VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Mamka (administrator) on PC on 05-11-2013 18:56:01
Running from C:\Documents and Settings\Mamka\Dokumenty\Downloads
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\PAC7302\Monitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
() C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Vtune\TBPanel.exe
(EasyBits Software AS) C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032 2003-03-26] (HP)
HKLM\...\Run: [DeviceDiscovery] - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960 2002-12-02] (Hewlett-Packard)
HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\Pac7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [77824 2008-09-02] (Apple Computer, Inc.)
HKLM\...\Run: [Philips Device Listener] - C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-10-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20145368 2013-06-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [344064 2012-02-20] ()
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)
HKCU\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [2158592 2010-03-17] ()
HKCU\...\Run: [GameXN GO] - C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [347008 2013-08-24] (EasyBits Software AS)
HKCU\...\Run: [NBJ] - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1961984 2005-07-14] (Ahead Software AG)
HKCU\...\Run: [Tyqeja] - C:\Documents and Settings\Mamka\Data aplikací\Orkyo\tyqeja.exe [441856 2008-09-06] ()
HKU\Administrator\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [ 2010-03-17] ()
HKU\Blažci\...\Run: [Steam] - "C:\Program Files\Steam\Steam.exe" -silent
HKU\Taťka\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\Blažci\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... &ch_id=osd
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default
FF user.js: detected! => C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\user.js
FF DefaultSearchEngine: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://seznam.cz
FF Keyword.URL: hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Documents and Settings\Mamka\Data aplikací\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR RestoreOnStartup: "hxxp://seznam.cz/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Mamka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\Mamka\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\Mamka\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR HKLM\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Savings Sidekick\Chrome\Savings Sidekick.crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S4 InstallBrainService; C:\Documents and Settings\All Users\Data aplikací\InstallBrainService\ibsvc.exe [651264 2012-08-07] ()
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [355584 2013-07-26] (TuneUp Software GmbH)

==================== Drivers (Whitelisted) ====================

R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [82380 2008-09-02] (Oak Technology Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-14] ()
S3 Ca2001v; C:\Windows\System32\Drivers\Ca2001v.sys [2333568 2008-02-19] (Digital Camera)
S3 Cardex; C:\WINDOWS\system32\drivers\TBPANEL.SYS [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [4480 2002-06-08] (Elaborate Bytes)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [13300 2002-06-12] (Elaborate Bytes AG)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54016 2008-01-29] (NVIDIA Corporation)
R3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [128672 2013-02-25] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-01-29] (NVIDIA Corporation)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458112 2007-10-29] (PixArt Imaging Inc.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2008-09-02] (Padus, Inc.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2012-02-15] (Samsung Electronics)
R2 TBPanel; C:\Windows\System32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 catchme; \??\C:\DOCUME~1\Mamka\LOCALS~1\Temp\catchme.sys [x]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-05 18:55 - 2013-11-05 18:55 - 00000000 ____D C:\FRST
2013-11-05 18:46 - 2013-11-05 18:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-05 17:37 - 2013-11-05 17:39 - 00023105 _____ C:\Documents and Settings\Mamka\Plocha\KFXUg3IB
2013-10-31 15:56 - 2013-10-31 16:00 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha\Mireček
2013-10-30 11:20 - 2013-10-30 11:20 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\My Horse and Me 2
2013-10-30 11:17 - 2013-10-30 11:17 - 00000829 _____ C:\Documents and Settings\All Users\Plocha\My Horse and Me 2.lnk
2013-10-30 11:17 - 2013-10-30 11:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Atari
2013-10-30 11:03 - 2013-10-30 11:03 - 00000000 ____D C:\Program Files\Atari
2013-10-28 11:43 - 2013-10-28 11:43 - 00000000 _____ C:\Documents and Settings\Mamka\Plocha\Cvrčkovi_Písničky_-_[TvojeMP3.cz].mp4
2013-10-10 07:35 - 2013-10-10 07:35 - 00009493 _____ C:\WINDOWS\KB2862335.log
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-10 07:30 - 2013-10-10 07:30 - 00011513 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-10 07:30 - 2013-10-10 07:30 - 00009813 _____ C:\WINDOWS\KB2868038.log
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-10 07:29 - 2013-10-10 07:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-10 06:45 - 2013-10-10 07:35 - 00013347 _____ C:\WINDOWS\KB2847311.log
2013-10-10 06:45 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-10 06:45 - 2013-07-17 01:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2013-10-10 06:45 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2013-10-10 06:45 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-10 06:45 - 2013-07-03 02:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-10 06:44 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2013-10-08 17:46 - 2013-10-27 19:24 - 00230432 _____ C:\PA7302.DAT
2013-10-06 17:06 - 2013-10-06 17:22 - 00000000 ____D C:\Documents and Settings\Mamka\zvířátkový den v mt mš 2013
2013-10-06 17:03 - 2013-10-06 18:03 - 00000000 ____D C:\Documents and Settings\Mamka\podzimní vycházka nad Střelnici 2013
2013-10-06 16:58 - 2013-10-06 17:44 - 00000000 ____D C:\Documents and Settings\Mamka\vycházka nad Střelnici podzim 2013

