Mozilla
[2012/12/29 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Mumble
[2012/12/15 14:40:46 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Music Editor Free
[2010/09/03 17:50:08 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Need for Speed World
[2012/03/20 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Nero
[2013/04/07 17:24:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\NetBeans
[2011/09/22 19:16:58 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Origin
[2010/05/15 18:14:41 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PeaZip
[2009/10/30 11:40:29 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PlayFirst
[2012/08/24 17:05:35 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PowerCinema
[2013/01/05 15:39:11 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Propellerhead Software
[2012/06/18 14:40:33 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\PSpad
[2012/05/21 15:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Publish Providers
[2013/04/28 12:28:35 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Skype
[2011/06/24 18:57:55 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\skypePM
[2009/11/14 19:26:58 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\SoftDMA
[2012/05/21 15:53:09 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Sony
[2012/08/30 20:53:52 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Template
[2013/01/21 17:58:41 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\TS3Client
[2010/03/27 20:17:26 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\TSRWorkshop
[2012/04/23 19:04:27 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\twinstar_launcher
[2012/06/17 08:53:11 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Ubisoft
[2012/05/12 12:27:18 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Unity
[2013/01/26 15:33:04 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\vlc
[2010/09/29 18:06:17 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013/04/13 15:59:53 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Jana Svobodová\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010/02/05 18:35:39 | 000,010,134 | R--- | M] () -- C:\Users\Jana Svobodová\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009/09/23 17:37:30 | 000,022,352 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009/09/23 17:37:30 | 000,034,112 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
[2011/05/14 12:25:50 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\Jana Svobodová\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2013/04/28 12:48:05 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/04/28 11:46:34 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/28 12:07:02 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/04/27 16:43:12 | 000,000,516 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Jana Svobodová.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Facebook Update" = "C:\Users\Jana Svobodová\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver -- [2012/07/12 01:16:06 | 000,138,096 | ---- | M] (Facebook Inc.)
"GoogleChromeAutoLaunch_2A35AC1489B543F1B97BCDDAD923F0ED" = "C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window -- [2013/04/09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012/11/06 12:46:46 | 003,673,728 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun -- [2013/02/28 18:50:02 | 018,642,024 | R--- | M] (Skype Technologies S.A.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2010/08/31 18:26:35 | 000,908,248 | ---- | M] (Mozilla Corporation) MD5=230EC324D37DFB594B8FF296D239423E -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2013/04/13 09:54:04 | 000,757,376 | ---- | M] (Microsoft Corporation) MD5=32732CEDE2A1106B736EF3D84054EE04 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/04/28 12:28:30 | 000,000,512 | ---- | M] () MD5=C4487456E3B4BA81C6B5D3DC2E949937 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010/10/04 22:50:56 | 000,062,238 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\share\gimp\2.0\patterns\cracked.pat
[2008/09/08 22:55:14 | 000,000,204 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Effects\Hardcore\Presets\I cracked my Tube!.hdprg
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch
[2010/01/15 22:56:40 | 000,000,272 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 10\Plugins\Fruity\Generators\DrumPad\Drum Patches\Sound FX\Crack.dmpatch
[2012/02/03 16:07:10 | 001,099,940 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\BG\Extension_01\Original\EX01_BlackCrack_OBJ.gpk
[2012/02/03 16:29:52 | 008,695,706 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone.gpk
[2012/02/03 16:29:54 | 006,332,931 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_BigStone_ANI.gpk
[2012/07/25 14:45:18 | 003,335,217 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ.gpk
[2012/07/25 14:45:20 | 000,036,564 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\BlackCrack_NPC_OBJ_ANI.gpk
[2011/12/14 08:41:08 | 000,685,163 | ---- | M] () -- \Program Files (x86)\TERA\Client\S1Game\CookedPC\Art_Data\Packages\CH\NPC\NPC_Objects\Black_Crack_Wall.gpk
[2013/03/21 19:42:08 | 000,000,145 | ---- | M] () -- \Windows\crackpdf.INI
[1 \Windows\*.tmp files -> \Windows\*.tmp -> ]

