Prosím o kontrolu logu... prevence

Zpráva

kosta.m · #1 Příspěvek od **kosta.m** » 29 říj 2013 17:25

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-10-2013
Ran by denosek at 2013-10-29 17:25:15
Running from C:\Users\denosek\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.1.3)
2007 Microsoft Office Suite Service Pack 3 (SP3)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader XI (11.0.05) - Czech (Version: 11.0.05)
Advertising Center (Version: 0.0.0.2)
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (Version: 6.1.6965.0)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)
AliSetup 0.1.0.52 (Version: 0.1.0.52)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.3.127)
Ashampoo Burning Studio 10.0.4 (Version: 10.0.4)
Ashampoo Burning Studio 6 FREE v.6.80 (Version: 6.8.0)
Ashampoo Burning Studio 6 FREE v.6.84 (Version: 6.8.4)
Audacity 1.3.3 (Unicode)
AVG Security Toolbar (Version: 17.0.1.12)
AviSynth 2.5
Bing Bar (Version: 7.0.619.0)
CCleaner (Version: 3.08)
Centrum zařízení Windows Mobile (Version: 6.1.6965.0)
CloneCD
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Convert WAV To MP3 1.0
CyberLink LabelPrint (Version: 2.5.1927)
CyberLink MediaShow (Version: 4.1.3121)
CyberLink PhotoNow (Version: 1.1.6622)
CyberLink Power2Go (Version: 6.1.3213)
CyberLink PowerCinema (Version: 7.0.3211)
CyberLink PowerDirector (Version: 7.0.3003)
CyberLink PowerDVD 10 (Version: 10.0.2325.51)
CyberLink PowerDVD 9 (Version: 9.0.1501)
CyberLink PowerDVD Copy (Version: 1.0.6720)
CyberLink PowerProducer (Version: 5.0.1.1929)
CyberLink YouCam (Version: 3.0.1923)
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Disktrix UltimateDefrag
DolbyFiles (Version: 2.0)
eturboTouchKit (Version: 4.2.3.2)
Fast MP4 3GP AVI MPG WMV RM MOV FLV Converter 6.1
Free YouTube to MP3 Converter version 3.10.5.722
Freemake Audio Converter verze 1.1.0 (Version: 1.1.0)
GameXN GO
Google Desktop (Version: 5.9.1005.12335)
Google Earth (Version: 7.1.1.1888)
Google Chrome (Version: 30.0.1599.101)
Google Talk Plugin (Version: 4.8.2.15856)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
InterVideo WinDVD 8 (Version: 8.0-B6.72)
Java(TM) 6 Update 16 (Version: 6.0.160)
JDownloader
Jpeg Resampler Vs 6+
Junk Mail filter update (Version: 15.4.3502.0922)
Kies Air Discovery Service
K-Lite Codec Pack 5.9.0 (Basic) (Version: 5.9.0)
LeX-Interactive MediaCenter
MAMEi 0.30
McAfee Security Scan Plus (Version: 3.8.130.8)
MediaCoder 2011 (Version: 2011)
Medion Home Cinema (Version: 6.0.0000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended CSY Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Antimalware Service CS-CZ Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Expression Blend 3 SDK (Version: 1.0.1343.0)
Microsoft Expression Blend 4 (Version: 4.0.20901.0)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (Version: 1.0.10901.0)
Microsoft Expression Blend SDK for .NET 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Silverlight 4 (Version: 2.0.20525.0)
Microsoft Expression Blend SDK for Windows Phone 7 (Version: 2.0.20901.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Slovak) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Czech) 2007 (Version: 12.0.4518.1025)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Czech) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Client CS-CZ Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK (Version: 4.0.50826.0)
Microsoft Silverlight Tools for Visual Studio 2010 (Version: 10.0.30319.400)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Express for Windows Phone - ENU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Windows Debugging Symbols (Version: 7601)
Microsoft Windows Phone 7 Developer Resources (Version: 7.0.7003.0)
Microsoft Windows Phone Developer Tools - ENU (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft XNA Framework Redistributable 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (ARP entry) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Redists) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Shared Components) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (Visual Studio) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Documentation (Version: 4.0.20823.0)
Microsoft XNA Game Studio 4.0 Windows Phone Extensions (Version: 4.0.20823.0)
Microsoft XNA Game Studio Platform Tools (Version: 1.3.0.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Mozilla Firefox 24.0 (x86 cs) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MusicJet (HKCU Version: 1.0.2.12)
MyFreeCodec
Nero Burning ROM 10 (Version: 10.6.10500.3.100)
Nero Burning ROM 10 (Version: 10.6.10600)
Nero BurningROM 10 Help (CHM) (Version: 10.6.10600)
Nero BurnRights 10 (Version: 4.4.10300.1.100)
Nero BurnRights 10 Help (CHM) (Version: 10.6.10600)
Nero Control Center 10 (Version: 10.6.12600.0.5)
Nero ControlCenter (Version: 9.0.0.1)
Nero ControlCenter 10 Help (CHM) (Version: 10.6.10600)
Nero Core Components 10 (Version: 2.0.18800.9.2)
Nero Installer (Version: 4.4.9.0)
Nero MediaHome 4 (Version: 4.5.20.45)
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help (Version: 4.5.5.0)
Nero MediaHome 4 Trial
Nero Update (Version: 1.0.10600.28.0)
NVIDIA Drivers (Version: 1.5)
OSD hot keys (Version: 0.0.6.3)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (Version: 15.4.5722.2)
Paragon Backup & Recovery™ 10 Suite (Version: 90.00.0003)
Passware Kit Enterprise 9.7 (Version: 9.7.1572)
PDF Settings CS5 (Version: 10.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
PowerCinema Movie (Version: 9.0.5612)
PS3 Media Server (Version: 1.71.0)
QIP 2005 8095 (HKCU Version: 8095)
QuickTime (Version: 7.69.80.9)
RAR Password Recovery v1.1 RC16 (remove only)
RealDownloader (Version: 1.3.3)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.3)
Realtek 8136 8168 8169 Ethernet Driver (Version: 1.00.0005)
Realtek High Definition Audio Driver (Version: 6.0.1.5892)
RealUpgrade 1.1 (Version: 1.1.0)
Samsung Kies (Version: 2.5.0.12094_28)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.23.0)
Seznam Software
Skype Click to Call (Version: 5.6.8442)
Skype™ 6.3 (Version: 6.3.105)
SlimDrivers (Version: 2.2.30877)
SUPERAntiSpyware (Version: 5.0.1142)
SyncBackPro
Total Commander (Remove or Repair) (Version: 7.55a)
TradeManager 2012
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.4 (Version: 1.1.4)
WCF RIA Services V1.0 SP1 (Version: 4.1.60114.0)
Winamp (Version: 5.581 )
Winamp Detector Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Windows Mobile Resources (Version: 1.0)
Windows Movie Maker 2.6 (Version: 2.6.4037.0)
Windows Phone 7 Add-in for Visual Studio 2010 - ENU (Version: 10.0.30319)
Windows Phone 7 Marketplace for Windows PC version 1.4.6 (Version: 1.4.6)
Windows Phone Emulator - ENU (Version: 10.0.30319)
WinRAR
Wireless Password Recovery
WPF Toolkit February 2010 (Version 3.5.50211.1) (Version: 3.5.50211.1)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 03:04 - 2012-10-30 20:44 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {01DA0609-B44F-4C52-B16B-02A1B8842686} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {1D19C490-FA11-432D-91C6-3163117342B9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1176429872-680437442-246994520-1000 => C:\Program Files\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3102712D-701A-42AC-8E3B-F64BE5A28E60} - System32\Tasks\AdobeAAMUpdater-1.0-Mara-denosek => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3985A00E-BD5A-4664-BA99-AD72101B791C} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1176429872-680437442-246994520-1000 => C:\Program Files\real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {43484BD5-40C8-419C-A4BD-01084FFB9C81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {7340B725-A1BB-4306-8FC9-FB070E78B18B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {74771E9F-13AB-42A4-A1F9-B40C709180D1} - System32\Tasks\{1F9C704F-468B-46D6-8404-43C5C556AD9D} => Iexplore.exe http://ui.skype.com/ui/0/5.0.0.156/en/a ... baroffered
Task: {7C21766E-A1CC-4618-8E3C-6CBF03D3C5E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7E366EC5-1E04-4846-A35E-F23A3F6017BB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core => C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-16] (Google Inc.)
Task: {883DE1CE-E288-49E2-82FC-7794BC0D6298} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30] (Google Inc.)
Task: {93ED755D-4E9A-4669-8A25-2661A8F761D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-30] (Google Inc.)
Task: {94FAB01E-C3BD-4C75-A2B4-CE566EB85C32} - System32\Tasks\SlimDrivers Startup => C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {A2DA54E9-7D8B-4CAA-B087-5F6439DE3958} - System32\Tasks\{A400B40C-AE82-40D8-8B6F-10B915C1C78F} => C:\Program Files\Skype\\Phone\Skype.exe [2013-02-28] (Skype Technologies S.A.)
Task: {F384B5CB-D11B-40BE-81A9-24F2FA44856E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA => C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-16] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job => C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job => C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SlimDrivers Startup.job => C:\Program Files\SlimDrivers\SlimDrivers.exe