==================== One Month Modified Files and Folders =======

2013-11-05 18:55 - 2013-11-05 18:55 - 00000000 ____D C:\FRST
2013-11-05 18:52 - 2013-08-17 02:25 - 00003072 _____ C:\WINDOWS\system32\nvAppTimestamps
2013-11-05 18:52 - 2008-08-31 14:09 - 00000000 ___HD C:\Documents and Settings\Mamka\Local Settings\Data aplikací
2013-11-05 18:51 - 2008-08-31 14:09 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha
2013-11-05 18:49 - 2013-08-24 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\GameXN
2013-11-05 18:47 - 2013-08-16 22:50 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job
2013-11-05 18:46 - 2013-11-05 18:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-05 18:46 - 2012-04-26 18:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-05 18:42 - 2009-05-04 15:39 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Skype
2013-11-05 18:36 - 2010-05-02 17:09 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-05 18:29 - 2013-09-27 22:53 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2013-11-05 18:29 - 2012-10-27 10:21 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-11-05 18:29 - 2011-05-29 08:44 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\go
2013-11-05 18:28 - 2013-07-26 19:27 - 00000488 _____ C:\WINDOWS\Tasks\1-Click Maintenance.job
2013-11-05 18:28 - 2012-10-03 12:13 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-05 18:28 - 2010-05-02 17:09 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-05 18:28 - 2008-08-31 14:03 - 01999980 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-05 18:27 - 2009-01-11 11:07 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-05 18:27 - 2009-01-11 11:07 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-11-05 18:26 - 2008-08-31 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-05 18:22 - 2008-08-31 14:09 - 00000178 ___SH C:\Documents and Settings\Mamka\ntuser.ini
2013-11-05 18:22 - 2008-08-31 14:08 - 00032554 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-05 18:18 - 2013-03-23 08:54 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-05 17:39 - 2013-11-05 17:37 - 00023105 _____ C:\Documents and Settings\Mamka\Plocha\KFXUg3IB
2013-11-04 21:39 - 2008-09-07 04:16 - 00000178 ___SH C:\Documents and Settings\Taťka\ntuser.ini
2013-11-04 18:06 - 2008-09-02 16:05 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Macromedia
2013-11-04 18:02 - 2008-08-31 14:09 - 00000000 __RHD C:\Documents and Settings\Mamka\Data aplikací
2013-11-01 12:17 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-31 16:00 - 2013-10-31 15:56 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha\Mireček
2013-10-30 11:20 - 2013-10-30 11:20 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\My Horse and Me 2
2013-10-30 11:17 - 2013-10-30 11:17 - 00000829 _____ C:\Documents and Settings\All Users\Plocha\My Horse and Me 2.lnk
2013-10-30 11:17 - 2013-10-30 11:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Atari
2013-10-30 11:17 - 2008-08-31 15:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-10-30 11:17 - 2008-08-31 15:57 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-10-30 11:03 - 2013-10-30 11:03 - 00000000 ____D C:\Program Files\Atari
2013-10-28 11:43 - 2013-10-28 11:43 - 00000000 _____ C:\Documents and Settings\Mamka\Plocha\Cvrčkovi_Písničky_-_[TvojeMP3.cz].mp4
2013-10-27 19:24 - 2013-10-08 17:46 - 00230432 _____ C:\PA7302.DAT
2013-10-27 06:55 - 2008-08-31 15:58 - 01182706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-20 18:38 - 2009-05-04 15:39 - 00000000 ___RD C:\Program Files\Skype
2013-10-20 18:38 - 2009-05-04 15:39 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-10-19 07:40 - 2010-08-28 18:44 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-10-17 18:57 - 2012-11-25 12:39 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-10-14 12:03 - 2013-01-19 15:32 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-10 14:56 - 2008-08-31 15:57 - 00192976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-10 07:35 - 2013-10-10 07:35 - 00009493 _____ C:\WINDOWS\KB2862335.log
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-10 07:35 - 2013-10-10 06:45 - 00013347 _____ C:\WINDOWS\KB2847311.log
2013-10-10 07:35 - 2013-08-16 21:22 - 00261872 _____ C:\WINDOWS\msmqinst.log
2013-10-10 07:35 - 2013-08-16 19:48 - 00059378 _____ C:\WINDOWS\updspapi.log
2013-10-10 07:35 - 2013-07-26 22:40 - 01044380 _____ C:\WINDOWS\iis6.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00873961 _____ C:\WINDOWS\FaxSetup.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00563353 _____ C:\WINDOWS\setupapi.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00445368 _____ C:\WINDOWS\ocgen.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00408127 _____ C:\WINDOWS\tsoc.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00295385 _____ C:\WINDOWS\comsetup.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00181789 _____ C:\WINDOWS\ntdtcsetup.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00153771 _____ C:\WINDOWS\netfxocm.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00061421 _____ C:\WINDOWS\MedCtrOC.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00055151 _____ C:\WINDOWS\ocmsn.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00043554 _____ C:\WINDOWS\msgsocm.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00043229 _____ C:\WINDOWS\tabletoc.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00001393 _____ C:\WINDOWS\imsins.log
2013-10-10 07:35 - 2013-07-26 22:40 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-10-10 07:33 - 2013-09-28 20:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 07:30 - 2013-10-10 07:30 - 00011513 _____ C:\WINDOWS\KB2879017-IE8.log
2013-10-10 07:30 - 2013-10-10 07:30 - 00009813 _____ C:\WINDOWS\KB2868038.log
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-10 07:30 - 2013-09-28 20:31 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-10 07:30 - 2013-09-27 22:14 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-10 07:29 - 2013-10-10 07:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-09 17:18 - 2013-03-23 08:54 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-10-09 17:18 - 2011-12-04 09:50 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-10-06 18:03 - 2013-10-06 17:03 - 00000000 ____D C:\Documents and Settings\Mamka\podzimní vycházka nad Střelnici 2013
2013-10-06 17:44 - 2013-10-06 16:58 - 00000000 ____D C:\Documents and Settings\Mamka\vycházka nad Střelnici podzim 2013
2013-10-06 17:36 - 2008-09-02 16:51 - 00002373 _____ C:\WINDOWS\wincmd.ini
2013-10-06 17:22 - 2013-10-06 17:06 - 00000000 ____D C:\Documents and Settings\Mamka\zvířátkový den v mt mš 2013
2013-10-06 17:06 - 2008-08-31 14:09 - 00000000 ____D C:\Documents and Settings\Mamka