< *keygen* /s >

< *loader* /s >
[2009/08/01 02:28:08 | 000,002,865 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Customizations\Generic\Style\Cascade\Media\Standard\Common\Seekbar\ProgramLoader.png
[2009/08/01 02:29:32 | 000,001,019 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\FlvLoader.swf
[2009/08/01 02:29:32 | 000,001,462 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\FlvLoaderResize.swf
[2009/08/01 02:29:36 | 000,010,481 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\KernelCtrl\ImageLoader.kc
[2009/08/01 02:29:36 | 000,003,706 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\System\KernelCtrl\URLDownloader.kc
[2009/08/01 02:29:36 | 000,003,482 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Widget\langloader.kc
[2009/08/01 02:29:36 | 000,012,741 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Widget\layoutloader.kc
[2009/08/04 07:34:48 | 000,011,710 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\mm\MediaCtrl\ImageLoader.kc
[2009/08/04 07:34:56 | 000,003,489 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\widget\langloader.kc
[2009/08/04 07:34:56 | 000,012,539 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\HomeMedia\widget\layoutloader.kc
[2009/08/05 06:45:06 | 000,010,777 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\mm\MediaCtrl\ImageLoader.kc
[2009/08/05 06:45:10 | 000,003,494 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\widget\langloader.kc
[2009/08/05 06:45:10 | 000,012,797 | ---- | M] () -- \Program Files (x86)\Acer Arcade Deluxe\PlayMovie\widget\layoutloader.kc
[2012/05/02 15:50:05 | 000,000,000 | ---- | M] () -- \Program Files (x86)\Common Files\Blizzard Entertainment\BlizzardDownloader.ini
[2011/07/29 18:25:44 | 002,817,664 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVIDEOSOFT\Dll\DVSVideoDownloader.dll
[2011/07/29 18:25:46 | 001,900,160 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVIDEOSOFT\Dll\HttpVideoDownloader.dll
[2012/09/18 13:03:24 | 000,941,720 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVIDEOSOFT\lib\DVSVideoDownloader.dll
[2003/09/15 15:02:00 | 000,169,384 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6 Non-Steam\cstrike\models\qloader.mdl
[2003/09/15 14:55:50 | 000,352,548 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6 Non-Steam\valve\models\loader.mdl
[2003/09/15 14:56:04 | 000,012,764 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6 Non-Steam\valve\sound\ambience\loader_hydra1.wav
[2003/09/15 14:56:04 | 000,012,164 | ---- | M] () -- \Program Files (x86)\Counter-Strike 1.6 Non-Steam\valve\sound\ambience\loader_step1.wav
[2012/09/03 18:52:24 | 012,079,240 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebook.exe
[2012/07/03 19:26:10 | 000,000,281 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebook.xml
[2012/09/03 18:52:24 | 000,535,688 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\FreeUploaderForFacebookStub.exe
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\de-DE\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,656 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\el-GR\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\es-ES\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\fr-FR\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\it-IT\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\ja-JP\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\nl-NL\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\pl-PL\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,004,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\pt-BR\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\pt-PT\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,656 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\ru-RU\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\tr-TR\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\zh-CHS\FreeUploaderForFacebook.resources.dll
[2012/09/03 18:52:18 | 000,006,144 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free Uploader for Facebook\zh-CHT\FreeUploaderForFacebook.resources.dll
[2012/09/18 16:16:02 | 000,041,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\DVDVideoSoft.DVSVideoDownloader.dll
[2012/09/18 16:16:02 | 002,420,872 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\FreeYTVDownloader.exe
[2012/09/13 11:57:02 | 000,000,928 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\FreeYTVDownloader.xml
[2012/09/05 15:07:04 | 000,008,386 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\FreeYTVDownloaderProfile.xml
[2012/09/05 15:07:04 | 000,004,522 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\FreeYTVDownloaderProfileD.xml