==================== Loaded Modules (whitelisted) =============

2013-03-05 16:01 - 2012-09-13 14:45 - 00058424 _____ () C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\libfoxloader.dll
2010-11-02 09:33 - 2010-11-02 09:34 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2013-10-04 08:03 - 2013-10-04 08:02 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\log4cplusU.dll
2013-10-04 08:04 - 2013-10-04 08:02 - 00142360 _____ () C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\SiteSafety.dll
2013-06-05 21:22 - 2013-06-05 21:22 - 01899520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\d04e570967fe1a99e4dbf4fb8dcf243c\Kies.UI.ni.dll
2013-06-05 21:22 - 2013-06-05 21:22 - 00079360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2cbf81c1b1b5e7bd6a4758bd057e2d4c\Kies.MVVM.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00187904 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f93e893f927f890bffe924ec7e8c1323\Kies.Common.DeviceServiceLib.Interface.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00355840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\3f150d0a81ca864d55ab8f4980d1b8a9\DevicePhoto.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00300544 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\fec6f3231cd239af4e2f18ee0cf6b536\DeviceVideo.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00614912 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\0eb6183ab98d3099ea130b878f1d357e\DevicePodcast.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00307200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\5face173af94a7083cea1c078a6b4938\DummyStorePlugin.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 17554944 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\71b6200b469ae31187226c5634b6d6bb\Kies.Theme.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00580096 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\3b9a08916e27e97330480e79db59c687\Kies.Common.DeviceServiceLib.FileService.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00045568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd5cbd625647b2af277b7c5c0ffb8f5b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
2013-06-05 21:23 - 2013-06-05 21:23 - 00995328 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\05114b082f6c7ba1157dde961459a214\DeviceCommonLib.ni.dll
2013-01-12 11:36 - 2013-01-12 11:36 - 00232960 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
2013-07-22 10:16 - 2012-12-12 05:40 - 00037488 _____ () C:\Program Files\Trademanager\rv2log.dll
2013-07-22 10:16 - 2012-12-12 05:40 - 00321648 _____ () C:\Program Files\Trademanager\rv2core.dll
2011-02-15 02:30 - 2012-11-23 07:11 - 00279584 _____ () C:\Program Files\Trademanager\pcre.dll
2011-02-14 11:16 - 2012-11-22 10:04 - 01554888 _____ () C:\Program Files\Trademanager\LIBEAY32.dll
2013-07-22 10:16 - 2013-03-27 05:17 - 00367120 _____ () C:\Program Files\Trademanager\rv2archive.dll
2011-06-21 13:11 - 2011-06-21 13:11 - 00322376 _____ () C:\Windows\system32\aliedit\aliedit.dll
2013-07-22 10:16 - 2013-01-14 13:17 - 00456208 _____ () C:\Program Files\Trademanager\uacagent.dll
2011-02-15 02:31 - 2012-11-22 10:04 - 00072192 _____ () C:\Program Files\Trademanager\zlibwapi.dll
2013-07-22 10:16 - 2013-01-14 13:18 - 00577040 _____ () C:\Program Files\Trademanager\unifiedconfig.dll
2013-03-05 15:59 - 2013-01-21 14:16 - 00891896 _____ () C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2013-03-05 16:01 - 2013-01-22 13:55 - 01676312 _____ () C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\libfoxcub.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-10-01 00:36 - 2013-10-01 00:36 - 03279768 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-10-09 09:54 - 2013-10-09 09:54 - 16233864 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
2010-10-18 22:29 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2012-05-11 09:26 - 2010-08-18 20:34 - 00178176 _____ () C:\Program Files\JpegResampler2010\JRcm.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2013 05:01:38 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_11_9_900_117.exe, verze: 11.9.900.117, časové razítko: 0x5244d3b6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x9f7c
Čas spuštění chybující aplikace: 0xFlashPlayerPlugin_11_9_900_117.exe0
Cesta k chybující aplikaci: FlashPlayerPlugin_11_9_900_117.exe1
Cesta k chybujícímu modulu: FlashPlayerPlugin_11_9_900_117.exe2
ID zprávy: FlashPlayerPlugin_11_9_900_117.exe3

Error: (10/29/2013 05:01:19 PM) (Source: Application Hang) (User: )
Description: Program FRST.exe verze 3.3.8.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18fc

Čas spuštění: 01ced4bd42de8d80

Čas ukončení: 168

Cesta k aplikaci: C:\Users\denosek\Downloads\FRST.exe

ID hlášení:

Error: (10/28/2013 03:00:49 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1 se nezdařilo. Chyba v souboru manifestu nebo zásady Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2 na řádku Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definice je Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/28/2013 02:58:48 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (10/28/2013 02:56:42 PM) (Source: SideBySide) (User: )
Description: Selhalo generování kontextu aktivace pro: 1. Chyba v souboru manifestu nebo zásad 2 na řádku 3.
V manifestu není povoleno více prvků requestedPrivileges.

Error: (10/25/2013 09:12:18 PM) (Source: Application Hang) (User: )
Description: Program iexplore.exe verze 8.0.7600.17267 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 8b90

Čas spuštění: 01ced1bbac0d7640

Čas ukončení: 106

Cesta k aplikaci: C:\Program Files\Internet Explorer\iexplore.exe

ID hlášení: a419c991-3db1-11e3-a932-4061860b4475

Error: (10/25/2013 07:02:27 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1 se nezdařilo. Chyba v souboru manifestu nebo zásady Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2 na řádku Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definice je Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/25/2013 07:00:44 AM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro assemblyIdentity1 se nezdařilo. Chyba v souboru manifestu nebo zásady assemblyIdentity2 na řádku assemblyIdentity3.
Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu version v prvku assemblyIdentity je neplatná.

Error: (10/25/2013 06:58:44 AM) (Source: SideBySide) (User: )
Description: Selhalo generování kontextu aktivace pro: 1. Chyba v souboru manifestu nebo zásad 2 na řádku 3.
V manifestu není povoleno více prvků requestedPrivileges.

Error: (10/23/2013 11:33:43 PM) (Source: SideBySide) (User: )
Description: Generování kontextu aktivace pro Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1 se nezdařilo. Chyba v souboru manifestu nebo zásady Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"2 na řádku Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"3.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definice je Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

System errors:
=============
Error: (10/29/2013 08:03:27 AM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (10/29/2013 03:03:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Windows 7 Service Pack 1 (KB976932).

Error: (10/29/2013 03:03:05 AM) (Source: Microsoft-Windows-Service Pack Installer) (User: NT AUTHORITY)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a12.

Error: (10/28/2013 07:26:30 PM) (Source: DCOM) (User: )
Description: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (10/28/2013 03:03:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Windows 7 Service Pack 1 (KB976932).

Error: (10/28/2013 03:03:07 AM) (Source: Microsoft-Windows-Service Pack Installer) (User: NT AUTHORITY)
Description: Instalace aktualizace Service Pack skončila s kódem chyby 0x800f0a12.

Error: (10/27/2013 07:26:22 PM) (Source: DCOM) (User: )
Description: "C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}

Error: (10/27/2013 07:25:16 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku \\?\Volume{b51fb144-daf5-11df-9f42-806e6f6e6963} nelze přečíst.

Error: (10/25/2013 11:29:13 PM) (Source: Service Control Manager) (User: )
Description: Služba PS3 Media Server ukončena s chybou %%143, specifickou pro službu.

Error: (10/25/2013 11:28:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070643): Windows 7 Service Pack 1 (KB976932).

Microsoft Office Sessions:
=========================
Error: (05/05/2012 08:27:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 86 seconds with 60 seconds of active time. This session ended with a crash.

Error: (11/28/2011 11:01:01 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6565.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/10/2011 07:39:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 29232 seconds with 60 seconds of active time. This session ended with a crash.

Error: (07/12/2011 09:06:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/25/2011 00:48:16 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/20/2011 00:38:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/11/2011 00:33:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6555.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 577 seconds with 240 seconds of active time. This session ended with a crash.

Error: (04/13/2011 08:01:22 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 21 seconds with 0 seconds of active time. This session ended with a crash.

Error: (11/10/2010 03:22:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1288 seconds with 60 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2010-10-28 09:57:44.949
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.907
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.861
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.740
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.662
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.455
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:44.170
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:43.867
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:42.776
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

Date: 2010-10-28 09:57:42.758
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 3327.24 MB
Available physical RAM: 1235.55 MB
Total Pagefile: 6652.75 MB
Available Pagefile: 3447.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.54 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:910.41 GB) (Free:527.16 GB) NTFS
Drive d: (Recovery) (Fixed) (Total:20 GB) (Free:12.85 GB) NTFS
Drive z: (Externi HDD) (Fixed) (Total:1397.26 GB) (Free:1396.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 1397 GB) (Disk ID: 3F5C7D3B)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

==================== End Of Log ============================

kosta.m · #2 Příspěvek od **kosta.m** » 29 říj 2013 17:26

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-10-2013
Ran by denosek (administrator) on MARA on 29-10-2013 17:03:59
Running from C:\Users\denosek\Downloads
Microsoft Windows 7 Home Premium (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\Program Files\LXiMediaCenter\lximcbackend.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Tanuki Software, Ltd.) C:\Program Files\PS3 Media Server\win32\service\wrapper.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(Sun Microsystems, Inc.) C:\Windows\system32\java.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(MICRO-STAR INT'L,.LTD.) C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Alibaba (China) Co., Ltd.) C:\Program Files\Trademanager\AliIM.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(阿里云计算有限公司) C:\Program Files\Trademanager\miser\AliimSafe.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
(RealNetworks, Inc.) C:\Program Files\real\realplayer\update\realsched.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-11-02] (Google)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2012-02-28] (Nero AG)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2404376 2013-10-04] ()
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [TkBellExe] - C:\Program Files\real\realplayer\Update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844168 2013-06-05] (Samsung)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [Google Update] - C:\Users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-16] (Google Inc.)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\denosek\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKCU\...\Run: [aliim] - C:\Program Files\Trademanager\AliIM.exe [293272 2013-08-22] (Alibaba (China) Co., Ltd.)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [969104 2012-12-31] (BitTorrent, Inc.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [ 2010-11-02] (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Default_page_url = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1685D7AF-BD5E-4674-8619-8995EF9F470D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = http://websearch.ask.com/redirect?clien ... 51D8A0E1BA
SearchScopes: HKCU - {1830F1A5-D751-4D2F-B2DC-2509B96A9AF4} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {7C2DBB22-385F-413B-8616-E2A7B1A96558} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {AB3EB8A3-B2B8-48C9-B7FC-A0661DBECBDA} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {B0D4AECD-67CF-4E7F-A4DB-131EBD6A1404} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {CC14233F-73AA-4565-9CAB-FDF30ECF65BC} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKCU - {E2D2578E-7041-4610-8B7A-A66ACF9D95DD} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default
FF user.js: detected! => C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\user.js
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=undefined&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @alibaba.com/nptrademanager;version=1.0 - C:\Program Files\Trademanager\nptrademanager.dll ( )
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 - C:\Program Files\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\denosek\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\denosek\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} - C:\Users\denosek\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF SearchPlugin: C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\my-web-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Noia 2.0 eXtreme OPT - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\noia2_option@kk.noia
FF Extension: em:name="Free YouTube Download (Free Studio) Menu" - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: Seznam lištička - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Noia4Options - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\Noia4Options@ArisT2.xpi
FF Extension: NoiaFoxoption - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi
FF Extension: togglepersona - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\togglepersona@davidvincent.tld.xpi
FF Extension: No Name - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=48"
CHR DefaultSearchURL: (Conduit) - http://search.conduit.com/Results.aspx? ... =CT3072253
CHR DefaultSuggestURL: (Conduit) - http://search.conduit.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.160.1) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U16) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (AVG Secure Search) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.0.1.12_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (uTorrentControl2) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.5.0.1_0
CHR Extension: (Gmail) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.0.1.12\avg.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\denosek\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-10-29] (SUPERAntiSpyware.com)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2012-12-28] (Freemake)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-11-02] (Google)
R2 LXiMediaCenter Backend; C:\Program Files\LXiMediaCenter\lximcbackend.exe [704512 2012-02-29] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [584488 2011-03-04] (Nero AG)
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2012-02-28] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-08-12] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-02-25] ()
R2 vToolbarUpdater17.0.12; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-04] (AVG Secure Search)
S3 WifiprPasscapeLoader; C:\Program Files\Passcape\WIFIPR\loader.exe [57344 2012-05-29] ()
R2 WMI_Hook_Service; C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe [101176 2009-09-04] (MICRO-STAR INT'L,.LTD.)
R2 PS3 Media Server; "C:\Program Files\PS3 Media Server\win32\service\wrapper.exe" -s "C:\Program Files\PS3 Media Server\win32\service\wrapper.conf" wrapper.console.flush=true wrapper.internal.namedpipe=0393011925

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-04] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-12-24] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [56208 2010-10-12] (Paragon Software Group)
R1 hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [3026 2012-10-10] (Logix4u)
R3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 MSIDriver_IO_2; C:\Program Files\msi\OSD hot keys\MSI_MAINSYS.sys [26936 2009-08-25] (Your Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24608 2009-06-05] (NVIDIA Corporation)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-10-27] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [37080 2010-10-12] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [395464 2010-10-12] (Paragon)
R1 vmm; C:\Windows\system32\Drivers\vmm.sys [230248 2010-09-08] (Microsoft Corporation)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-11-17] (CyberLink Corp.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-29 16:44 - 2013-10-29 16:45 - 00029696 _____ C:\Users\denosek\AppData\Local\MSGBOX.EXE
2013-10-29 16:43 - 2013-10-29 16:43 - 00112128 _____ (forum.viry.cz) C:\Users\denosek\Downloads\FRSTLauncher.exe
2013-10-29 16:41 - 2013-10-29 16:41 - 00000000 ____D C:\FRST
2013-10-29 16:39 - 2013-10-29 16:39 - 01089183 _____ (Farbar) C:\Users\denosek\Downloads\FRST.exe
2013-10-29 16:39 - 2013-10-29 16:39 - 00112107 _____ (forum.viry.cz) C:\Users\denosek\Downloads\VerzeOS.exe
2013-10-29 16:33 - 2013-10-29 16:33 - 01247056 _____ (Microsoft Corporation) C:\Users\denosek\Downloads\wlsetup-web(1).exe
2013-10-28 22:44 - 2013-10-28 22:44 - 00342154 _____ C:\Users\denosek\Downloads\♺ PlayDaddy Collection.torrent
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\denosek\Documents\My WangWang
2013-10-27 22:34 - 2013-10-27 22:34 - 00013917 _____ C:\Users\denosek\Downloads\PlayDaddy - A Chance Encounter.torrent
2013-10-25 10:24 - 2013-10-25 10:28 - 42133180 _____ C:\Users\denosek\Downloads\RTM-(Windows-7)CZ-Language-Pack-x86-+-navod-na-instalaci-cestiny.rar
2013-10-09 14:46 - 2013-10-09 15:07 - 387189839 _____ C:\Users\denosek\Downloads\Feiteng-H9500+-CWM.zip
2013-10-01 00:36 - 2013-10-01 00:37 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-29 17:22 - 2011-02-12 20:48 - 00000000 ____D C:\Users\denosek\AppData\Roaming\uTorrent
2013-10-29 17:13 - 2013-02-19 01:45 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job
2013-10-29 17:03 - 2010-11-24 20:46 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Skype
2013-10-29 16:54 - 2012-12-05 16:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 16:45 - 2013-10-29 16:44 - 00029696 _____ C:\Users\denosek\AppData\Local\MSGBOX.EXE
2013-10-29 16:43 - 2013-10-29 16:43 - 00112128 _____ (forum.viry.cz) C:\Users\denosek\Downloads\FRSTLauncher.exe
2013-10-29 16:41 - 2013-10-29 16:41 - 00000000 ____D C:\FRST
2013-10-29 16:39 - 2013-10-29 16:39 - 01089183 _____ (Farbar) C:\Users\denosek\Downloads\FRST.exe
2013-10-29 16:39 - 2013-10-29 16:39 - 00112107 _____ (forum.viry.cz) C:\Users\denosek\Downloads\VerzeOS.exe
2013-10-29 16:36 - 2010-10-19 09:44 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Winamp
2013-10-29 16:33 - 2013-10-29 16:33 - 01247056 _____ (Microsoft Corporation) C:\Users\denosek\Downloads\wlsetup-web(1).exe
2013-10-29 16:26 - 2013-02-19 16:00 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 15:13 - 2013-02-19 01:45 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
2013-10-29 12:26 - 2013-02-19 16:00 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 10:03 - 2012-02-02 11:00 - 01520421 ____N C:\Windows\WindowsUpdate.log
2013-10-29 09:39 - 2011-03-17 19:02 - 00000000 ____D C:\Users\denosek\Desktop\AF
2013-10-29 09:32 - 2013-04-05 17:53 - 00000546 _____ C:\Users\denosek\Desktop\Nový textový dokument (2).txt
2013-10-29 09:07 - 2010-10-19 09:32 - 00000000 ____D C:\Users\denosek\AppData\Roaming\vlc
2013-10-28 22:44 - 2013-10-28 22:44 - 00342154 _____ C:\Users\denosek\Downloads\♺ PlayDaddy Collection.torrent
2013-10-28 22:44 - 2010-10-18 22:12 - 00000000 ____D C:\Stahovani
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\denosek\Documents\My WangWang
2013-10-28 11:33 - 2012-12-31 20:05 - 01224704 ___SH C:\Users\denosek\Downloads\Thumbs.db
2013-10-28 09:23 - 2010-10-18 21:43 - 00000000 ____D C:\Install
2013-10-28 01:12 - 2011-01-19 14:53 - 00000117 _____ C:\Users\denosek\Desktop\paypal.txt
2013-10-27 22:34 - 2013-10-27 22:34 - 00013917 _____ C:\Users\denosek\Downloads\PlayDaddy - A Chance Encounter.torrent
2013-10-27 19:35 - 2009-07-14 05:34 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-27 19:35 - 2009-07-14 05:34 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-27 19:32 - 2009-08-13 15:08 - 02306364 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-27 19:31 - 2013-03-05 15:59 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Seznam.cz
2013-10-27 19:28 - 2013-07-19 11:01 - 00000000 ____D C:\Program Files\Trademanager
2013-10-27 19:27 - 2013-08-26 15:40 - 00000390 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2013-10-27 19:26 - 2013-07-22 10:17 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-10-27 19:25 - 2013-08-26 15:40 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-10-27 19:25 - 2012-12-31 19:56 - 00000000 ____D C:\Program Files\PS3 Media Server
2013-10-27 19:25 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 10:44 - 2011-02-11 09:18 - 00000000 ____D C:\Users\denosek\AppData\Local\Windows Live
2013-10-25 10:28 - 2013-10-25 10:24 - 42133180 _____ C:\Users\denosek\Downloads\RTM-(Windows-7)CZ-Language-Pack-x86-+-navod-na-instalaci-cestiny.rar
2013-10-24 03:14 - 2010-10-18 21:44 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Mozilla
2013-10-19 09:04 - 2013-09-12 19:45 - 00001978 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-19 09:04 - 2013-09-12 19:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 23:05 - 2011-01-26 08:00 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-15 23:05 - 2011-01-26 07:59 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-14 08:35 - 2010-11-02 16:03 - 00000000 ____D C:\Windows\Minidump
2013-10-10 02:26 - 2009-08-13 16:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 02:09 - 2009-08-13 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 02:08 - 2013-08-12 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 02:05 - 2009-08-13 16:50 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 15:07 - 2013-10-09 14:46 - 387189839 _____ C:\Users\denosek\Downloads\Feiteng-H9500+-CWM.zip
2013-10-09 14:03 - 2010-10-30 01:18 - 00000000 ____D C:\Users\denosek\AppData\Local\Google
2013-10-09 09:54 - 2012-06-12 10:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 09:54 - 2011-09-25 11:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 08:04 - 2012-12-31 17:55 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2013-10-09 08:03 - 2012-05-04 08:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-04 08:05 - 2013-08-26 15:50 - 00003728 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-04 08:03 - 2013-08-26 15:50 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-10-04 08:03 - 2010-10-18 21:44 - 00000000 ____D C:\Users\denosek\AppData\Local\Mozilla
2013-10-04 08:02 - 2013-08-26 15:50 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-10-01 10:15 - 2009-08-13 16:07 - 00000000 ____D C:\ProgramData\Adobe
2013-10-01 00:37 - 2013-10-01 00:36 - 00000000 ____D C:\Program Files\Mozilla Firefox

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-1176429872-680437442-246994520-1000\$a369be4ff970850f71ec28fad09273f6

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$a369be4ff970850f71ec28fad09273f6

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-22 23:33

==================== End Of Log ============================

kosta.m · #3 Příspěvek od **kosta.m** » 29 říj 2013 17:27

Dekuji

#4 Příspěvek od **vyosek** » 29 říj 2013 17:32

Zdravim

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

kosta.m · #5 Příspěvek od **kosta.m** » 29 říj 2013 17:38

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/29/2013 05:41:21 PM in x86 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (PID: 1860) [AU-HEUR]
* C:\Windows\system32\FsUsbExService.Exe (PID: 1908) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

ÿþ1 2 7 . 0 . 0 . 1 l o c a l h o s t

: : 1 l o c a l h o s t

Program finished at: 10/29/2013 05:43:15 PM
Execution time: 0 hours(s), 1 minute(s), and 53 seconds(s)

#6 Příspěvek od **vyosek** » 29 říj 2013 17:40

Pokracujte ComboFixem...

kosta.m · #7 Příspěvek od **kosta.m** » 29 říj 2013 18:12

ComboFix 13-10-29.02 - denosek 29.10.2013 17:52:59.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3327.1848 [GMT 1:00]
Spuštěný z: c:\users\denosek\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\8E6BEC914D.sys
c:\users\denosek\AppData\Local\MSGBOX.EXE
c:\users\denosek\AppData\Roaming\kikin
c:\users\denosek\AppData\Roaming\kikin\ff_configuration.xml
c:\users\denosek\AppData\Roaming\kikin\ff_kkes.xml
c:\users\denosek\AppData\Roaming\kikin\ff_settings.xml
c:\users\denosek\AppData\Roaming\kikin\ie_configuration.xml
c:\users\denosek\AppData\Roaming\kikin\ie_kkes.xml
c:\users\denosek\AppData\Roaming\kikin\ie_settings.xml
c:\users\denosek\AppData\Roaming\kikin\kikin_updater_2.9.1.exe
c:\windows\TEMP\jna859596864928453443.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-09-28 do 2013-10-29 )))))))))))))))))))))))))))))))
.
.
2013-10-29 17:03 . 2013-10-29 17:05 -------- d-----w- c:\users\NeroMediaHomeUser.4\AppData\Local\temp
2013-10-29 17:03 . 2013-10-29 17:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-10-29 17:03 . 2013-10-29 17:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-29 16:49 . 2013-10-29 16:49 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F842A0B-5DF1-4967-92CC-6CB3F3A6CC2A}\MpKslabb80b20.sys
2013-10-29 15:41 . 2013-10-29 15:41 -------- d-----w- C:\FRST
2013-10-29 15:39 . 2013-10-29 15:39 62576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F842A0B-5DF1-4967-92CC-6CB3F3A6CC2A}\offreg.dll
2013-10-28 18:36 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F842A0B-5DF1-4967-92CC-6CB3F3A6CC2A}\mpengine.dll
2013-10-27 18:57 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-18 07:12 . 2013-10-18 07:12 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26B2735A-1BF1-4A7B-9E81-27EB4204DAB8}\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-29 17:05 . 2013-08-26 14:40 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-10-09 08:54 . 2012-06-12 09:01 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-09 08:54 . 2011-09-25 10:08 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-04 07:02 . 2013-08-26 14:50 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-09-12 18:41 . 2009-08-11 17:41 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-09-12 18:41 . 2009-08-11 17:41 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-09-06 21:39 . 2011-03-25 09:00 718712 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-13 02:00 . 2011-01-30 20:23 100512 ----a-w- c:\programdata\Microsoft\VPDExpress\10.0\1033\ResourceCache.dll
2010-11-02 08:34 . 2013-09-30 23:36 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-10-04 07:02 3353624 ----a-w- c:\program files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll" [2013-10-04 3353624]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
"KiesAirMessage"="c:\program files\Samsung\Kies\KiesAirMessage.exe" [2013-04-18 578560]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
"cz.seznam.software.autoupdate"="c:\users\denosek\AppData\Roaming\Seznam.cz\szninstall.exe" [2012-09-13 1009288]
"cz.seznam.software.szndesktop"="c:\users\denosek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" [2013-01-22 92152]
"aliim"="c:\program files\Trademanager\AliIM.exe" [2013-08-22 293272]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-12-31 969104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-10 7612960]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-11-02 30192]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 159456]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 995176]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"Nero MediaHome 4"="c:\program files\Nero\Nero MediaHome 4\NeroMediaHome.exe" [2012-02-28 5178664]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-10-04 2404376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-18 13797920]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-09-12 295512]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 273296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 26112]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-11-02 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
R3 MSIDriver_IO_2;MSIDriver_IO_2;c:\program files\msi\OSD hot keys\MSI_MAINSYS.sys [2009-08-25 26936]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2013-10-29 13464]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-19 1343400]
R3 WifiprPasscapeLoader;WIFIPR Passcape Loader Service;c:\program files\Passcape\WIFIPR\loader.exe [2012-05-29 57344]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [2010-10-12 56208]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2009-06-04 24608]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-10-04 37664]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 239168]
S1 MpKslabb80b20;MpKslabb80b20;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F842A0B-5DF1-4967-92CC-6CB3F3A6CC2A}\MpKslabb80b20.sys [2013-10-29 40392]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2012-10-29 116608]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/12/31 14:55];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-11-17 20:29 87536]
S2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/11/01 22:14];c:\program files\CyberLink\PowerDVD9\000.fcl [2009-02-28 18:40 87536]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2012-12-28 101376]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2013-02-05 233472]
S2 LXiMediaCenter Backend;LXiMediaCenter Backend;c:\program files\LXiMediaCenter\lximcbackend.exe [2012-02-29 704512]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2011-03-04 584488]
S2 PS3 Media Server;PS3 Media Server;c:\program files\PS3 Media Server\win32\service\wrapper.exe [2011-05-17 366872]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]
S2 vToolbarUpdater17.0.12;vToolbarUpdater17.0.12;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [2013-10-04 1734680]
S2 WMI_Hook_Service;WMI_Hook_Service;c:\program files\msi\OSD hot keys\WMI_Hook_Service.exe [2009-09-04 101176]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2013-02-05 37344]
S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 NxpCap;CTX capture service;c:\windows\system32\DRIVERS\NxpCap.sys [2009-07-30 1488096]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [2010-04-01 1009184]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - FSUSBEXDISK
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 22:26 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 08:54]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 00:18]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-30 00:18]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
- c:\users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 19:00]
.
2013-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job
- c:\users\denosek\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 19:00]
.
2013-10-29 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files\SlimDrivers\SlimDrivers.exe [2013-07-10 06:58]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
uSearchAssistant =
IE: Free YouTube to MP3 Converter - c:\users\denosek\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: alipay.com
Trusted Zone: alisoft.com
Trusted Zone: taobao.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll
FF - ProfilePath - c:\users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.seznam.cz/?sourceid=undefined&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\nvvsvc.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Nero\Nero MediaHome 4\NMMediaServerService.exe
c:\windows\system32\taskhost.exe
c:\windows\SYSTEM32\WISPTIS.EXE
c:\program files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\system32\conhost.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe
c:\windows\system32\conhost.exe
c:\windows\system32\java.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\UI0Detect.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\users\denosek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
c:\program files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Microsoft Security Client\MpCmdRun.exe
.
**************************************************************************
.
Celkový čas: 2013-10-29 18:14:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-10-29 17:14
.
Před spuštěním: Volných bajtů: 565 346 091 008
Po spuštění: Volných bajtů: 565 235 662 848
.
- - End Of File - - 07695C4A3DB6C5B920C5F86ADF769F40
4624822E540EC83CD0819525C65846BA

#8 Příspěvek od **vyosek** » 29 říj 2013 18:16

Stahnete na plochu CKScanner

Spustte a kliknete na Search for files
Po dokonceni skenu kliknete na Save List to File a nasledne OK
Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

Ulozte nejlepe na plochu
Ukoncete vsechny programy
Kliknete na Scan a nasledne Clean
Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

kosta.m · #9 Příspěvek od **kosta.m** » 29 říj 2013 18:33

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\install\navigace do auta\mn.7.4.2.build.802.for.pna.480x272\phonelink\phonelinkmsg.exe
c:\program files\jdownloader\jd\plugins\hoster\crackedcom.class
c:\program files\mamei\icons\cracksht.ico
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_arab_dance.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_chinese_dance.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_dance_of_the_sugar.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_march.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_reed_flutes.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\n\nutcracker_suite_-_russian_dance.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\m_tjaikovski-nut_cracker.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\ringtones\arabian dance nutcracker suite (tchaicovsky).mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\ringtones\overture nutcracker suite (tchaicovsky).mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\ringtones\waltz of the flowers from the nutcracker suite.mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\tones\overture nutcracker suite (tchaicovsky).mid
c:\users\denosek\documents\veru\ostatní\disk\melodie\polyphone_midi_ringtones\very nice polytones\m_tjaikovski-nut_cracker.mid
scanner sequence 3.FI.11.WMAAM0
----- EOF -----

#10 Příspěvek od **vyosek** » 29 říj 2013 18:42

OK, pokracujte AdwCleanerem

kosta.m · #11 Příspěvek od **kosta.m** » 29 říj 2013 18:47

# AdwCleaner v3.010 - Report created 29/10/2013 at 18:48:17
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium (32 bits)
# Username : denosek - MARA
# Running from : C:\Users\denosek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitLord
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\BitLord
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\myfree codec
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\denosek\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\denosek\AppData\Local\Conduit
Folder Deleted : C:\Users\denosek\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\denosek\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\denosek\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\denosek\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\denosek\AppData\LocalLow\MyAshampoo
Folder Deleted : C:\Users\denosek\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\denosek\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Conduit
Folder Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\ConduitCommon
Folder Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\ConduitEngine
Folder Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Folder Deleted : C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
File Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\invalidprefs.js
File Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\Askcom.xml
File Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\Conduit.xml
File Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\searchplugins\my-web-search.xml
File Deleted : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\user.js
File Deleted : C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{488CC57E-BD67-4565-98D6-14FA525BC864}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{488CC57E-BD67-4565-98D6-14FA525BC864}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{488CC57E-BD67-4565-98D6-14FA525BC864}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E3B1699-2092-422F-9371-C8FE4583D204}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{741AFF0D-F94C-4066-9117-B73A61B1CAB4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8A1F26A-CF70-4257-85F8-23E9B971B0E4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CB4EB4B6-733F-4218-85F4-34C86BC07836}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\MyAshampoo
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\MyAshampoo\toolbar
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\MyAshampoo
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v24.0 (cs)

[ File : C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\prefs.js ]

Line Deleted : user_pref("CT2475029..clientLogIsEnabled", true);
Line Deleted : user_pref("CT2475029..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2475029..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT2475029.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2475029.CT2481020.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481024.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481025.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481029.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481031.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481032.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481033.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481034.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481035.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CT2481037.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CommunitiesChangesLastCheckTime", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.CommunityChanged", true);
Line Deleted : user_pref("CT2475029.CurrentServerDate", "12-5-2011");
Line Deleted : user_pref("CT2475029.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2475029.DialogsGetterLastCheckTime", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.DownloadDomainsCheckInterval", "168");
Line Deleted : user_pref("CT2475029.DownloadDomainsListLastCheckTime", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.DownloadDomainsListLastServerUpdateTime", "1201069983");
Line Deleted : user_pref("CT2475029.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT2475029.EMailNotifierPollDate", "Tue Oct 19 2010 11:51:47 GMT+0200");
Line Deleted : user_pref("CT2475029.ExternalComponentPollDate129078508355624514", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedLastCount129133095456874337", 200);
Line Deleted : user_pref("CT2475029.FeedPollDate129132307482029379", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129132307482029381", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129132307482029382", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129133095459686870", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129133095459686871", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129137437659687146", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129137437659687147", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129137437659687148", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602500", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602506", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602512", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602518", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602524", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214602530", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603404", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603410", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603416", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603422", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603428", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603434", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603440", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603446", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603452", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603458", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603464", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603470", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603476", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603482", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603488", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214603494", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758786", "Thu May 12 2011 09:46:32 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758792", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758798", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758804", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758810", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758816", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758822", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758828", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758834", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758840", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758846", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758852", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758858", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758864", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758870", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758876", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758882", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758888", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758894", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758900", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758906", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758912", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758918", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758924", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758930", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758936", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758942", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758948", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758954", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedPollDate129255180214758960", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CT2475029.FeedTTL129132307482029379", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129132307482029381", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129132307482029382", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129133095459686870", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129133095459686871", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129137437659687146", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129137437659687147", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129137437659687148", 40);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214602500", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214602512", 2);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214602518", 5);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214602524", 5);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603416", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603428", 60);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603434", 10);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603482", 30);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603488", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214603494", 2);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758786", 5);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758798", 30);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758804", 30);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758810", 2);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758828", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758840", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758846", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758852", 15);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758870", 1440);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758900", 10);
Line Deleted : user_pref("CT2475029.FeedTTL129255180214758918", 5);
Line Deleted : user_pref("CT2475029.FirstServerDate", "19-10-2010");
Line Deleted : user_pref("CT2475029.FirstTime", true);
Line Deleted : user_pref("CT2475029.FirstTimeFF3", true);
Line Deleted : user_pref("CT2475029.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT2475029.GroupingLastCheckTime", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.GroupingLastErrorCode", "");
Line Deleted : user_pref("CT2475029.GroupingLastResponse", true);
Line Deleted : user_pref("CT2475029.GroupingLastServerUpdateTime", "129484884546300000");
Line Deleted : user_pref("CT2475029.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2475029.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2475029.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT2475029.Initialize", true);
Line Deleted : user_pref("CT2475029.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2475029.InstallationAndCookieDataSentCount", 1);
Line Deleted : user_pref("CT2475029.InstalledDate", "Tue Oct 19 2010 11:51:44 GMT+0200");
Line Deleted : user_pref("CT2475029.InvalidateCache", false);
Line Deleted : user_pref("CT2475029.IsGrouping", true);
Line Deleted : user_pref("CT2475029.IsMulticommunity", true);
Line Deleted : user_pref("CT2475029.IsOpenThankYouPage", false);
Line Deleted : user_pref("CT2475029.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2475029.LanguagePackLastCheckTime", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2475029.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2475029.LastLogin_2.5.6.0", "Tue Oct 19 2010 11:52:17 GMT+0200");
Line Deleted : user_pref("CT2475029.LastLogin_3.3.3.2", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.LatestVersion", "3.3.3.2");
Line Deleted : user_pref("CT2475029.Locale", "en");
Line Deleted : user_pref("CT2475029.LoginCache", 4);
Line Deleted : user_pref("CT2475029.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2475029.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2475029.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2475029.RadioIsPodcast", false);
Line Deleted : user_pref("CT2475029.RadioLastCheckTime", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CT2475029.RadioLastUpdateIPServer", "3");
Line Deleted : user_pref("CT2475029.RadioLastUpdateServer", "129054397178370000");
Line Deleted : user_pref("CT2475029.RadioMediaID", "13098944");
Line Deleted : user_pref("CT2475029.RadioMediaType", "Media Player");
Line Deleted : user_pref("CT2475029.RadioMenuSelectedID", "EBRadioMenu_CT247502913098944");
Line Deleted : user_pref("CT2475029.RadioStationName", "Mellesleg%20-%20Rapp");
Line Deleted : user_pref("CT2475029.RadioStationURL", "hxxp://195.228.254.168:8060/");
Line Deleted : user_pref("CT2475029.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2475029.SavedHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT2475029.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct2475029&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2475029.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2475029.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&q=");
Line Deleted : user_pref("CT2475029.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2475029.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2475029.SearchInNewTabLastCheckTime", "Thu May 12 2011 09:46:34 GMT+0200");
Line Deleted : user_pref("CT2475029.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2475029.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2475029.ServiceMapLastCheckTime", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2475029.SettingsLastCheckTime", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.SettingsLastUpdate", "1304242869");
Line Deleted : user_pref("CT2475029.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2475029.ThirdPartyComponentsLastCheck", "Thu May 12 2011 09:46:29 GMT+0200");
Line Deleted : user_pref("CT2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2475029.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2475029");
Line Deleted : user_pref("CT2475029.UserID", "UN41442060798129571");
Line Deleted : user_pref("CT2475029.WeatherPollDate", "Tue Oct 19 2010 11:52:04 GMT+0200");
Line Deleted : user_pref("CT2475029.WeatherUnit", "C");
Line Deleted : user_pref("CT2475029.clientLogIsEnabled", false);
Line Deleted : user_pref("CT2475029.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2475029.ct2475029.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2475029.ct2475029.Locale", "en");
Line Deleted : user_pref("CT2475029.ct2475029.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2475029.ct2475029.SettingsLastCheckTime", "Tue Oct 19 2010 11:51:44 GMT+0200");
Line Deleted : user_pref("CT2475029.ct2475029.SettingsLastUpdate", "1287328233");
Line Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastCheck", "Tue Oct 19 2010 11:51:44 GMT+0200");
Line Deleted : user_pref("CT2475029.ct2475029.ThirdPartyComponentsLastUpdate", "1246790578");
Line Deleted : user_pref("CT2475029.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdownload.conduit.com/\"}");
Line Deleted : user_pref("CT2475029.globalFirstTimeInfoLastCheckTime", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.isAppTrackingManagerOn", true);
Line Deleted : user_pref("CT2475029.myStuffEnabled", true);
Line Deleted : user_pref("CT2475029.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2475029.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2475029.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2475029.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2475029.oldAppsList", "200,129053524177369346,129053524177525597,129464711670611991,129469742085082050,129054281793738287,129374111428406428,129133095456874337,129342246831062526,12931780[...]
Line Deleted : user_pref("CT2475029.testingCtid", "");
Line Deleted : user_pref("CT2475029.toolbarAppMetaDataLastCheckTime", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.toolbarContextMenuLastCheckTime", "Thu May 12 2011 09:46:33 GMT+0200");
Line Deleted : user_pref("CT2475029.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3072253..clientLogIsEnabled", true);
Line Deleted : user_pref("CT3072253..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT3072253..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CT3072253.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Deleted : user_pref("CT3072253.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT3072253.AppTrackingLastCheckTime", "Sun Aug 12 2012 21:55:14 GMT+0200");
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129573915102477663", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129749445881800338", true);
Line Deleted : user_pref("CT3072253.BrowserCompStateIsOpen_129805375651312503", true);
Line Deleted : user_pref("CT3072253.CTID", "CT3072253");
Line Deleted : user_pref("CT3072253.CommunitiesChangesLastCheckTime", "0");
Line Deleted : user_pref("CT3072253.CurrentServerDate", "30-10-2012");
Line Deleted : user_pref("CT3072253.DSInstall", true);
Line Deleted : user_pref("CT3072253.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT3072253.DialogsGetterLastCheckTime", "Mon Oct 29 2012 08:48:00 GMT+0100");
Line Deleted : user_pref("CT3072253.DownloadReferralCookieData", "");
Line Deleted : user_pref("CT3072253.FirstServerDate", "5-5-2012");
Line Deleted : user_pref("CT3072253.FirstTime", true);
Line Deleted : user_pref("CT3072253.FirstTimeFF3", true);
Line Deleted : user_pref("CT3072253.FixPageNotFoundErrors", true);
Line Deleted : user_pref("CT3072253.GroupingInvalidateCache", false);
Line Deleted : user_pref("CT3072253.GroupingLastCheckTime", "0");
Line Deleted : user_pref("CT3072253.GroupingLastServerUpdateTime", "0");
Line Deleted : user_pref("CT3072253.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT3072253.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT3072253.HPChangedManually", false);
Line Deleted : user_pref("CT3072253.HPInstall", true);
Line Deleted : user_pref("CT3072253.HPProtectChoice", true);
Line Deleted : user_pref("CT3072253.HPProtectCount", 1);
Line Deleted : user_pref("CT3072253.HasUserGlobalKeys", true);
Line Deleted : user_pref("CT3072253.HomePageProtectorEnabled", false);
Line Deleted : user_pref("CT3072253.HomepageBeforeUnload", "seznam.cz");
Line Deleted : user_pref("CT3072253.Initialize", true);
Line Deleted : user_pref("CT3072253.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT3072253.InstallationAndCookieDataSentCount", 3);
Line Deleted : user_pref("CT3072253.InstallationId", "fftE7E1.tmp.exe");
Line Deleted : user_pref("CT3072253.InstallationType", "XPE");
Line Deleted : user_pref("CT3072253.InstalledDate", "Sat May 05 2012 22:06:23 GMT+0200");
Line Deleted : user_pref("CT3072253.InvalidateCache", false);
Line Deleted : user_pref("CT3072253.IsAlertDBUpdated", true);
Line Deleted : user_pref("CT3072253.IsGrouping", false);
Line Deleted : user_pref("CT3072253.IsInitSetupIni", true);
Line Deleted : user_pref("CT3072253.IsMulticommunity", false);
Line Deleted : user_pref("CT3072253.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT3072253.IsOpenUninstallPage", false);
Line Deleted : user_pref("CT3072253.IsProtectorsInit", true);
Line Deleted : user_pref("CT3072253.LanguagePackLastCheckTime", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.0.8", "Wed May 09 2012 09:27:16 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.12.2.3", "Sun Jun 03 2012 18:49:17 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.13.0.6", "Wed Jul 18 2012 00:50:13 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.14.1.0", "Wed Aug 29 2012 09:21:15 GMT+0200");
Line Deleted : user_pref("CT3072253.LastLogin_3.15.1.0", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.LatestVersion", "3.14.1.0");
Line Deleted : user_pref("CT3072253.Locale", "en");
Line Deleted : user_pref("CT3072253.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT3072253.MCDetectTooltipShow", false);
Line Deleted : user_pref("CT3072253.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT3072253.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT3072253.MyStuffEnabledAtInstallation", true);
Line Deleted : user_pref("CT3072253.OriginalFirstVersion", "3.12.0.8");
Line Deleted : user_pref("CT3072253.RadioLastCheckTime", "0");
Line Deleted : user_pref("CT3072253.RadioLastUpdateIPServer", "0");
Line Deleted : user_pref("CT3072253.RadioLastUpdateServer", "0");
Line Deleted : user_pref("CT3072253.RadioShrinked", "shrinked");
Line Deleted : user_pref("CT3072253.RadioShrinkedFromSetup", true);
Line Deleted : user_pref("CT3072253.SHRINK_TOOLBAR", 0);
Line Deleted : user_pref("CT3072253.SavedHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CT3072253.SearchBoxWidth", 242);
Line Deleted : user_pref("CT3072253.SearchCaption", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchEngine", "Web%20Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT3072253&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT3072253.SearchEngineBeforeUnload", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CT3072253.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT3072253.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=");
Line Deleted : user_pref("CT3072253.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT3072253.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.SearchInNewTabLastCheckTime", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT3072253.SearchProtectorEnabled", true);
Line Deleted : user_pref("CT3072253.SearchProtectorToolbarDisabled", false);
Line Deleted : user_pref("CT3072253.SendProtectorDataViaLogin", true);
Line Deleted : user_pref("CT3072253.ServiceMapLastCheckTime", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastCheckTime", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.SettingsLastUpdate", "1351096591");
Line Deleted : user_pref("CT3072253.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastCheck", "Wed Oct 10 2012 12:09:52 GMT+0200");
Line Deleted : user_pref("CT3072253.ThirdPartyComponentsLastUpdate", "1331805997");
Line Deleted : user_pref("CT3072253.ToolbarShrinkedFromSetup", true);
Line Deleted : user_pref("CT3072253.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3072253");
Line Deleted : user_pref("CT3072253.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Deleted : user_pref("CT3072253.UserID", "UN23380333614337745");
Line Deleted : user_pref("CT3072253.ValidationData_Search", 2);
Line Deleted : user_pref("CT3072253.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT3072253.alertChannelId", "1463702");
Line Deleted : user_pref("CT3072253.approveUntrustedApps", true);
Line Deleted : user_pref("CT3072253.autoDisableScopes", -1);
Line Deleted : user_pref("CT3072253.backendstorage.cbcountry_000", "435A");
Line Deleted : user_pref("CT3072253.backendstorage.cbfirsttime", "536174204D617920303520323031322032323A30363A323720474D542B30323030");
Line Deleted : user_pref("CT3072253.components.1000080", false);
Line Deleted : user_pref("CT3072253.components.129573915102477663", false);
Line Deleted : user_pref("CT3072253.components.129593762370823811", false);
Line Deleted : user_pref("CT3072253.components.129749445881800338", false);
Line Deleted : user_pref("CT3072253.components.129805375651312503", false);
Line Deleted : user_pref("CT3072253.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Line Deleted : user_pref("CT3072253.globalFirstTimeInfoLastCheckTime", "Sun Oct 21 2012 14:03:04 GMT+0200");
Line Deleted : user_pref("CT3072253.homepageProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.initDone", true);
Line Deleted : user_pref("CT3072253.isAppTrackingManagerOn", false);
Line Deleted : user_pref("CT3072253.isFirstRadioInstallation", false);
Line Deleted : user_pref("CT3072253.myStuffEnabled", true);
Line Deleted : user_pref("CT3072253.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT3072253.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT3072253.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT3072253.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT3072253.navigateToUrlOnSearch", false);
Line Deleted : user_pref("CT3072253.oldAppsList", "129295695672325902,129571859753931591,111,129593762370823811,129805375651312503,129749445881800338,129573915102477663,1000080,1000515,1000,1001,1002,1003,1004,1005,[...]
Line Deleted : user_pref("CT3072253.revertSettingsEnabled", true);
Line Deleted : user_pref("CT3072253.searchProtectorDialogDelayInSec", 10);
Line Deleted : user_pref("CT3072253.searchProtectorEnableByLogin", true);
Line Deleted : user_pref("CT3072253.testingCtid", "");
Line Deleted : user_pref("CT3072253.toolbarAppMetaDataLastCheckTime", "Tue Oct 30 2012 09:46:17 GMT+0100");
Line Deleted : user_pref("CT3072253.toolbarContextMenuLastCheckTime", "Thu Oct 25 2012 19:12:24 GMT+0200");
Line Deleted : user_pref("CT3072253.usagesFlag", 2);
Line Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2475029");
Line Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3072253&SearchSource=13");
Line Deleted : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentControl2 Customized Web Search");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3072253/CT3072253", "\"0d9ea40ba564eb33965d9a608e3d911e3\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825605/821413/CZ", "\"1-177614-35341200\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/868510/864310/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874426/870225/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874430/870228/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874431/870229/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874435/870233/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874437/870235/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874438/870236/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874439/870237/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874440/870238/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874441/870239/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/874443/870241/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CZ", "\"0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2475029", "\"1294295055\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3072253", "\"1336063965\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcduu0A==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "FqddrIU7eyJgaaLyHDeVMQ==");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.8", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2475029", "\"634402944764300000\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3072253", "\"f1c77625c0e9bd1c80a2fd6901845fa9\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634356118310000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2010 4:33:06 PM", "634303635100000000");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2475029/CT2475029", "\"1304242869\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/equalizer_dead.gif", "\"0678fe477ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/minimize.gif", "\"046c7ab477ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/play.gif", "\"0484de117c4c91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/stop.gif", "\"0e7a152347ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Cornflower/vol.gif", "\"087c778347ac91:0\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"d630d038c26171fa9996ef117f58da7e\"");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/1344951.xml", "\"3f18c27d01e2a5356edfd33659631e69\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16887175.xml", "\"008f38a3e4c0b6bcf98a7f97f443480a\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/17151925.xml", "\"5b1f4e74a6742d40d0662c7c00f46253\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"bd34006bdf2d92261eb0bd57b92bbdaa\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/30261067.xml", "\"4e2541e3cf9955527193c9f8d475296b\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/34655603.xml", "\"b7f619984c4fd98060efd1345cb20ec3\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/759251.xml", "\"095840b3fd5c3ecf7acfdeb5a7c94a4b\"-gzip");
Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/816653.xml", "\"f804e93c66351c59534f7880fbfc8966\"-gzip");
Line Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Line Deleted : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Line Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Line Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\denosek\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\4brtbfr2.default\\conduitCommon\\modules\\3.15.1.0");
Line Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Line Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&invocationType=tb50ffwinampab&query=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2475029,ConduitEngine,CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2475029,CT3072253");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu May 12 2011 09:43:39 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 05:37:10 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 27 2011 13:36:59 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "efd884b6-daa0-4607-899b-e690bd131dac");
Line Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu May 12 2011 09:46:30 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.globalUserId", "21842c8b-a3a2-454e-8d9c-2d76b74c3f66");
Line Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Line Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Oct 25 2012 19:12:45 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Line Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Line Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Line Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Oct 29 2012 08:48:03 GMT+0100");
Line Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.notifications.userId", "e6038ec0-d509-4437-bc65-2ed35a50ac6e");
Line Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.seznam.cz/");
Line Deleted : user_pref("CommunityToolbar.originalSearchEngine", "");
Line Deleted : user_pref("CommunityToolbar.twitter.user_1344951.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_16887175.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_17151925.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_30261067.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_34655603.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_759251.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.twitter.user_816653.LastCheckTime", "Thu May 12 2011 09:46:35 GMT+0200");
Line Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon May 30 2011 08:07:11 GMT+0200");
Line Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine");
Line Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu May 12 2011 09:43:39 GMT+0200");
Line Deleted : user_pref("ConduitEngine.FirstServerDate", "01/03/2011 17");
Line Deleted : user_pref("ConduitEngine.FirstTime", true);
Line Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Line Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Line Deleted : user_pref("ConduitEngine.Initialize", true);
Line Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Line Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Jan 03 2011 15:54:03 GMT+0100");
Line Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Line Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Line Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Line Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu May 12 2011 09:43:38 GMT+0200");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Feb 13 2011 16:22:25 GMT+0100");
Line Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu May 12 2011 09:43:38 GMT+0200");
Line Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu May 12 2011 09:43:38 GMT+0200");
Line Deleted : user_pref("ConduitEngine.UserID", "UN86673646196196829");
Line Deleted : user_pref("ConduitEngine.apps1565073171748859856", false);
Line Deleted : user_pref("ConduitEngine.componentAlertEnabled", true);
Line Deleted : user_pref("ConduitEngine.counterAppsAdded", 1);
Line Deleted : user_pref("ConduitEngine.engineLocale", "cs");
Line Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu May 12 2011 09:43:38 GMT+0200");
Line Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu May 12 2011 09:43:38 GMT+0200");
Line Deleted : user_pref("ConduitEngine.initDone", true);
Line Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Line Deleted : user_pref("ConduitEngine.usagesFlag", 2);
Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("extensions.foxcub.prev.search.selected", "Ask.com");
Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "");
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=ADBC8D89-512A-4ECB-B349-0DECAAD68985&n=77fc6eb7&p2=^Y6^xdm007^YY^cz&si=CL2lk9yzjrYCFchd3god1[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.hp.lastGuardTime", -1862718271);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.hp.numGuards", 1);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013032119");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm007^YY^cz");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", "CL2lk9yzjrYCFchd3god1QUA0A");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "ADBC8D89-512A-4ECB-B349-0DECAAD68985");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1363932865018");
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "fromdoctopdf@mindspark.com");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [59600 octets] - [29/10/2013 18:34:04]
AdwCleaner[R1].txt - [59659 octets] - [29/10/2013 18:40:26]
AdwCleaner[S0].txt - [59604 octets] - [29/10/2013 18:48:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [59665 octets] ##########

#12 Příspěvek od **vyosek** » 29 říj 2013 18:48

Postupujte dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100

kosta.m · #13 Příspěvek od **kosta.m** » 29 říj 2013 18:55

vzdy sem dla všechny logy sem .. nebo sem udelal neco spatne?

kosta.m · #14 Příspěvek od **kosta.m** » 29 říj 2013 19:08

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-10-2013
Ran by denosek (administrator) on MARA on 29-10-2013 18:58:18
Running from C:\Users\denosek\Desktop
Microsoft Windows 7 Home Premium (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\system32\FsUsbExService.Exe
() C:\Program Files\LXiMediaCenter\lximcbackend.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Tanuki Software, Ltd.) C:\Program Files\PS3 Media Server\win32\service\wrapper.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(MICRO-STAR INT'L,.LTD.) C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Sun Microsystems, Inc.) C:\Windows\system32\java.exe
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SlimWare Utilities, Inc.) C:\Program Files\SlimDrivers\SlimDrivers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe
(RealNetworks, Inc.) C:\Program Files\real\realplayer\Update\realsched.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files\Samsung\Kies\KiesAirMessage.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(阿里云计算有限公司) C:\Program Files\Trademanager\miser\AliimSafe.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Farbar) C:\Users\denosek\Desktop\FRST(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7612960 2009-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-11-02] (Google)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [995176 2013-08-12] (Microsoft Corporation)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2012-02-28] (Nero AG)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [TkBellExe] - C:\Program Files\real\realplayer\Update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-04-18] (Samsung Electronics)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [18642024 2013-02-28] (Skype Technologies S.A.)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Users\denosek\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Users\denosek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKCU\...\Run: [aliim] - C:\Program Files\Trademanager\AliIM.exe [293272 2013-08-22] (Alibaba (China) Co., Ltd.)
HKCU\...\Run: [ISUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [969104 2012-12-31] (BitTorrent, Inc.)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [ 2010-11-02] (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {1685D7AF-BD5E-4674-8619-8995EF9F470D} URL = http://www.mapy.cz/?query={searchTerms} ... arch_12454
SearchScopes: HKCU - {1830F1A5-D751-4D2F-B2DC-2509B96A9AF4} URL = http://encyklopedie.seznam.cz/search?q= ... arch_12454
SearchScopes: HKCU - {7C2DBB22-385F-413B-8616-E2A7B1A96558} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {AB3EB8A3-B2B8-48C9-B7FC-A0661DBECBDA} URL = http://www.firmy.cz/phr/{searchTerms}?s ... arch_12454
SearchScopes: HKCU - {B0D4AECD-67CF-4E7F-A4DB-131EBD6A1404} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
SearchScopes: HKCU - {CC14233F-73AA-4565-9CAB-FDF30ECF65BC} URL = http://search.seznam.cz/?q={searchTerms ... arch_12454
SearchScopes: HKCU - {E2D2578E-7041-4610-8B7A-A66ACF9D95DD} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default
FF Homepage: seznam.cz
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=undefined&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @alibaba.com/nptrademanager;version=1.0 - C:\Program Files\Trademanager\nptrademanager.dll ( )
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 - C:\Program Files\Trademanager\npAliSSOLogin.dll (Alibaba software (Shanghai) Corporation.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\denosek\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\denosek\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: {@alibaba.com/alisetup;version=1.0} - C:\Users\denosek\AppData\Local\Alibaba\AliSetup\0.1.0.52\npAliSetupOneClick.dll (alibaba)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\firmycz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mapycz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\zbocz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Noia 2.0 eXtreme OPT - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\noia2_option@kk.noia
FF Extension: Seznam lištička - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: Noia4Options - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\Noia4Options@ArisT2.xpi
FF Extension: NoiaFoxoption - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi
FF Extension: togglepersona - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\togglepersona@davidvincent.tld.xpi
FF Extension: No Name - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi
FF Extension: No Name - C:\Users\denosek\AppData\Roaming\Mozilla\Firefox\Profiles\4brtbfr2.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: (Conduit) - http://www.google.com
CHR DefaultSuggestURL: (Conduit) - http://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.160.1) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U16) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\denosek\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Seznam Li\u0161ti\u010Dka - Email) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Slovn\u00EDk) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0
CHR Extension: (YouTube) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0
CHR Extension: (Gmail) - C:\Users\denosek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-10-29] (SUPERAntiSpyware.com)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101376 2012-12-28] (Freemake)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-11-02] (Google)
R2 LXiMediaCenter Backend; C:\Program Files\LXiMediaCenter\lximcbackend.exe [704512 2012-02-29] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-08-12] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [584488 2011-03-04] (Nero AG)
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2012-02-28] (Nero AG)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-08-12] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-02-25] ()
S3 WifiprPasscapeLoader; C:\Program Files\Passcape\WIFIPR\loader.exe [57344 2012-05-29] ()
R2 WMI_Hook_Service; C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe [101176 2009-09-04] (MICRO-STAR INT'L,.LTD.)
R2 PS3 Media Server; "C:\Program Files\PS3 Media Server\win32\service\wrapper.exe" -s "C:\Program Files\PS3 Media Server\win32\service\wrapper.conf" wrapper.console.flush=true wrapper.internal.namedpipe=0393011925

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [26112 2010-04-29] (Google Inc)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-04] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2011-12-24] (DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [34760 2007-02-16] (SlySoft, Inc.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [56208 2010-10-12] (Paragon Software Group)
R1 hwinterface; C:\Windows\System32\Drivers\hwinterface.sys [3026 2012-10-10] (Logix4u)
R3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
S3 MSIDriver_IO_2; C:\Program Files\msi\OSD hot keys\MSI_MAINSYS.sys [26936 2009-08-25] (Your Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24608 2009-06-05] (NVIDIA Corporation)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-10-29] ()
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [37080 2010-10-12] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IM.sys [395464 2010-10-12] (Paragon)
R1 vmm; C:\Windows\system32\Drivers\vmm.sys [230248 2010-09-08] (Microsoft Corporation)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [87536 2010-11-17] (CyberLink Corp.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files\CyberLink\PowerDVD9\000.fcl [87536 2009-02-28] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\denosek\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-29 18:56 - 2013-10-29 18:56 - 01089183 _____ (Farbar) C:\Users\denosek\Desktop\FRST(1).exe
2013-10-29 18:52 - 2013-10-29 18:52 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-10-29 18:38 - 2013-10-29 18:38 - 00001652 _____ C:\Users\denosek\Desktop\ckfiles.txt
2013-10-29 18:37 - 2013-10-29 18:37 - 00468480 _____ () C:\Users\denosek\Desktop\CKScanner(1).exe
2013-10-29 18:30 - 2013-10-29 18:49 - 00000000 ____D C:\AdwCleaner
2013-10-29 18:29 - 2013-10-29 18:34 - 00001652 _____ C:\Users\denosek\Downloads\ckfiles.txt
2013-10-29 18:25 - 2013-10-29 18:25 - 01060070 _____ C:\Users\denosek\Desktop\adwcleaner.exe
2013-10-29 18:24 - 2013-10-29 18:24 - 00468480 _____ () C:\Users\denosek\Downloads\CKScanner.exe
2013-10-29 18:14 - 2013-10-29 18:14 - 00018171 _____ C:\ComboFix.txt
2013-10-29 18:04 - 2013-10-29 18:50 - 00000112 _____ C:\Windows\setupact.log
2013-10-29 18:04 - 2013-10-29 18:04 - 00000552 _____ C:\Windows\PFRO.log
2013-10-29 18:04 - 2013-10-29 18:04 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 17:49 - 2013-10-29 18:15 - 00000000 ____D C:\Qoobox
2013-10-29 17:49 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-10-29 17:49 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-10-29 17:49 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-10-29 17:49 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-10-29 17:49 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-10-29 17:49 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-10-29 17:49 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-10-29 17:49 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-10-29 17:46 - 2013-10-29 17:46 - 05137551 ____R (Swearware) C:\Users\denosek\Downloads\ComboFix.exe
2013-10-29 17:41 - 2013-10-29 17:43 - 00002550 _____ C:\Users\denosek\Desktop\Rkill.txt
2013-10-29 17:38 - 2013-10-29 17:38 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\denosek\Desktop\rkill.com
2013-10-29 17:28 - 2013-10-29 17:28 - 00037413 _____ C:\Users\denosek\Downloads\FRST.txt
2013-10-29 17:25 - 2013-10-29 17:28 - 00039724 _____ C:\Users\denosek\Downloads\Addition.txt
2013-10-29 16:43 - 2013-10-29 16:43 - 00112128 _____ (forum.viry.cz) C:\Users\denosek\Downloads\FRSTLauncher.exe
2013-10-29 16:41 - 2013-10-29 16:41 - 00000000 ____D C:\FRST
2013-10-29 16:39 - 2013-10-29 16:39 - 01089183 _____ (Farbar) C:\Users\denosek\Downloads\FRST.exe
2013-10-29 16:39 - 2013-10-29 16:39 - 00112107 _____ (forum.viry.cz) C:\Users\denosek\Downloads\VerzeOS.exe
2013-10-29 16:33 - 2013-10-29 16:33 - 01247056 _____ (Microsoft Corporation) C:\Users\denosek\Downloads\wlsetup-web(1).exe
2013-10-28 22:44 - 2013-10-28 22:44 - 00342154 _____ C:\Users\denosek\Downloads\♺ PlayDaddy Collection.torrent
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\denosek\Documents\My WangWang
2013-10-27 22:34 - 2013-10-27 22:34 - 00013917 _____ C:\Users\denosek\Downloads\PlayDaddy - A Chance Encounter.torrent
2013-10-25 10:24 - 2013-10-25 10:28 - 42133180 _____ C:\Users\denosek\Downloads\RTM-(Windows-7)CZ-Language-Pack-x86-+-navod-na-instalaci-cestiny.rar
2013-10-09 14:46 - 2013-10-09 15:07 - 387189839 _____ C:\Users\denosek\Downloads\Feiteng-H9500+-CWM.zip
2013-10-01 00:36 - 2013-10-01 00:37 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-10-29 19:12 - 2011-02-12 20:48 - 00000000 ____D C:\Users\denosek\AppData\Roaming\uTorrent
2013-10-29 18:59 - 2009-07-14 05:34 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-29 18:59 - 2009-07-14 05:34 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-29 18:56 - 2013-10-29 18:56 - 01089183 _____ (Farbar) C:\Users\denosek\Desktop\FRST(1).exe
2013-10-29 18:56 - 2013-03-05 15:59 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Seznam.cz
2013-10-29 18:56 - 2009-08-13 15:08 - 02306364 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-29 18:55 - 2012-02-02 11:00 - 01530066 _____ C:\Windows\WindowsUpdate.log
2013-10-29 18:54 - 2012-12-05 16:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-29 18:52 - 2013-10-29 18:52 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-10-29 18:52 - 2013-08-26 15:40 - 00000390 _____ C:\Windows\Tasks\SlimDrivers Startup.job
2013-10-29 18:52 - 2013-07-19 11:01 - 00000000 ____D C:\Program Files\Trademanager
2013-10-29 18:52 - 2010-11-24 20:46 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Skype
2013-10-29 18:51 - 2013-08-26 15:40 - 00013464 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2013-10-29 18:51 - 2013-02-19 16:00 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-29 18:51 - 2012-12-31 19:56 - 00000000 ____D C:\Program Files\PS3 Media Server
2013-10-29 18:50 - 2013-10-29 18:04 - 00000112 _____ C:\Windows\setupact.log
2013-10-29 18:50 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-29 18:49 - 2013-10-29 18:30 - 00000000 ____D C:\AdwCleaner
2013-10-29 18:38 - 2013-10-29 18:38 - 00001652 _____ C:\Users\denosek\Desktop\ckfiles.txt
2013-10-29 18:37 - 2013-10-29 18:37 - 00468480 _____ () C:\Users\denosek\Desktop\CKScanner(1).exe
2013-10-29 18:34 - 2013-10-29 18:29 - 00001652 _____ C:\Users\denosek\Downloads\ckfiles.txt
2013-10-29 18:26 - 2013-02-19 16:00 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-29 18:25 - 2013-10-29 18:25 - 01060070 _____ C:\Users\denosek\Desktop\adwcleaner.exe
2013-10-29 18:24 - 2013-10-29 18:24 - 00468480 _____ () C:\Users\denosek\Downloads\CKScanner.exe
2013-10-29 18:15 - 2013-10-29 17:49 - 00000000 ____D C:\Qoobox
2013-10-29 18:14 - 2013-10-29 18:14 - 00018171 _____ C:\ComboFix.txt
2013-10-29 18:13 - 2013-02-19 01:45 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000UA.job
2013-10-29 18:06 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2013-10-29 18:04 - 2013-10-29 18:04 - 00000552 _____ C:\Windows\PFRO.log
2013-10-29 18:04 - 2013-10-29 18:04 - 00000000 _____ C:\Windows\setuperr.log
2013-10-29 18:03 - 2012-02-01 18:11 - 00000000 ____D C:\Windows\ERDNT
2013-10-29 17:46 - 2013-10-29 17:46 - 05137551 ____R (Swearware) C:\Users\denosek\Downloads\ComboFix.exe
2013-10-29 17:43 - 2013-10-29 17:41 - 00002550 _____ C:\Users\denosek\Desktop\Rkill.txt
2013-10-29 17:38 - 2013-10-29 17:38 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\denosek\Desktop\rkill.com
2013-10-29 17:28 - 2013-10-29 17:28 - 00037413 _____ C:\Users\denosek\Downloads\FRST.txt
2013-10-29 17:28 - 2013-10-29 17:25 - 00039724 _____ C:\Users\denosek\Downloads\Addition.txt
2013-10-29 16:43 - 2013-10-29 16:43 - 00112128 _____ (forum.viry.cz) C:\Users\denosek\Downloads\FRSTLauncher.exe
2013-10-29 16:41 - 2013-10-29 16:41 - 00000000 ____D C:\FRST
2013-10-29 16:39 - 2013-10-29 16:39 - 01089183 _____ (Farbar) C:\Users\denosek\Downloads\FRST.exe
2013-10-29 16:39 - 2013-10-29 16:39 - 00112107 _____ (forum.viry.cz) C:\Users\denosek\Downloads\VerzeOS.exe
2013-10-29 16:36 - 2010-10-19 09:44 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Winamp
2013-10-29 16:33 - 2013-10-29 16:33 - 01247056 _____ (Microsoft Corporation) C:\Users\denosek\Downloads\wlsetup-web(1).exe
2013-10-29 15:13 - 2013-02-19 01:45 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1176429872-680437442-246994520-1000Core.job
2013-10-29 09:39 - 2011-03-17 19:02 - 00000000 ____D C:\Users\denosek\Desktop\AF
2013-10-29 09:32 - 2013-04-05 17:53 - 00000546 _____ C:\Users\denosek\Desktop\Nový textový dokument (2).txt
2013-10-29 09:07 - 2010-10-19 09:32 - 00000000 ____D C:\Users\denosek\AppData\Roaming\vlc
2013-10-28 22:44 - 2013-10-28 22:44 - 00342154 _____ C:\Users\denosek\Downloads\♺ PlayDaddy Collection.torrent
2013-10-28 22:44 - 2010-10-18 22:12 - 00000000 ____D C:\Stahovani
2013-10-28 12:09 - 2013-10-28 12:09 - 00000000 ____D C:\Users\denosek\Documents\My WangWang
2013-10-28 11:33 - 2012-12-31 20:05 - 01224704 ___SH C:\Users\denosek\Downloads\Thumbs.db
2013-10-28 09:23 - 2010-10-18 21:43 - 00000000 ____D C:\Install
2013-10-28 01:12 - 2011-01-19 14:53 - 00000117 _____ C:\Users\denosek\Desktop\paypal.txt
2013-10-27 22:34 - 2013-10-27 22:34 - 00013917 _____ C:\Users\denosek\Downloads\PlayDaddy - A Chance Encounter.torrent
2013-10-25 10:44 - 2011-02-11 09:18 - 00000000 ____D C:\Users\denosek\AppData\Local\Windows Live
2013-10-25 10:28 - 2013-10-25 10:24 - 42133180 _____ C:\Users\denosek\Downloads\RTM-(Windows-7)CZ-Language-Pack-x86-+-navod-na-instalaci-cestiny.rar
2013-10-24 03:14 - 2010-10-18 21:44 - 00000000 ____D C:\Users\denosek\AppData\Roaming\Mozilla
2013-10-19 09:04 - 2013-09-12 19:45 - 00001978 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-19 09:04 - 2013-09-12 19:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 23:05 - 2011-01-26 08:00 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-15 23:05 - 2011-01-26 07:59 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-14 08:35 - 2010-11-02 16:03 - 00000000 ____D C:\Windows\Minidump
2013-10-10 02:26 - 2009-08-13 16:14 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-10 02:09 - 2009-08-13 16:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 02:08 - 2013-08-12 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-10-10 02:05 - 2009-08-13 16:50 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-09 15:07 - 2013-10-09 14:46 - 387189839 _____ C:\Users\denosek\Downloads\Feiteng-H9500+-CWM.zip
2013-10-09 14:03 - 2010-10-30 01:18 - 00000000 ____D C:\Users\denosek\AppData\Local\Google
2013-10-09 09:54 - 2012-06-12 10:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-09 09:54 - 2011-09-25 11:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 08:04 - 2012-12-31 17:55 - 00000000 ____D C:\Users\NeroMediaHomeUser.4
2013-10-09 08:03 - 2012-05-04 08:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-10-04 08:05 - 2013-08-26 15:50 - 00003728 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2013-10-04 08:03 - 2010-10-18 21:44 - 00000000 ____D C:\Users\denosek\AppData\Local\Mozilla
2013-10-04 08:02 - 2013-08-26 15:50 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-10-01 10:15 - 2009-08-13 16:07 - 00000000 ____D C:\ProgramData\Adobe
2013-10-01 00:37 - 2013-10-01 00:36 - 00000000 ____D C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\denosek\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-10-22 23:33

==================== End Of Log ============================

#15 Příspěvek od **vyosek** » 29 říj 2013 19:27

Spustil jste ten FRSTLauncher nebo jen FRST??

VIRY.CZ

Prosím o kontrolu logu... prevence

Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence

Re: Prosím o kontrolu logu... prevence