Some content of TEMP:
====================
C:\Documents and Settings\Mamka\Local Settings\Temp\budha.exe
C:\Documents and Settings\Mamka\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 14:49] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

Zdravim

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Junkware removal scanoval pres pul hodiny a zastavil se na scanovani registru...Takze, pokud to neni chyba, zkusim jej jeste jednou, jinak davam log z awd cleaneru:

# AdwCleaner v3.011 - Report created 07/11/2013 at 19:25:59
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mamka - PC
# Running from : C:\Documents and Settings\Mamka\Dokumenty\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\InstallBrainService
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
Folder Deleted : C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Savings Sidekick
Folder Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\ICQToolbarData
[!] Folder Deleted : C:\Documents and Settings\Blažci\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Crossrider
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKLM\Software\ICQ\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "13914c6f399a87fdd90d41e22bc86f3a");
Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
Line Deleted : user_pref("icqtoolbar.engineVerified", false);
Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
Line Deleted : user_pref("icqtoolbar.geolastmodified", 1345278590);
Line Deleted : user_pref("icqtoolbar.history", "rozhovor%20se%20starostou%20o%20volb%C4%9B%20%C5%99editele%20%C5%A1koly%20v%20Horn%C3%ADm%20Bene%C5%A1ov%C4%9B.rozhovor%20se%20starostou%20pbce||.rozhovor%20se%20staro[...]
Line Deleted : user_pref("icqtoolbar.hpChange", true);
Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
Line Deleted : user_pref("icqtoolbar.installTime", "1343278772");
Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Line Deleted : user_pref("icqtoolbar.newtab_state", "1");
Line Deleted : user_pref("icqtoolbar.numberOfSearches", 1);
Line Deleted : user_pref("icqtoolbar.previousFFVersion", "14.0.1");
Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
Line Deleted : user_pref("icqtoolbar.suggestions", false);
Line Deleted : user_pref("icqtoolbar.uninstStatSent", true);
Line Deleted : user_pref("icqtoolbar.uniqueID", "128828277112882824851288425177075");
Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1345316549);
Line Deleted : user_pref("icqtoolbar.userHpApproved", true);
Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
Line Deleted : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
Line Deleted : user_pref("keyword.URL", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q=");

[ File : C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\jnclxjvg.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "13932cf222837763b8dfa3a5fdf3caf1");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1345177199);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.active", true);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&appAPI.webRequest&&appAPI.webRequest.onBeforeNavigate?_GPL_BG_NEW.preinit():\"undefined\"!=typeof _G[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1345177199");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1345177199");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Tue Dec 04 2012 15:45:19 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Thu Dec 06 2012 14:44:12 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22CZ%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1354630938");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1346469551336");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2268654%22");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1346469550752");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.domain", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.group", 0);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "38");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Tue Dec 04 2012 21:22:19 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id}else{return appAPI.appID}}};$jquery.extend[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(a){if(void 0===this||null===this)throw new TypeError;var b=Object[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rules:{},started:!1,log:function(d){console.log(d)},factor:1,preinit:function(){null!=appAPI.db.get(\"_[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.getS[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}appAPI.JSON={};(function(){function f(n){return n<10?\"0\"+n:n}if(typeof Date.protot[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=Math.floor(Math.random()*99999);var g=Math.floor(Math.random()*99999999999999)+\"Z\"+(new Date()).get[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&typeo[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b)}};appAPI.ready=function(c,b){a.when.apply(null[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com | jquery.org/license */\n(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaul[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var CrossRiderResourcesManager=(function(){var A={appId:(fu[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,1000014,28");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/5060/plugins/085/ff/plugins.json");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 16);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.ver", 38);
Line Deleted : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp5060.apps", "5060");
Line Deleted : user_pref("extensions.crossriderapp5060.bic", "13932cf222837763b8dfa3a5fdf3caf1");
Line Deleted : user_pref("extensions.crossriderapp5060.cid", 5060);
Line Deleted : user_pref("extensions.crossriderapp5060.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp5060.installationdate", 1345177199);
Line Deleted : user_pref("extensions.crossriderapp5060.lastcheck", 22577182);
Line Deleted : user_pref("extensions.crossriderapp5060.lastcheckitem", 22577200);
Line Deleted : user_pref("extensions.crossriderapp5060.modetype", "production");