[2012/09/18 16:15:54 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\de-DE\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,040,960 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\el-GR\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\es-ES\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\fr-FR\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\it-IT\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\ja-JP\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\nl-NL\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\pl-PL\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,005,120 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\pt-BR\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,036,864 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\pt-PT\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,040,960 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\ru-RU\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\tr-TR\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\zh-CHS\FreeYTVDownloader.resources.dll
[2012/09/18 16:15:54 | 000,032,768 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Download\zh-CHT\FreeYTVDownloader.resources.dll
[2012/09/18 16:21:24 | 000,071,816 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to DVD Converter\DVDVideoSoft.DownloaderYT2DvdAppExt.dll
[2012/09/18 16:21:24 | 000,041,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to DVD Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2011/07/29 18:25:26 | 000,017,032 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to DVD Converter\DVDVideoSoft.HttpVideoDownloader.dll
[2012/09/18 16:20:00 | 000,041,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to iPhone Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012/09/18 16:18:30 | 000,041,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to iPod Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012/09/18 16:17:18 | 000,041,096 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2012/09/03 16:54:54 | 001,676,424 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\FreeYouTubeUploader.exe
[2012/07/03 19:26:10 | 000,000,332 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\FreeYouTubeUploader.xml
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\de-DE\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,010,240 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\el-GR\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\es-ES\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\fr-FR\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\it-IT\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\ja-JP\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\nl-NL\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\pl-PL\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,004,608 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\pt-BR\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\pt-PT\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,728 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\ru-RU\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,008,704 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\tr-TR\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,008,704 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\zh-CHS\FreeYouTubeUploader.resources.dll
[2012/09/03 16:54:46 | 000,009,216 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free Studio\Free YouTube Uploader\zh-CHT\FreeYouTubeUploader.resources.dll
[2010/02/07 22:40:00 | 000,000,543 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\etc\gtk-2.0\gdk-pixbuf.loaders
[2009/12/15 18:58:18 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ani.dll
[2009/12/15 18:58:20 | 000,018,592 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-bmp.dll
[2009/12/15 18:58:24 | 000,026,272 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-gif.dll
[2009/12/15 18:58:26 | 000,012,960 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-icns.dll
[2009/12/15 18:58:28 | 000,017,568 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ico.dll
[2009/12/15 18:58:56 | 000,019,616 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-jpeg.dll
[2009/12/15 18:59:04 | 000,015,008 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pcx.dll
[2009/12/15 18:59:06 | 000,019,104 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2009/12/15 18:59:10 | 000,017,056 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-pnm.dll
[2009/12/15 18:59:14 | 000,012,448 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-ras.dll