[ File : C:\Documents and Settings\Blažci\Data aplikací\Mozilla\Firefox\Profiles\jb6va9l2.default\prefs.js ]

Line Deleted : user_pref("extensions.crossrider.bic", "13a933e842d3420aef97635e6209d763");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1351090079);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.active", true);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&appAPI.webRequest&&appAPI.webRequest.onBeforeNavigate?_GPL_BG_NEW.preinit():\"undefined\"!=typeof _G[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1351090079");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.domain", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.group", 0);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "44");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Tue Aug 06 2013 18:14:47 GMT+0200");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1224,baseCDN:\"savingsside-a.akamaihd.ne[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id}else{return appAPI.appID}}};$jquery.extend[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(a){if(void 0===this||null===this)throw new TypeError;var b=Object[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 9);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rules:{},started:!1,log:function(d){console.log(d)},factor:1,preinit:function(){null!=appAPI.db.get(\"_[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection()}else{if(document.getS[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator![...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=Math.floor(Math.random()*99999);var g=Math.floor(Math.random()*99999999999999)+\"Z\"+(new Date()).get[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&typeo[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b)}};appAPI.ready=function(c,b){a.when.apply(null[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com | jquery.org/license */\n(function(a,b){function cy(a){return f.isWindow(a)?a:a.nodeType===9?a.defaul[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var CrossRiderResourcesManager=(function(){var A={appId:(fu[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};var b=function(j){return(![...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.name", "appApiMessage");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_64.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var j={};var e=appAPI.appInfo.name;var k=function(q,p,r){var o=\"[\"[...]
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.name", "appApiValidation");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_72.ver", 1);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,64,72,47,1000015");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,64,72,4,1,21,22,1000014,28");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/5060/plugins/083/ff/plugins.json");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 20);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp5060.5060.ver", 44);
Line Deleted : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Line Deleted : user_pref("extensions.crossriderapp5060.apps", "5060");
Line Deleted : user_pref("extensions.crossriderapp5060.bic", "13a933e842d3420aef97635e6209d763");
Line Deleted : user_pref("extensions.crossriderapp5060.cid", 5060);
Line Deleted : user_pref("extensions.crossriderapp5060.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp5060.installationdate", 1351090079);
Line Deleted : user_pref("extensions.crossriderapp5060.lastcheck", 22929746);
Line Deleted : user_pref("extensions.crossriderapp5060.lastcheckitem", 22929746);
Line Deleted : user_pref("extensions.crossriderapp5060.modetype", "production");
Line Deleted : user_pref("extensions.crossriderapp5060.updating", true);
Line Deleted : user_pref("extensions.enabledAddons", "crossriderapp5060%40crossrider.com:0.83.14,wrc%40avast.com:8.0.1483,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0");

-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Blažci\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [33455 octets] - [07/11/2013 19:25:05]
AdwCleaner[S0].txt - [33851 octets] - [07/11/2013 19:25:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33912 octets] ##########

Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=30&t=133101

Dnes se v pri spusteni pocitace objevila hlaska Avast nasel virus "WIN32:installbrain-G". Zasilam log frst log i audition.zip:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-10-2013
Ran by Mamka (administrator) on PC on 09-11-2013 17:32:46
Running from C:\Documents and Settings\Mamka\Plocha
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(PixArt Imaging Incorporation) C:\WINDOWS\PixArt\PAC7302\Monitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastUI.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
() C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\Vtune\TBPanel.exe
(EasyBits Software AS) C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(C. Ghisler & Co.) C:\Program Files\totalcmd\TOTALCMD.EXE
(forum.viry.cz) C:\Documents and Settings\Mamka\Plocha\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe [172032 2003-03-26] (HP)
HKLM\...\Run: [DeviceDiscovery] - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [40960 2002-12-02] (Hewlett-Packard)
HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\Pac7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [77824 2008-09-02] (Apple Computer, Inc.)
HKLM\...\Run: [Philips Device Listener] - C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-10-29] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [20145368 2013-06-24] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2586912 2013-06-21] ()
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] - C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [344064 2012-02-20] ()
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [2158592 2010-03-17] ()
HKCU\...\Run: [GameXN GO] - C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [347008 2013-08-24] (EasyBits Software AS)
HKCU\...\Run: [NBJ] - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1961984 2005-07-14] (Ahead Software AG)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-07] (Google Inc.)
HKU\Administrator\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [ 2010-03-17] ()
HKU\Blažci\...\Run: [Steam] - "C:\Program Files\Steam\Steam.exe" -silent
HKU\Taťka\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\Blažci\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - &Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU - &Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default
FF Homepage: hxxp://seznam.cz
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Documents and Settings\Mamka\Data aplikací\Kalydo\KalydoPlayer\bin2\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.seznam.cz/", "https://www.google.cz/webhp?sourceid=ch ... 0&ie=UTF-8"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Mamka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
CHR Plugin: (QuickTime Plug-in 6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft\u00AE DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Skype Click to Call) - C:\DOCUME~1\Mamka\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0
CHR Extension: (Google Wallet) - C:\DOCUME~1\Mamka\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [355584 2013-07-26] (TuneUp Software GmbH)

==================== Drivers (Whitelisted) ====================

R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [82380 2008-09-02] (Oak Technology Inc.)
S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R1 AmdK8; C:\Windows\System32\DRIVERS\AmdK8.sys [43008 2006-07-01] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21576 2013-03-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-14] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-14] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-08-14] ()
S3 Ca2001v; C:\Windows\System32\Drivers\Ca2001v.sys [2333568 2008-02-19] (Digital Camera)
S3 Cardex; C:\WINDOWS\system32\drivers\TBPANEL.SYS [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [4480 2002-06-08] (Elaborate Bytes)
R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [13300 2002-06-12] (Elaborate Bytes AG)
S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54016 2008-01-29] (NVIDIA Corporation)
R3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [128672 2013-02-25] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2008-01-29] (NVIDIA Corporation)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458112 2007-10-29] (PixArt Imaging Inc.)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [9856 2008-09-02] (Padus, Inc.)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [5120 2012-02-15] (Samsung Electronics)
R2 TBPanel; C:\Windows\System32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S3 catchme; \??\C:\DOCUME~1\Mamka\LOCALS~1\Temp\catchme.sys [x]
S3 EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-09 17:29 - 2013-11-09 17:29 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Mamka\Plocha\FRSTLauncher.exe
2013-11-07 20:13 - 2013-11-07 20:13 - 00000730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-07 20:13 - 2013-11-07 20:13 - 00000724 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2013-11-07 20:13 - 2013-11-07 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-07 20:08 - 2013-11-07 20:08 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2013-11-07 20:08 - 2013-11-07 20:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2013-11-07 20:07 - 2013-11-07 20:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-11-07 19:25 - 2013-11-07 19:26 - 00000000 ____D C:\AdwCleaner
2013-11-07 18:48 - 2013-11-07 18:48 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\XulTest
2013-11-07 18:48 - 2013-11-07 18:48 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\XulTest
2013-11-07 18:19 - 2013-11-07 18:19 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-05 18:55 - 2013-11-05 18:55 - 00000000 ____D C:\FRST
2013-11-05 18:54 - 2013-11-05 18:54 - 01089445 _____ (Farbar) C:\Documents and Settings\Mamka\Plocha\FRST.exe
2013-11-05 18:46 - 2013-11-07 20:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-05 17:37 - 2013-11-05 17:39 - 00023105 _____ C:\Documents and Settings\Mamka\Plocha\KFXUg3IB
2013-10-31 15:56 - 2013-10-31 16:00 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha\Mireček
2013-10-30 11:20 - 2013-10-30 11:20 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\My Horse and Me 2
2013-10-30 11:17 - 2013-10-30 11:17 - 00000829 _____ C:\Documents and Settings\All Users\Plocha\My Horse and Me 2.lnk
2013-10-30 11:17 - 2013-10-30 11:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Atari
2013-10-30 11:03 - 2013-10-30 11:03 - 00000000 ____D C:\Program Files\Atari
2013-10-28 11:43 - 2013-10-28 11:43 - 00000000 _____ C:\Documents and Settings\Mamka\Plocha\Cvrčkovi_Písničky_-_[TvojeMP3.cz].mp4
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-10 07:29 - 2013-10-10 07:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$
2013-10-10 06:45 - 2013-07-17 01:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2013-10-10 06:45 - 2013-07-17 01:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2013-10-10 06:45 - 2013-07-17 01:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2013-10-10 06:45 - 2013-07-03 03:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2013-10-10 06:45 - 2013-07-03 02:59 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2013-10-10 06:44 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2013-10-10 06:44 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys

==================== One Month Modified Files and Folders =======

2013-11-09 17:32 - 2008-08-31 14:09 - 00000000 ___HD C:\Documents and Settings\Mamka\Local Settings\Data aplikací
2013-11-09 17:32 - 2008-08-31 14:09 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha
2013-11-09 17:31 - 2008-09-02 16:51 - 00002373 _____ C:\WINDOWS\wincmd.ini
2013-11-09 17:29 - 2013-11-09 17:29 - 00112128 _____ (forum.viry.cz) C:\Documents and Settings\Mamka\Plocha\FRSTLauncher.exe
2013-11-09 17:28 - 2013-08-16 22:50 - 00000466 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job
2013-11-09 17:26 - 2013-08-24 16:49 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\GameXN
2013-11-09 17:26 - 2013-08-17 02:25 - 00003240 _____ C:\WINDOWS\system32\nvAppTimestamps
2013-11-09 17:26 - 2012-10-03 12:13 - 00000366 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2013-11-09 17:26 - 2009-05-04 15:39 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Skype
2013-11-09 17:26 - 2008-08-31 14:03 - 02081868 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-09 17:25 - 2011-05-29 08:44 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\go
2013-11-09 17:25 - 2009-01-11 11:07 - 00000157 _____ C:\WINDOWS\wiadebug.log
2013-11-09 17:25 - 2009-01-11 11:07 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-11-09 17:24 - 2013-09-27 22:53 - 00000260 _____ C:\WINDOWS\Tasks\WGASetup.job
2013-11-09 17:24 - 2013-07-26 19:27 - 00000488 _____ C:\WINDOWS\Tasks\1-Click Maintenance.job
2013-11-09 17:24 - 2012-10-27 10:21 - 00054156 ____H C:\WINDOWS\QTFont.qfn
2013-11-09 17:24 - 2010-05-02 17:09 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-09 17:24 - 2008-08-31 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-09 16:53 - 2008-08-31 14:09 - 00000178 ___SH C:\Documents and Settings\Mamka\ntuser.ini
2013-11-09 16:53 - 2008-08-31 14:08 - 00032636 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-09 16:36 - 2010-05-02 17:09 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-09 16:18 - 2013-03-23 08:54 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-09 12:28 - 2012-05-02 07:00 - 00001984 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-11-09 08:28 - 2013-10-08 17:46 - 00921632 _____ C:\PA7302.DAT
2013-11-09 07:54 - 2008-09-06 05:45 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Orkyo
2013-11-09 07:54 - 2008-08-31 14:09 - 00000000 ____D C:\Documents and Settings\Mamka
2013-11-09 05:18 - 2008-09-07 04:16 - 00000178 ___SH C:\Documents and Settings\Taťka\ntuser.ini
2013-11-08 19:08 - 2012-11-25 12:39 - 00002283 _____ C:\Documents and Settings\All Users\Plocha\Skype.lnk
2013-11-07 20:13 - 2013-11-07 20:13 - 00000730 _____ C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk
2013-11-07 20:13 - 2013-11-07 20:13 - 00000724 _____ C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
2013-11-07 20:13 - 2013-11-07 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-07 20:13 - 2008-08-31 15:57 - 00000000 ___RD C:\Documents and Settings\All Users\Nabídka Start\Programy
2013-11-07 20:13 - 2008-08-31 15:57 - 00000000 ____D C:\Documents and Settings\All Users\Plocha
2013-11-07 20:12 - 2013-11-05 18:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-07 20:09 - 2011-07-26 07:22 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-07 20:09 - 2008-09-02 16:56 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Winamp
2013-11-07 20:08 - 2013-11-07 20:08 - 00000682 _____ C:\Documents and Settings\All Users\Plocha\CCleaner.lnk
2013-11-07 20:08 - 2013-11-07 20:08 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\CCleaner
2013-11-07 20:07 - 2013-11-07 20:07 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Google
2013-11-07 20:07 - 2010-05-02 17:09 - 00000000 ____D C:\Program Files\Google
2013-11-07 20:07 - 2008-12-20 13:35 - 00000000 ____D C:\Program Files\CCleaner
2013-11-07 20:07 - 2008-08-31 15:57 - 00000000 __RHD C:\Documents and Settings\All Users\Data aplikací
2013-11-07 19:26 - 2013-11-07 19:25 - 00000000 ____D C:\AdwCleaner
2013-11-07 19:26 - 2009-07-15 15:21 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\ICQ
2013-11-07 18:48 - 2013-11-07 18:48 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\XulTest
2013-11-07 18:48 - 2013-11-07 18:48 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\XulTest
2013-11-07 18:48 - 2008-08-31 14:09 - 00000000 __RHD C:\Documents and Settings\Mamka\Data aplikací
2013-11-07 18:47 - 2009-05-04 15:39 - 00000000 ___RD C:\Program Files\Skype
2013-11-07 18:47 - 2009-05-04 15:39 - 00000000 ____D C:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-07 18:19 - 2013-11-07 18:19 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-05 18:55 - 2013-11-05 18:55 - 00000000 ____D C:\FRST
2013-11-05 18:54 - 2013-11-05 18:54 - 01089445 _____ (Farbar) C:\Documents and Settings\Mamka\Plocha\FRST.exe
2013-11-05 17:39 - 2013-11-05 17:37 - 00023105 _____ C:\Documents and Settings\Mamka\Plocha\KFXUg3IB
2013-11-04 18:06 - 2008-09-02 16:05 - 00000000 ____D C:\Documents and Settings\Mamka\Data aplikací\Macromedia
2013-11-01 12:17 - 2001-10-25 15:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-10-31 16:00 - 2013-10-31 15:56 - 00000000 ____D C:\Documents and Settings\Mamka\Plocha\Mireček
2013-10-30 11:20 - 2013-10-30 11:20 - 00000000 ____D C:\Documents and Settings\Mamka\Local Settings\Data aplikací\My Horse and Me 2
2013-10-30 11:17 - 2013-10-30 11:17 - 00000829 _____ C:\Documents and Settings\All Users\Plocha\My Horse and Me 2.lnk
2013-10-30 11:17 - 2013-10-30 11:17 - 00000000 ____D C:\Documents and Settings\All Users\Nabídka Start\Programy\Atari
2013-10-30 11:03 - 2013-10-30 11:03 - 00000000 ____D C:\Program Files\Atari
2013-10-28 11:43 - 2013-10-28 11:43 - 00000000 _____ C:\Documents and Settings\Mamka\Plocha\Cvrčkovi_Písničky_-_[TvojeMP3.cz].mp4
2013-10-27 06:55 - 2008-08-31 15:58 - 01182706 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-19 07:40 - 2010-08-28 18:44 - 00001813 _____ C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
2013-10-14 12:03 - 2013-01-19 15:32 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-10-10 14:56 - 2008-08-31 15:57 - 00192976 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862335$
2013-10-10 07:35 - 2013-10-10 07:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2847311$
2013-10-10 07:33 - 2013-09-28 20:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2883150$
2013-10-10 07:30 - 2013-10-10 07:30 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868038$
2013-10-10 07:30 - 2013-09-28 20:31 - 78106760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-10 07:30 - 2013-09-27 22:14 - 00000000 ____D C:\WINDOWS\ie8updates
2013-10-10 07:29 - 2013-10-10 07:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862330$