[2009/12/15 18:59:16 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tga.dll
[2009/12/15 18:59:20 | 000,016,544 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-tiff.dll
[2009/12/15 18:59:22 | 000,011,936 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-wbmp.dll
[2009/12/15 18:59:24 | 000,013,984 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xbm.dll
[2009/12/15 18:59:28 | 000,028,320 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-xpm.dll
[2009/05/01 20:42:00 | 000,009,880 | ---- | M] () -- \Program Files (x86)\GIMP-2.0\lib\gtk-2.0\2.10.0\loaders\svg_loader.dll
[2010/01/29 23:03:34 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\HelpViewer\Resources\Loader.gif
[2009/10/22 06:29:58 | 000,030,776 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009/10/22 06:29:58 | 000,002,713 | ---- | M] () -- \Program Files (x86)\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2012/07/08 21:31:19 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2012/07/08 21:31:20 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2012/07/08 21:31:19 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7M\imApp\theme\MUICoreLib\xtraLoader.swf
[2012/07/08 21:33:09 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7M\Xtraz\icq\content\profile_lightboxs\preloader.html
[2013/04/27 13:22:13 | 000,004,881 | ---- | M] () -- \Program Files (x86)\IObit\Advanced SystemCare 6\Downloader.log
[2011/12/20 18:45:12 | 001,015,128 | ---- | M] () -- \Program Files (x86)\IObit\Game Booster 3\Freeware\GB_FreeSoftwareDownloader.exe
[2012/02/16 14:44:38 | 000,000,404 | ---- | M] () -- \Program Files (x86)\League of Legends\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.228\deploy\assets\storeImages\layout\small_loader.gif
[2012/05/02 15:50:10 | 000,174,455 | ---- | M] () -- \Program Files (x86)\StarCraft II\Logs\Downloader.log
[2012/05/02 14:21:26 | 002,639,424 | ---- | M] () -- \Program Files (x86)\StarCraft II\Support\BlizzardDownloader.exe
[2012/11/19 12:06:52 | 000,068,688 | ---- | M] () -- \Program Files (x86)\TERA\Client\Binaries\PhysXLoader.dll
[2011/10/19 12:51:10 | 000,002,910 | ---- | M] () -- \Program Files (x86)\Turbine\The Lord of the Rings Online\browser\components\uriloader.xpt
[2009/03/24 00:03:24 | 000,056,320 | ---- | M] () -- \Program Files (x86)\Warcraft\Warcraft III (DISSENT-PC)\euroloader.exe
[2010/04/29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010/04/29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010/04/29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010/04/29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2013/04/07 16:58:18 | 000,000,948 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013/04/07 16:58:19 | 000,000,411 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\config\Modules\org-openide-loaders.xml
[2013/04/07 16:58:21 | 001,170,520 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\modules\org-openide-loaders.jar
[2013/04/07 16:58:21 | 000,006,244 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar
[2013/04/07 16:58:21 | 000,005,873 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013/04/07 16:58:22 | 000,000,457 | ---- | M] () -- \Program Files\Java\jdk1.7.0_17\lib\visualvm\platform\update_tracking\org-openide-loaders.xml
[2013/02/14 00:05:37 | 000,000,483 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2013/04/07 17:13:28 | 002,791,072 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\modules\org-netbeans-modules-j2ee-ddloaders.jar
[2013/04/07 17:12:20 | 000,033,799 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ja.jar
[2013/04/07 17:12:00 | 000,031,328 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_pt_BR.jar
[2013/04/07 17:12:22 | 000,036,414 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_ru.jar
[2013/04/07 17:12:01 | 000,032,399 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\modules\locale\org-netbeans-modules-j2ee-ddloaders_zh_CN.jar
[2013/04/07 17:14:34 | 000,000,830 | ---- | M] () -- \Program Files\NetBeans 7.3\enterprise\update_tracking\org-netbeans-modules-j2ee-ddloaders.xml
[2013/02/14 01:24:24 | 000,000,484 | ---- | M] () -- \Program Files\NetBeans 7.3\ergonomics\config\Modules\org-netbeans-modules-j2ee-ddloaders.xml
[2009/12/11 20:50:36 | 000,019,348 | ---- | M] () -- \Program Files\NetBeans 7.3\javacard\JCDK3.0.2_ConnectedEdition\docs\api\spi\com\sun\javacard\spi\cardmgmt\DeploymentUnitLoader.html
[2013/04/07 17:21:42 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\ModuleAutoDeps\org-openide-loaders.xml
[2013/04/07 17:21:42 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\config\Modules\org-openide-loaders.xml
[2013/04/07 17:21:42 | 001,403,671 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\org-openide-loaders.jar
[2013/04/07 17:21:42 | 000,007,123 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ja.jar
[2013/04/07 17:21:42 | 000,006,548 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_pt_BR.jar
[2013/04/07 17:21:42 | 000,007,647 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_ru.jar
[2013/04/07 17:21:42 | 000,006,744 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\modules\locale\org-openide-loaders_zh_CN.jar
[2013/04/07 17:21:42 | 000,002,941 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\update\backup\netbeans\config\ModuleAutoDeps\org-openide-loaders.xml
[2013/04/07 17:21:42 | 000,000,411 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\update\backup\netbeans\config\Modules\org-openide-loaders.xml
[2013/04/07 17:21:43 | 000,001,539 | ---- | M] () -- \Program Files\NetBeans 7.3\platform\update_tracking\org-openide-loaders.xml
[2008/11/27 12:29:42 | 000,043,008 | ---- | M] () -- \ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
[2008/11/27 12:29:42 | 000,043,008 | ---- | M] () -- \ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
[2012/09/24 19:37:40 | 000,001,597 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVIDEOSOFT\Programs\Free Uploader for Facebook.lnk
[2012/09/24 19:37:39 | 000,001,542 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVIDEOSOFT\Programs\Free YouTube Uploader.lnk
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \ProgramData\TERA\launcher\live\downloader.dll
[2008/11/27 12:29:42 | 000,043,008 | ---- | M] () -- \Users\All Users\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
[2008/11/27 12:29:42 | 000,043,008 | ---- | M] () -- \Users\All Users\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll
[2012/09/24 19:37:40 | 000,001,597 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVIDEOSOFT\Programs\Free Uploader for Facebook.lnk
[2012/09/24 19:37:39 | 000,001,542 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\DVDVIDEOSOFT\Programs\Free YouTube Uploader.lnk
[2012/12/04 18:00:50 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2012/12/04 18:00:50 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2012/12/04 18:00:50 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2012/10/01 13:36:00 | 000,387,800 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.bundle
[2012/07/10 00:11:00 | 000,693,704 | ---- | M] () -- \Users\All Users\TERA\launcher\live\downloader.dll
[2012/10/16 18:19:59 | 000,002,641 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\images\YoutubeDownloader.png
[2012/12/09 11:16:23 | 000,057,728 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\img\dt_dadget_loader.png
[2012/12/09 11:16:24 | 000,057,728 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin1\dt_dadget_loader.png
[2012/12/09 11:16:26 | 000,057,728 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin2\dt_dadget_loader.png
[2012/12/09 11:16:27 | 000,057,728 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin3\dt_dadget_loader.png
[2012/12/09 11:16:29 | 000,057,728 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin4\dt_dadget_loader.png
[2012/12/09 11:16:30 | 000,061,770 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin5\dt_dadget_loader.png
[2012/12/09 11:16:33 | 000,061,770 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows Sidebar\Gadgets\DT.gadget\skins\skin6\dt_dadget_loader.png
[2013/04/27 14:52:37 | 000,000,753 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SDWYA5A\AdLoader[1].htm
[2013/04/27 14:52:37 | 000,105,903 | ---- | M] () -- \Users\Jana Svobodová\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HM2QL4KE\AdLoader-427d9fd2a91e2f2c023aefe9f69a01d0.min[1].js
[2012/09/05 15:07:04 | 000,008,386 | ---- | M] () -- \Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloaderProfile.xml
[2012/12/02 17:09:27 | 000,237,160 | ---- | M] () -- \Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft\logs\FreeYTVDownloader.log
[2012/12/02 17:09:01 | 000,050,058 | ---- | M] () -- \Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft\logs\FreeYTVDownloader_v1.log
[2013/01/07 20:18:43 | 000,010,848 | ---- | M] () -- \Users\Jana Svobodová\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra5.log
[2010/08/30 14:33:56 | 000,043,008 | ---- | M] () -- \Users\Jana Svobodová\AppData\Roaming\Mozilla\Firefox\Profiles\13yz7625.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
[2011/12/10 16:52:21 | 002,070,207 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe

JainaImmortal · #14 Příspěvek od **JainaImmortal** » 28 dub 2013 12:23

[2011/12/10 17:12:55 | 000,003,213 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2009/08/22 10:37:17 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/04/27 13:22:07 | 000,002,620 | ---- | M] () -- \Windows\Prefetch\ACTIONCENTERDOWNLOADER.EXE-9262089F.pf
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2011/02/05 15:09:50 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_9c05f879842e1792.manifest
[2011/02/05 15:05:03 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_9c6455949d6c2720.manifest
[2011/02/05 19:34:40 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_9deb553581556a27.manifest
[2011/02/05 15:10:12 | 000,005,799 | ---- | M] () -- \Windows\SoftwareDistribution\Download\d639f7376b627c8f37f9acbbf7c6234a\amd64_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_9e73f1b69a73f09a.manifest
[2013/02/14 18:38:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/11/02 11:22:06 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/10/28 11:22:54 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013/02/14 18:38:08 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2011/11/02 11:22:06 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2011/10/28 11:22:54 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:18:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 08:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_66e5ca0f95521152\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:04:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_66c2596d956d1920\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 17:22:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:37:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:39:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:06:43 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_67770e0aae6a7c68\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:46:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:37:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:04:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:39 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:38:01 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:37:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/09/28 01:17:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/09/28 01:17:43 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009/09/28 01:17:43 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009/09/28 01:17:43 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009/09/28 01:17:43 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011/07/03 09:55:50 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/03 09:55:50 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/03 09:55:50 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/03 09:55:50 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/03 09:55:50 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/09/28 01:14:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009/07/14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011/02/05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011/02/05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:22:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/02 07:45:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16823_none_0ac72e8bdcf4a01c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/18 13:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:37:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:50:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:37:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:38:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 17:58:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:38:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/14 18:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/12/08 17:55:54 | 002,172,400 | ---- | M] () -- \World of Warcraft\BackgroundDownloader.exe
[2011/12/10 17:12:49 | 002,070,207 | ---- | M] () -- \World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe
[2011/12/08 17:56:04 | 000,003,026 | ---- | M] () -- \World of Warcraft\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2011/12/08 17:56:04 | 000,004,261 | ---- | M] () -- \World of Warcraft\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html

========== Alternate Data Streams ==========

@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

#15 Příspěvek od **vyosek** » 28 dub 2013 21:09

Odinstalujte McAfee Security Scan

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5701w514
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t5701w514
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\URLSearchHook: - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\.DEFAULT\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - No CLSID value found
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{263372EE-B06C-4CD2-B4C0-BA6679088D40}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =668083&p={searchTerms}
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_csCZ352
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\SearchScopes\search13: "URL" = http://search13.net/search.php?q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=668083"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.14.1.100013
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.2.0
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=668083&p="
[2012/05/30 15:05:43 | 000,000,000 | ---D | M] ("Stylish Profile") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/08/15 11:00:55 | 000,000,000 | ---D | M] ("Express Tab") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA82}
[2012/05/12 12:16:53 | 000,000,000 | ---D | M] ("Usage Stat") -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\Firefox\Profiles\13yz7625.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/03/29 19:01:48 | 000,000,694 | ---- | M] () -- C:\Users\Jana Svobodová\AppData\Roaming\mozilla\firefox\profiles\13yz7625.default\searchplugins\icq-search.xml
[2010/01/25 21:35:08 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Jana Svobodová\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O3 - HKU\S-1-5-21-2289412251-517033032-1418875622-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2012/12/01 12:09:37 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2012/12/01 12:09:37 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2013/03/12 17:25:28 | 000,000,000 | ---D | M] -- C:\Users\Jana Svobodová\AppData\Roaming\IObit
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[26 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[31 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp files -> C:\Windows\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\*.tmp -> ]
[6 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]
[2013/04/28 12:48:05 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/04/28 11:46:34 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/04/28 12:07:02 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/04/27 16:43:12 | 000,000,516 | -H-- | M] () -- C:\Windows\Tasks\Norton Security Scan for Jana Svobodová.job
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:1D32EC29
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:E3C56885
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1

:files
C:\Program Files (x86)\MyWebSearch
C:\Program Files (x86)\McAfee Security Scan
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

VIRY.CZ

TrojanDownloader:Win32/Adload.DA

TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA

Re: TrojanDownloader:Win32/Adload.DA