Some content of TEMP:
====================
C:\Documents and Settings\Mamka\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Mamka\Local Settings\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 14:49] - [2008-04-14 07:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 14:49] - [2008-04-14 07:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 14:44] - [2008-04-14 06:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1





===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:74.52 GB) (Free:5.06 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Nová) (CDROM) (Total:0.14 GB) (Free:0 GB) CDFS

Available physical RAM: 2467.7 MB
Total physical RAM: 3295.17 MB
Percentage of memory in use: 25%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 75 GB) (Disk ID: 6D7B5BA2)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\WINDOWS\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job => C:\Program Files\Microsoft IntelliType Pro\itype.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 28_09_2013 (06)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Mamka\Plocha" je 4792 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"
"C:\\Program Files\\ICQ7.2\\ICQ.exe"="C:\\Program Files\\ICQ7.2\\ICQ.exe:*:Enabled:ICQ7.2"
"C:\\Program Files\\ICQ7.2\\aolload.exe"="C:\\Program Files\\ICQ7.2\\aolload.exe:*:Enabled:aolload.exe"
"C:\\Program Files\\Miranda IM\\miranda32.exe"="C:\\Program Files\\Miranda IM\\miranda32.exe:*:Disabled:Miranda IM"
"C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"="C:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe:*:Disabled:Google Earth"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Documents and Settings\\Mamka\\Data aplikac\\Dropbox\\bin\\Dropbox.exe"="C:\\Documents and Settings\\Mamka\\Data aplikac\\Dropbox\\bin\\Dropbox.exe:*:Enabled:Dropbox"
"C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"="C:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"="C:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"C:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"="C:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe:*:Enabled:EPM Order Supplies"
"C:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"="C:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe:*:Enabled:EPM Alert"
"C:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"="C:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe:*:Enabled:CDA Scan2PC"
"C:\\DOCUME~1\\Mamka\\LOCALS~1\\Temp\\DIDB0A0\\/wellington-150x150.exe"="C:\\DOCUME~1\\Mamka\\LOCALS~1\\Temp\\DIDB0A0\\/wellington-150x150.exe:*:Enabled:Microsoft Office"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP"="1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007"
"2869:TCP"="2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008"
"139:TCP"="139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004"
"445:TCP"="445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005"
"137:UDP"="137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001"
"138:UDP"="138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002"
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
"5368:UDP"="5368:UDP:*:Enabled:UDP 5368"
"5799:TCP"="5799:TCP:*:Enabled:TCP 5799"


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Pustte tam znovu JunkwareRemovalTool a AdwCleaner, logy pak sem

jrt log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Mamka on ne 10.11.2013 at 10:36:52,81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}



~~~ Files



~~~ Folders



~~~ FireFox






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 10.11.2013 at 10:41:14,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

adwcleaner log...diky za pomoc!

# AdwCleaner v3.011 - Report created 10/11/2013 at 10:43:58
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mamka - PC
# Running from : C:\Documents and Settings\Mamka\Dokumenty\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\prefs.js ]


[ File : C:\Documents and Settings\Taťka\Data aplikací\Mozilla\Firefox\Profiles\jnclxjvg.default\prefs.js ]


[ File : C:\Documents and Settings\Blažci\Data aplikací\Mozilla\Firefox\Profiles\jb6va9l2.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Documents and Settings\Mamka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Taťka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\Blažci\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [33455 octets] - [07/11/2013 19:25:05]
AdwCleaner[R1].txt - [1629 octets] - [10/11/2013 10:42:28]
AdwCleaner[S0].txt - [33993 octets] - [07/11/2013 19:25:59]
AdwCleaner[S1].txt - [1552 octets] - [10/11/2013 10:43:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1612 octets] ##########

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [77824 2008-09-02] (Apple Computer, Inc.)
  HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
  HKCU\...\Run: [GameXN GO] - C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [347008 2013-08-24] (EasyBits Software AS)
  HKCU\...\Run: [NBJ] - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1961984 2005-07-14] (Ahead Software AG)
  HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-07] (Google Inc.)
  HKU\Administrator\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [ 2010-03-17] ()
  HKU\Blažci\...\Run: [Steam] - "C:\Program Files\Steam\Steam.exe" -silent
  HKU\Taťka\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
  Startup: C:\Documents and Settings\Blažci\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  SearchScopes: HKLM - DefaultScope value is missing.
  
  FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
  FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-12.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-13.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-14.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-15.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-16.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-17.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-18.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-19.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-20.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-21.xml
  FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\searchplugins-backup
  
  CHR RestoreOnStartup: "hxxp://www.seznam.cz/", "https://www.google.cz/webhp?sourceid=chrome-instant&rlz=1C1GGGE_enCZ420CZ432&espv=210&ie=UTF-8"
  CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
  CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
  CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Mamka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
  CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
  CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
  CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
  
  DisableService: Skype C2C Service
  
  Task: C:\WINDOWS\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
  Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => C:\Program Files\Microsoft IntelliPoint\ipoint.exe
  Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job => C:\Program Files\Microsoft IntelliType Pro\itype.exe
  Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job => C:\WINDOWS\system32\msfeedssync.exe
  Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe
  
  Hosts:
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-10-2013
Ran by Mamka at 2013-11-10 19:00:29 Run:1
Running from C:\Documents and Settings\Mamka\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [77824 2008-09-02] (Apple Computer, Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKCU\...\Run: [GameXN GO] - C:\Documents and Settings\All Users\Data aplikací\GameXN\GameXNGO.exe [347008 2013-08-24] (EasyBits Software AS)
HKCU\...\Run: [NBJ] - C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [1961984 2005-07-14] (Ahead Software AG)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-11-07] (Google Inc.)
HKU\Administrator\...\Run: [TBPanel] - C:\Program Files\Vtune\TBPANEL.exe [ 2010-03-17] ()
HKU\Blažci\...\Run: [Steam] - "C:\Program Files\Steam\Steam.exe" -silent
HKU\Taťka\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Startup: C:\Documents and Settings\Blažci\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.

FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-12.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-13.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-14.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-15.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-16.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-17.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-18.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-19.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-20.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-21.xml
FF SearchPlugin: C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\searchplugins-backup

CHR RestoreOnStartup: "hxxp://www.seznam.cz/", "https://www.google.cz/webhp?sourceid=ch ... 0&ie=UTF-8"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Documents and Settings\Mamka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

DisableService: Skype C2C Service

Task: C:\WINDOWS\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job => C:\Program Files\Microsoft IntelliType Pro\itype.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\WGASetup.job => C:\WINDOWS\system32\KB905474\wgasetup.exe

Hosts:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Nvtmru => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GameXN GO => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\NBJ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKU\Administrator\Software\Microsoft\Windows\CurrentVersion\Run\\TBPanel => Value deleted successfully.
HKU\Blažci\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => Value deleted successfully.
HKU\Taťka\Software\Microsoft\Windows\CurrentVersion\Run\\MSMSGS => Value deleted successfully.
C:\Documents and Settings\Blažci\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 => Key deleted successfully.
C:\Program Files\Yahoo!\Common\npyaxmpb.dll => Moved successfully.
HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer => Key deleted successfully.
C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-12.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-13.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-14.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-15.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-16.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-17.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-18.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-19.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-20.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\icqplugin-21.xml => Moved successfully.
C:\Documents and Settings\Mamka\Data aplikací\Mozilla\Firefox\Profiles\5ururo94.default\searchplugins\searchplugins-backup => Moved successfully.
CHR RestoreOnStartup: "hxxp://www.seznam.cz/", "https://www.google.cz/webhp?sourceid=ch ... 0&ie=UTF-8" ==> The Chrome "Settings" can be used to fix the entry.
C:\Program Files\Google\Chrome\Application\30.0.1599.101\gcswf32.dll not found.
C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Documents and Settings\Mamka\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll not found.
C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll not found.
C:\Program Files\Yahoo!\Common\npyaxmpb.dll not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Key deleted successfully.
C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => Moved successfully.
Skype C2C Service service was disabled
C:\WINDOWS\Tasks\1-Click Maintenance.job => Moved successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\avast! Emergency Update.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IType_exe.job => Moved successfully.
C:\WINDOWS\Tasks\User_Feed_Synchronization-{5504A7ED-7D20-4441-A048-B2B16D32608B}.job => Moved successfully.
C:\WINDOWS\Tasks\WGASetup.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

==== End of Fixlog ====

Jak se chova PC

Vypada to, ze je vse ok...Diky moc!

Tak jeste uklidime

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse