Logfile of random's system information tool 1.10 (written by random/random)
Run by uzivatel at 2014-07-06 20:56:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 3 GB (1%) free of 477 GB
Total RAM: 2810 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:09, on 6.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe
C:\Program Files\SVDownloader\svdownloader.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\F\Tiskárna\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\F\Tiskárna\Digital Imaging\bin\hpqSTE08.exe
C:\F\Tiskárna\Digital Imaging\bin\hpqbam08.exe
C:\F\Tiskárna\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\F\SMPlayer\smplayer.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\F\totalcmd\TOTALCMD.EXE
C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\chrome.exe
C:\F\Debordelizace\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webtv.starnet.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\F\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AP Suggestor - {D0984FD4-FA9A-46ee-9072-70B0735FF852} - C:\Program Files\AP Suggestor\APSuggestor.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\F\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe
O4 - HKLM\..\Run: [PDF6 Registry Controller] C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [hpqSRMon] C:\F\Tiskárna\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\RunOnce: [NCPluginUpdater] "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [SVDownloader] "C:\Program Files\SVDownloader\svdownloader.exe" /bg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: GBPVRTray.exe.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\F\AMVConverter\grab.html
O8 - Extra context menu item: Append the content of the link to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Append the content of the selected links to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
O8 - Extra context menu item: Append to existing PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
O8 - Extra context menu item: Create PDF file - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF file from the content of the link - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
O8 - Extra context menu item: Create PDF files from the selected links - res://C:\Program Files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Open with Nuance PDF Converter 6.0 - res://C:\Program Files\Nuance\PDF Professional 6\cnvres_eng.dll /100
O8 - Extra context menu item: Open with PDF Professional 6 - res://C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O9 - Extra button: AP Suggestor - {02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - C:\Program Files\AP Suggestor\APSuggestor.dll
O9 - Extra 'Tools' menuitem: AP Suggestor options - {02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - C:\Program Files\AP Suggestor\APSuggestor.dll
O9 - Extra button: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\F\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: BackupService - ArcSoft, Inc. - C:\Users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: GB-PVR Recording Service - WelltonWay - C:\F\video\GBPVRRecordingService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PDFProFiltSrv - Nuance Communications, Inc. - C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
--
End of file - 17282 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job - C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job - C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job - C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job - C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForuzivatel.job - C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuzivatel (null)
C:\Windows\tasks\Norton Security Scan for uzivatel.job - C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\F\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll [2009-02-06 249856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0984FD4-FA9A-46ee-9072-70B0735FF852}]
AP Suggestor - C:\Program Files\AP Suggestor\APSuggestor.dll [2011-11-10 167216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\F\Tiskárna\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-10-21 1219152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2010-03-06 563736]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 1713448]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-04-08 102400]
"PDFHook"=C:\Program Files\Nuance\PDF Professional 6\pdfpro6hook.exe [2009-11-13 1277952]
"PDF6 Registry Controller"=C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe [2009-11-03 110880]
"Nuance PDF Reader-reminder"=C:\Program Files\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2012-07-14 738984]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-08-29 73392]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-02-19 1151152]
"hpqSRMon"=C:\F\Tiskárna\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2014-06-24 750160]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2013-06-01 495708]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [2013-06-21 6510592]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-06-24 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2010-02-22 2363392]
""= []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-11-14 20584608]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 116648]
"Facebook Update"=C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 138096]
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2012-08-03 1086376]
"SVDownloader"=C:\Program Files\SVDownloader\svdownloader.exe [2011-11-11 1391616]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\F\Tiskárna\Digital Imaging\bin\hpqtra08.exe
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
GBPVRTray.exe.lnk - C:\Users\uzivatel\AppData\Roaming\Microsoft\Installer\{6E227784-B49B-4B07-B3C1-FA2A13AFEC85}\Icon3C8F050B1.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-07-06 20:56:23 ----D---- C:\rsit
2014-07-01 19:06:33 ----D---- C:\Users\uzivatel\AppData\Roaming\SVDownloader
2014-07-01 19:04:39 ----D---- C:\Program Files\AP Suggestor
2014-07-01 19:04:38 ----D---- C:\ProgramData\APSuggestor
2014-07-01 19:04:33 ----D---- C:\Program Files\SVDownloader
2014-07-01 18:50:01 ----D---- C:\Program Files\Common Files\Symantec Shared
2014-07-01 18:41:59 ----D---- C:\Windows\system32\drivers\NSS
2014-07-01 18:41:58 ----D---- C:\Program Files\Norton Security Scan
2014-07-01 18:41:49 ----D---- C:\Users\uzivatel\AppData\Roaming\Opera Software
2014-07-01 18:41:49 ----D---- C:\Users\uzivatel\AppData\Roaming\Opera
2014-07-01 18:41:40 ----D---- C:\Users\uzivatel\AppData\Roaming\Yandex
2014-07-01 18:41:34 ----D---- C:\Program Files\NortonInstaller
2014-07-01 18:41:32 ----D---- C:\ProgramData\NortonInstaller
2014-07-01 18:40:25 ----D---- C:\Users\uzivatel\AppData\Roaming\ImperiaOnline
2014-06-10 22:22:50 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 22:22:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-10 22:22:49 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-10 22:22:49 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-10 22:22:48 ----A---- C:\Windows\system32\urlmon.dll
2014-06-10 22:22:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-10 22:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-10 22:22:48 ----A---- C:\Windows\system32\iernonce.dll
2014-06-10 22:22:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-10 22:22:47 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-10 22:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-06-10 22:22:46 ----A---- C:\Windows\system32\iesetup.dll
2014-06-10 22:22:46 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-10 22:22:45 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-10 22:22:45 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-10 22:22:44 ----A---- C:\Windows\system32\wininet.dll
2014-06-10 22:22:43 ----A---- C:\Windows\system32\ieui.dll
2014-06-10 22:22:43 ----A---- C:\Windows\system32\ieframe.dll
2014-06-10 22:22:43 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-10 22:22:42 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-10 22:22:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-10 22:22:41 ----A---- C:\Windows\system32\iertutil.dll
2014-06-10 22:22:39 ----A---- C:\Windows\system32\mshtml.dll
2014-06-10 22:22:39 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-10 22:22:37 ----A---- C:\Windows\system32\vbscript.dll
2014-06-10 22:22:37 ----A---- C:\Windows\system32\jscript9.dll
2014-06-10 22:22:18 ----A---- C:\Windows\system32\msxml6.dll
2014-06-10 22:22:17 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-10 22:22:17 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-10 22:22:17 ----A---- C:\Windows\system32\msxml3.dll
2014-06-10 22:22:15 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-10 22:22:14 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 22:22:11 ----A---- C:\Windows\system32\aepdu.dll
2014-06-10 22:22:11 ----A---- C:\Windows\system32\aeinv.dll
2014-06-10 22:22:09 ----A---- C:\Windows\system32\usp10.dll
======List of files/folders modified in the last 1 month======
2014-07-06 20:56:50 ----D---- C:\Windows\Temp
2014-07-06 20:56:48 ----D---- C:\Program Files\trend micro
2014-07-06 20:09:37 ----D---- C:\Videa
2014-07-06 18:58:55 ----D---- C:\Users\uzivatel\AppData\Roaming\XnView
2014-07-06 14:48:14 ----D---- C:\Windows\System32
2014-07-06 14:48:14 ----D---- C:\Windows\inf
2014-07-06 14:48:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-06 11:26:47 ----D---- C:\Windows\system32\config
2014-07-06 11:04:55 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2014-07-05 23:17:40 ----SHD---- C:\Windows\Installer
2014-07-05 20:58:16 ----SHD---- C:\System Volume Information
2014-07-05 04:44:00 ----D---- C:\Windows\system32\Tasks
2014-07-05 04:43:59 ----D---- C:\Windows\Tasks
2014-07-05 04:43:22 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-04 17:56:59 ----RD---- C:\Desktop
2014-07-02 14:07:13 ----HD---- C:\ProgramData
2014-07-02 00:57:38 ----D---- C:\ProgramData\PDFC
2014-07-02 00:01:22 ----HD---- C:\Config.Msi
2014-07-02 00:00:33 ----RD---- C:\Program Files
2014-07-01 23:56:23 ----D---- C:\Windows
2014-07-01 23:20:10 ----D---- C:\Peníze
2014-07-01 23:15:07 ----D---- C:\Ledacosi
2014-07-01 19:05:18 ----D---- C:\Windows\winsxs
2014-07-01 19:03:38 ----D---- C:\F
2014-07-01 18:50:01 ----D---- C:\Program Files\Common Files
2014-07-01 18:41:59 ----D---- C:\Windows\system32\drivers
2014-07-01 18:41:58 ----D---- C:\ProgramData\Norton
2014-06-30 16:02:50 ----D---- C:\Windows\Minidump
2014-06-30 16:02:50 ----D---- C:\Windows\debug
2014-06-30 10:25:21 ----D---- C:\Windows\Prefetch
2014-06-24 13:15:51 ----D---- C:\Windows\system32\catroot
2014-06-20 13:34:37 ----D---- C:\Users\uzivatel\AppData\Roaming\ICQ
2014-06-18 22:58:00 ----D---- C:\servis
2014-06-18 16:39:04 ----D---- C:\Windows\system32\catroot2
2014-06-15 18:25:52 ----D---- C:\šachy
2014-06-14 18:08:35 ----D---- C:\o.s
2014-06-11 16:20:19 ----D---- C:\Windows\system32\en-US
2014-06-11 16:20:15 ----D---- C:\Program Files\Internet Explorer
2014-06-11 16:20:10 ----SD---- C:\Windows\system32\CompatTel
2014-06-11 16:20:06 ----D---- C:\Windows\system32\DriverStore
2014-06-11 00:31:09 ----D---- C:\ProgramData\Microsoft Help
2014-06-11 00:29:13 ----D---- C:\Windows\system32\MRT
2014-06-11 00:22:29 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 14392]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-06-03 136216]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-10-07 37352]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-07-01 377648]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-03-20 28520]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2011-05-07 455256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-06-24 97648]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-07-14 27056]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-06-21 35088]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-11-02 1163328]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-04-08 5429760]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-04-08 157184]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2013-06-21 18536]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2013-06-21 4269160]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-07 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 21560]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-01-13 257568]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\Windows\system32\DRIVERS\rtsuvc.sys [2013-06-01 78848]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2013-06-01 431616]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2012-01-09 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2012-01-09 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-27 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2012-01-09 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2012-01-09 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2013-06-01 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-11-02 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-04-08 172032]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2014-06-24 430160]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
R2 BackupService;BackupService; C:\Users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]
R2 GB-PVR Recording Service;GB-PVR Recording Service; C:\F\video\GBPVRRecordingService.exe [2007-11-11 159744]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-07-14 497320]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2010-02-22 73728]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
R2 PDFProFiltSrv;PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-03 134944]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2013-06-01 254034]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-08-29 2445880]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE [2013-06-21 40960]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-08-01 724888]
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-28 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-19 968880]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
ComboFix 14-07-03.01 - uzivatel 06.07.2014 23:02:21.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2810.1561 [GMT 2:00]
Spuštěný z: c:\desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\AP Suggestor\APSUggestor.dll
c:\users\uzivatel\AppData\Local\Temp\NOSEventMessages.dll
c:\users\uzivatel\AppData\Roaming\Microsoft\Installer\{6E227784-B49B-4B07-B3C1-FA2A13AFEC85}\Icon3C8F050B1.exe
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBPVRTray.exe.lnk
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru.json
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\app.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\aboutSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonfs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonmgr.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonStatus.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\backgroundImages.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\backup.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\blacklist.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\bookmarks.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\branding.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\clids.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\cloudsource.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\colors.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\databaseMigration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\dataprovider.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\fastdial.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\favicons.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\frontendHelper.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\installer.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\internalStructure.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\layout.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\metrika.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\install.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_3.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_9.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\package.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\protocolSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchExample.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchSuggest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\strbundle.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\sync.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncPinned.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncTopHistory.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\thumbs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\usageHistory.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\workers\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\ycookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\components\core.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\config.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\defaults\preferences\yandex-vb.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\defaults\vendor\vendor.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\chrome.manifest
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\chrome\yandex-vb.jar
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\install.rdf
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\AddonManager.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\DataURI.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Foundation.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\async.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\database.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\ecustom.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\fileutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\misc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\netutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\patterns.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\promise.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\strutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\sysutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\task.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\xmlutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Log4Moz.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Preferences.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\SimpleHTMLParser.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\SimpleProtocol.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Stemmer.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\WindowListener.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\WinReg.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru.json
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\bar.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\aboutSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonfs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonmgr.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonStatus.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\anonymousStatistic.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\autoinst.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\brand_prov.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\branding.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\browserUsage.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\clids.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\compsusage.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\defender.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\distribution.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\incoming.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\installer.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\install.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-5_2_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-6_4_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_0_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_6_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_8_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_8_1.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-8_0_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-8_1_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\barplugin.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\brandsvc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\compapi.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\ncparser.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\npwidget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\sliceapi.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native_comps.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\notifications.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\overlay_prov.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\pacman.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\cachedres.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\manifest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\package.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\permissions.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\preset-with-manifest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\preset.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\unit.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\slices.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\strbundle.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\update.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\vendorCookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\widgetlib.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\workers\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\action.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\attribute.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\button.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\computed.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\enabled.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\extra-text.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\grid.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\checkbox.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\checked.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\image.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\menu.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\style.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\text.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\tooltip.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\url.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\widget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\xml.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\elements.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\event-listener.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbbase.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbcalcnodes.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbfuncs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbparser.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbtypes.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbui.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbwidget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\ycookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\core.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsIYaSearch.xpt
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsSearchSuggestions.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsYaSearch.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\xbProtocol.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\config.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\dynamic-preferences\brand\ua\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\dynamic-preferences\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\preferences\yasearch.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fdefault-partner.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fdefault.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Ftb.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fua.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\vendor\vendor.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\chrome.manifest
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\chrome\yasearch.jar
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\install.rdf
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\AddonManager.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\DataURI.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Foundation.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\async.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\database.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\dlqueue.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\ecustom.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\fileutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\legacy.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\misc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\netutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\patterns.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\promise.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\strutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\sysutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\task.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\xmlutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Log4Moz.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Preferences.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\SimpleHTMLParser.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\SimpleProtocol.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Stemmer.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\WindowListener.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\WinReg.jsm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-06 do 2014-07-06 )))))))))))))))))))))))))))))))
.
.
2014-07-06 21:16 . 2014-07-06 21:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-06 21:06 . 2014-07-06 21:06 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF43B4EC-D816-4363-805A-0F4545D95B27}\offreg.dll
2014-07-06 18:56 . 2014-07-06 18:57 -------- d-----w- C:\rsit
2014-07-04 12:32 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF43B4EC-D816-4363-805A-0F4545D95B27}\mpengine.dll
2014-07-01 17:06 . 2014-07-01 17:06 -------- d-----w- c:\users\uzivatel\AppData\Roaming\SVDownloader
2014-07-01 17:04 . 2014-07-06 21:14 -------- d-----w- c:\program files\AP Suggestor
2014-07-01 17:04 . 2014-07-01 17:04 -------- d-----w- c:\programdata\APSuggestor
2014-07-01 17:04 . 2014-07-01 17:16 -------- d-----w- c:\program files\SVDownloader
2014-07-01 16:50 . 2014-07-01 16:50 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-07-01 16:45 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Local\IsolatedStorage
2014-07-01 16:44 . 2014-07-01 16:44 -------- d-----w- c:\users\uzivatel\AppData\Local\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\windows\system32\drivers\NSS
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\Norton Security Scan
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Opera Software
2014-07-01 16:41 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\NortonInstaller
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\programdata\NortonInstaller
2014-07-01 16:40 . 2014-07-01 16:40 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ImperiaOnline
2014-06-15 16:27 . 2014-06-16 20:55 -------- d-----w- c:\users\uzivatel\AppData\Local\DOSBox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 11:13 . 2013-03-20 04:48 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-03 17:40 . 2013-03-20 04:48 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-13 20:12 . 2012-09-23 13:28 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 20:12 . 2012-09-23 13:28 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-12 02:15 . 2014-05-14 00:53 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:15 . 2014-05-14 00:53 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:12 . 2014-05-14 00:53 15872 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:12 . 2014-05-14 00:53 100352 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:12 . 2014-05-14 00:53 22016 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:11 . 2014-05-14 00:53 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:11 . 2014-05-14 00:53 22528 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376]
"SVDownloader"="c:\program files\SVDownloader\svdownloader.exe" [2011-11-11 1391616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2010-03-06 563736]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"PDFHook"="c:\program files\Nuance\PDF Professional 6\pdfpro6hook.exe" [2009-11-13 1277952]
"PDF6 Registry Controller"="c:\program files\Nuance\PDF Professional 6\RegistryController.exe" [2009-11-03 110880]
"Nuance PDF Reader-reminder"="c:\program files\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-07-14 738984]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-08-29 73392]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-19 1151152]
"hpqSRMon"="c:\f\Tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2013-06-01 495708]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2013-06-21 6510592]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-06-24 21720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
HP Digital Imaging Monitor.lnk - c:\f\Tiskárna\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 BackupService;BackupService;c:\users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-28 1343400]
R4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-19 968880]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-07 37352]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2013-06-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-07-14 27056]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-07-14 497320]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-06-21 35088]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-03 134944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2013-06-01 14:02 78848]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-23 20:12]
.
2014-07-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
- c:\users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 19:37]
.
2014-07-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
- c:\users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 19:37]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:34]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:34]
.
2014-07-05 c:\windows\Tasks\HPCeeScheduleForuzivatel.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-07-01 c:\windows\Tasks\Norton Security Scan for uzivatel.job
- c:\progra~1\NORTON~2\Engine\410~1.28\Nss.exe [2014-07-01 06:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://webtv.starnet.cz/
IE: Add to AMV Converter... - c:\f\AMVConverter\grab.html
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Open with Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - {D0984FD4-FA9A-46ee-9072-70B0735FF852} -
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
AddRemove-aTube Catcher - e:\atube catcher 2.0\uninstall.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-SVDownloader - c:\program files\SVDownloader\uninst.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{E0A9340B-C01B-42C1-9910-C307D7BE4756}\WeatherBugSetup.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1949562949-18675200-2126537319-1001\Software\SecuROM\License information*]
"datasecu"=hex:48,79,50,84,ec,a6,04,98,86,5c,ae,ae,7b,55,dd,e2,14,d4,09,79,9c,
36,e0,02,50,14,e9,03,a6,b0,01,14,83,30,0c,3a,46,18,d6,93,2e,a5,a4,d8,e4,5a,\
"rkeysecu"=hex:f6,d7,eb,7b,93,64,59,30,bc,55,80,07,88,37,4c,95
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(508)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2014-07-06 23:20:05
ComboFix-quarantined-files.txt 2014-07-06 21:20
.
Před spuštěním: 6 207 938 560
Po spuštění: 6 072 537 088
.
- - End Of File - - 08E5D7C050625B1459822472E437CB5B
5C616939100B85E558DA92B899A0FC36
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2810.1561 [GMT 2:00]
Spuštěný z: c:\desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\AP Suggestor\APSUggestor.dll
c:\users\uzivatel\AppData\Local\Temp\NOSEventMessages.dll
c:\users\uzivatel\AppData\Roaming\Microsoft\Installer\{6E227784-B49B-4B07-B3C1-FA2A13AFEC85}\Icon3C8F050B1.exe
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GBPVRTray.exe.lnk
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru.json
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\app.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\aboutSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonfs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonmgr.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\addonStatus.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\backgroundImages.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\backup.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\blacklist.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\bookmarks.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\branding.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\clids.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\cloudsource.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\colors.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\databaseMigration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\dataprovider.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\fastdial.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\favicons.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\frontendHelper.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\installer.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\internalStructure.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\layout.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\metrika.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\install.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_3.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\migration\l-2_9.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\package.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\protocolSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchExample.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\searchSuggest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\strbundle.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\sync.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncPinned.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\syncTopHistory.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\thumbs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\usageHistory.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\workers\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\cbapp\parts\ycookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\components\core.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\config.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\defaults\preferences\yandex-vb.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\defaults\vendor\vendor.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\chrome.manifest
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\chrome\yandex-vb.jar
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\install.rdf
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\AddonManager.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\DataURI.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Foundation.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\async.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\database.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\ecustom.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\fileutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\misc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\netutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\patterns.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\promise.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\strutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\sysutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\task.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\foundation\xmlutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Log4Moz.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Preferences.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\SimpleHTMLParser.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\SimpleProtocol.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\Stemmer.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\WindowListener.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\vb@yandex.ru\modules\WinReg.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru.json
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\bar.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\aboutSupport.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonfs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonmgr.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\addonStatus.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\anonymousStatistic.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\autoinst.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\brand_prov.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\branding.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\browserUsage.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\clids.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\compsusage.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\defender.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\distribution.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\incoming.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\installer.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\install.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-5_2_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-6_4_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_0_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_6_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_8_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-7_8_1.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-8_0_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\migration\l-8_1_0.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\barplugin.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\brandsvc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\compapi.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\ncparser.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\npwidget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native\sliceapi.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\native_comps.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\notifications.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\overlay_prov.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\pacman.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\cachedres.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\manifest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\package.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\permissions.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\preset-with-manifest.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\preset.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\platform\unit.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\slices.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\strbundle.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\update.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\vendorCookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\widgetlib.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\workers\barnavig.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\action.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\attribute.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\button.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\computed.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\enabled.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\extra-text.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\grid.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\checkbox.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\checked.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\image.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\menu.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\style.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\text.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\tooltip.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\url.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\widget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\behaviour\xml.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\elements.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\ui\event-listener.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbbase.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbcalcnodes.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbfuncs.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbparser.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbtypes.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbui.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\xb\xbwidget.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\cbapp\parts\ycookie.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\core.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsIYaSearch.xpt
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsSearchSuggestions.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\nsYaSearch.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\components\xbProtocol.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\config.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\dynamic-preferences\brand\ua\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\dynamic-preferences\safebrowsing.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\preferences\yasearch.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fdefault-partner.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fdefault.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Ftb.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\presets\http%3A%2F%2Fbar.yandex.ru%2Fpresets%2Fua.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\defaults\vendor\vendor.xml
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\chrome.manifest
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\chrome\yasearch.jar
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\install.rdf
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\AddonManager.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\DataURI.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Foundation.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\async.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\database.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\dlqueue.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\ecustom.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\fileutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\legacy.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\misc.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\netutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\patterns.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\promise.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\strutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\sysutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\task.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\foundation\xmlutils.js
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Log4Moz.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Preferences.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\SimpleHTMLParser.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\SimpleProtocol.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\Stemmer.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\WindowListener.jsm
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\extensions\staged\yasearch@yandex.ru\modules\WinReg.jsm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-06 do 2014-07-06 )))))))))))))))))))))))))))))))
.
.
2014-07-06 21:16 . 2014-07-06 21:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-06 21:06 . 2014-07-06 21:06 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF43B4EC-D816-4363-805A-0F4545D95B27}\offreg.dll
2014-07-06 18:56 . 2014-07-06 18:57 -------- d-----w- C:\rsit
2014-07-04 12:32 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF43B4EC-D816-4363-805A-0F4545D95B27}\mpengine.dll
2014-07-01 17:06 . 2014-07-01 17:06 -------- d-----w- c:\users\uzivatel\AppData\Roaming\SVDownloader
2014-07-01 17:04 . 2014-07-06 21:14 -------- d-----w- c:\program files\AP Suggestor
2014-07-01 17:04 . 2014-07-01 17:04 -------- d-----w- c:\programdata\APSuggestor
2014-07-01 17:04 . 2014-07-01 17:16 -------- d-----w- c:\program files\SVDownloader
2014-07-01 16:50 . 2014-07-01 16:50 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-07-01 16:45 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Local\IsolatedStorage
2014-07-01 16:44 . 2014-07-01 16:44 -------- d-----w- c:\users\uzivatel\AppData\Local\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\windows\system32\drivers\NSS
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\Norton Security Scan
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Opera Software
2014-07-01 16:41 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\NortonInstaller
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\programdata\NortonInstaller
2014-07-01 16:40 . 2014-07-01 16:40 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ImperiaOnline
2014-06-15 16:27 . 2014-06-16 20:55 -------- d-----w- c:\users\uzivatel\AppData\Local\DOSBox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-24 11:13 . 2013-03-20 04:48 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-03 17:40 . 2013-03-20 04:48 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-13 20:12 . 2012-09-23 13:28 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-13 20:12 . 2012-09-23 13:28 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-04-12 02:15 . 2014-05-14 00:53 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:15 . 2014-05-14 00:53 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:12 . 2014-05-14 00:53 15872 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:12 . 2014-05-14 00:53 100352 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:12 . 2014-05-14 00:53 22016 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:11 . 2014-05-14 00:53 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:11 . 2014-05-14 00:53 22528 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-08-03 1086376]
"SVDownloader"="c:\program files\SVDownloader\svdownloader.exe" [2011-11-11 1391616]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2010-03-06 563736]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"PDFHook"="c:\program files\Nuance\PDF Professional 6\pdfpro6hook.exe" [2009-11-13 1277952]
"PDF6 Registry Controller"="c:\program files\Nuance\PDF Professional 6\RegistryController.exe" [2009-11-03 110880]
"Nuance PDF Reader-reminder"="c:\program files\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-07-14 738984]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-08-29 73392]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-02-19 1151152]
"hpqSRMon"="c:\f\Tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2013-06-01 495708]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2013-06-21 6510592]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-06-24 21720]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
HP Digital Imaging Monitor.lnk - c:\f\Tiskárna\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 BackupService;BackupService;c:\users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-28 1343400]
R4 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-19 968880]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-07 37352]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2013-06-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-07-14 27056]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-07-14 497320]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-06-21 35088]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-03 134944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2013-06-01 14:02 78848]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-23 20:12]
.
2014-07-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
- c:\users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 19:37]
.
2014-07-06 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
- c:\users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 19:37]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:34]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30 15:34]
.
2014-07-05 c:\windows\Tasks\HPCeeScheduleForuzivatel.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-07-01 c:\windows\Tasks\Norton Security Scan for uzivatel.job
- c:\progra~1\NORTON~2\Engine\410~1.28\Nss.exe [2014-07-01 06:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://webtv.starnet.cz/
IE: Add to AMV Converter... - c:\f\AMVConverter\grab.html
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Open with Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - {D0984FD4-FA9A-46ee-9072-70B0735FF852} -
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
AddRemove-aTube Catcher - e:\atube catcher 2.0\uninstall.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-SVDownloader - c:\program files\SVDownloader\uninst.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{E0A9340B-C01B-42C1-9910-C307D7BE4756}\WeatherBugSetup.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1949562949-18675200-2126537319-1001\Software\SecuROM\License information*]
"datasecu"=hex:48,79,50,84,ec,a6,04,98,86,5c,ae,ae,7b,55,dd,e2,14,d4,09,79,9c,
36,e0,02,50,14,e9,03,a6,b0,01,14,83,30,0c,3a,46,18,d6,93,2e,a5,a4,d8,e4,5a,\
"rkeysecu"=hex:f6,d7,eb,7b,93,64,59,30,bc,55,80,07,88,37,4c,95
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(508)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Celkový čas: 2014-07-06 23:20:05
ComboFix-quarantined-files.txt 2014-07-06 21:20
.
Před spuštěním: 6 207 938 560
Po spuštění: 6 072 537 088
.
- - End Of File - - 08E5D7C050625B1459822472E437CB5B
5C616939100B85E558DA92B899A0FC36
Re: Prosím o kontrolu
Zdravim 
Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?
Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"
Nebezpeci CFka
Co se tyce ComboFixu, ktery jste pouzil, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)? Licencni podminky ComboFixu hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby" Nebezpeci CFka
- Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
- Maze stopy po haveti, takze v logu z RSIT neni nic videt
- Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
- CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
- CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Ono to vzniklo omylem. Někdo jiný těsně za mnou založil téma s naprosto stejným názvem "Prosím o kontrolu", já to bezmyšlenkovitě otevřel a jak jsem viděl kombofix, už jsem na to šel 
Jinak bych si rozhodně netroufl!
Je to problém? Co teď?
Jinak bych si rozhodně netroufl!Je to problém? Co teď?
Re: Prosím o kontrolu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
# AdwCleaner v3.214 - Report created 08/07/2014 at 00:22:49
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : uzivatel - UZIVATEL-HP
# Running from : C:\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : vToolbarUpdater14.2.0
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v
[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={BBCFA0D3-E05A-4555-A07B-65ACC01BF6C7}&mid=59cf8b14751f47d08af3a1bad39da12c-d3d0597bbb57c887e8f0e72a8af99896035e07ac&lang=cs&ds=gm011&pr=sa&d=2012-12-10 21:06:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=en_CZ&apn_uid=1ede91fc-fb68-4217-ad34-db8f369867b4&apn_ptnrs=%5EAGY&apn_sauid=D5530652-4988-4EA9-8345-98080CEC81DE&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [9656 octets] - [08/07/2014 00:17:08]
AdwCleaner[S0].txt - [9805 octets] - [08/07/2014 00:22:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9865 octets] ##########
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : uzivatel - UZIVATEL-HP
# Running from : C:\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : vToolbarUpdater14.2.0
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v
[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={BBCFA0D3-E05A-4555-A07B-65ACC01BF6C7}&mid=59cf8b14751f47d08af3a1bad39da12c-d3d0597bbb57c887e8f0e72a8af99896035e07ac&lang=cs&ds=gm011&pr=sa&d=2012-12-10 21:06:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=en_CZ&apn_uid=1ede91fc-fb68-4217-ad34-db8f369867b4&apn_ptnrs=%5EAGY&apn_sauid=D5530652-4988-4EA9-8345-98080CEC81DE&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [9656 octets] - [08/07/2014 00:17:08]
AdwCleaner[S0].txt - [9805 octets] - [08/07/2014 00:22:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9865 octets] ##########
Re: Prosím o kontrolu
# AdwCleaner v3.214 - Report created 08/07/2014 at 00:22:49
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : uzivatel - UZIVATEL-HP
# Running from : C:\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : vToolbarUpdater14.2.0
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v
[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={BBCFA0D3-E05A-4555-A07B-65ACC01BF6C7}&mid=59cf8b14751f47d08af3a1bad39da12c-d3d0597bbb57c887e8f0e72a8af99896035e07ac&lang=cs&ds=gm011&pr=sa&d=2012-12-10 21:06:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=en_CZ&apn_uid=1ede91fc-fb68-4217-ad34-db8f369867b4&apn_ptnrs=%5EAGY&apn_sauid=D5530652-4988-4EA9-8345-98080CEC81DE&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [9656 octets] - [08/07/2014 00:17:08]
AdwCleaner[S0].txt - [9805 octets] - [08/07/2014 00:22:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9865 octets] ##########
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : uzivatel - UZIVATEL-HP
# Running from : C:\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : vToolbarUpdater14.2.0
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0B79C149-3B19-40DE-92BF-1A3AD9C1DA9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{229C56BB-A36A-4323-8C82-B136DF45697D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33E2B3CB-322E-4CBE-89F2-C06F5A35DB46}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51080E66-F357-4F2A-9BFC-2456695883B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537AD3CF-DE2B-4A1C-8279-C946B7E490D4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5BF7365D-25FF-40F3-8DEE-06ABEDF177CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A10A1344-B533-4C9E-BE4E-4C5BC4953047}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA94BCE1-7E60-422D-9E7D-B853BC03FE78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BDCE611F-FDAA-4B10-A8E8-220A7897A69F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D0F1E414-1FAE-466C-B122-DE735B7BFF9D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E458510C-1DD5-4A05-8C4C-53BEF69C05E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v
[ File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zclb648d.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={BBCFA0D3-E05A-4555-A07B-65ACC01BF6C7}&mid=59cf8b14751f47d08af3a1bad39da12c-d3d0597bbb57c887e8f0e72a8af99896035e07ac&lang=cs&ds=gm011&pr=sa&d=2012-12-10 21:06:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10267&locale=en_CZ&apn_uid=1ede91fc-fb68-4217-ad34-db8f369867b4&apn_ptnrs=%5EAGY&apn_sauid=D5530652-4988-4EA9-8345-98080CEC81DE&apn_dtid=%5EYYYYYY%5EYY%5ECZ&q={searchTerms}
*************************
AdwCleaner[R0].txt - [9656 octets] - [08/07/2014 00:17:08]
AdwCleaner[S0].txt - [9805 octets] - [08/07/2014 00:22:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9865 octets] ##########
Re: Prosím o kontrolu
Stahnete SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe
- Ulozte nejlepe na Plochu
- Spustte tradicne dvouklikem a postupujte dle pokynu utility
- Po dokonceni skenu se vytvori a otevre log, ten mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Results of screen317's Security Check version 0.99.85
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader 10.1.8 Adobe Reader out of Date!
Google Chrome 35.0.1916.114
Google Chrome 35.0.1916.153
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Adobe Reader 10.1.8 Adobe Reader out of Date!
Google Chrome 35.0.1916.114
Google Chrome 35.0.1916.153
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Re: Prosím o kontrolu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\AP Suggestor c:\programdata\APSuggestor File:: C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job C:\Windows\tasks\HPCeeScheduleForuzivatel.job C:\Windows\tasks\Norton Security Scan for uzivatel.job Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"=- "NokiaSuite.exe"=- "SVDownloader"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PDF Complete"=- "PDFHook"=- "PDF6 Registry Controller"=- "Nuance PDF Reader-reminder"=- "vProt"=- "Adobe ARM"=- "GrooveMonitor"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"=- DDS:: Trusted Zone: //about.htm/ Trusted Zone: //Exclude.htm/ Trusted Zone: //FWEvent.htm/ Trusted Zone: //LanguageSelection.htm/ Trusted Zone: //Message.htm/ Trusted Zone: //MyAgttryCmd.htm/ Trusted Zone: //MyAgttryNag.htm/ Trusted Zone: //MyNotification.htm/ Trusted Zone: //NOCLessUpdate.htm/ Trusted Zone: //quarantine.htm/ Trusted Zone: //ScanNow.htm/ Trusted Zone: //strings.vbs/ Trusted Zone: //Template.htm/ Trusted Zone: //Update.htm/ Trusted Zone: //VirFound.htm/ Trusted Zone: mcafeeasap.com\betavscan Trusted Zone: mcafeeasap.com\vs Trusted Zone: mcafeeasap.com\www TCP: DhcpNameServer = 10.255.255.10 10.255.255.20 RegNull:: [HKEY_USERS\S-1-5-21-1949562949-18675200-2126537319-1001\Software\SecuROM\License information*] RegLock:: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
ComboFix 14-07-11.03 - uzivatel 11.07.2014 13:15:22.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2810.1669 [GMT 2:00]
Spuštěný z: c:\desktop\ComboFix.exe
Použité ovládací přepínače :: c:\desktop\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job"
"c:\windows\tasks\HPCeeScheduleForuzivatel.job"
"c:\windows\tasks\Norton Security Scan for uzivatel.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AP Suggestor
c:\program files\AP Suggestor\Uninstall.exe
c:\programdata\APSuggestor
c:\programdata\APSuggestor\ap10013.crx
C:\Thumbs.db
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
c:\windows\tasks\HPCeeScheduleForuzivatel.job
c:\windows\tasks\Norton Security Scan for uzivatel.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-11 do 2014-07-11 )))))))))))))))))))))))))))))))
.
.
2014-07-11 11:26 . 2014-07-11 11:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-11 11:06 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE9F188E-C816-47B6-93F9-65C2AE8032B4}\mpengine.dll
2014-07-09 00:12 . 2014-07-09 00:12 10603008 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-07-09 00:03 . 2014-06-18 01:50 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 00:03 . 2014-05-30 06:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 00:03 . 2014-05-30 07:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 00:03 . 2014-05-30 07:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 00:03 . 2014-05-30 07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 00:03 . 2014-05-30 07:52 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 00:03 . 2014-05-30 07:52 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 00:03 . 2014-05-30 07:52 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-07-09 00:03 . 2014-05-30 07:52 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 00:02 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 00:02 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 00:01 . 2014-06-30 01:40 404480 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 00:01 . 2014-06-30 01:36 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-07-07 22:17 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-07-07 22:17 . 2014-07-07 22:23 -------- d-----w- C:\AdwCleaner
2014-07-06 18:56 . 2014-07-06 18:57 -------- d-----w- C:\rsit
2014-07-01 17:06 . 2014-07-01 17:06 -------- d-----w- c:\users\uzivatel\AppData\Roaming\SVDownloader
2014-07-01 17:04 . 2014-07-01 17:16 -------- d-----w- c:\program files\SVDownloader
2014-07-01 16:50 . 2014-07-01 16:50 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-07-01 16:45 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Local\IsolatedStorage
2014-07-01 16:44 . 2014-07-01 16:44 -------- d-----w- c:\users\uzivatel\AppData\Local\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\windows\system32\drivers\NSS
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\Norton Security Scan
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Opera Software
2014-07-01 16:41 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\NortonInstaller
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\programdata\NortonInstaller
2014-07-01 16:40 . 2014-07-01 16:40 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ImperiaOnline
2014-06-15 16:27 . 2014-06-16 20:55 -------- d-----w- c:\users\uzivatel\AppData\Local\DOSBox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 00:12 . 2012-09-23 13:28 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 00:12 . 2012-09-23 13:28 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-06-24 11:13 . 2013-03-20 04:48 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-03 17:40 . 2013-03-20 04:48 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-04-25 02:06 . 2014-06-10 20:22 626688 ----a-w- c:\windows\system32\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-07-14 738984]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-08-29 73392]
"hpqSRMon"="c:\f\Tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2013-06-01 495708]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2013-06-21 6510592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
HP Digital Imaging Monitor.lnk - c:\f\Tiskárna\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-28 1343400]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-07 37352]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2013-06-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
S2 BackupService;BackupService;c:\users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-07-14 27056]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-07-14 497320]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-06-21 35088]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-03 134944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2013-06-01 14:02 78848]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://webtv.starnet.cz/
IE: Add to AMV Converter... - c:\f\AMVConverter\grab.html
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Open with Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - {D0984FD4-FA9A-46ee-9072-70B0735FF852} -
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-AP Suggestor - c:\program files\AP Suggestor\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(504)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(3392)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
c:\program files\Broadcom\Broadcom 802.11\bcmwltry.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\f\video\GBPVRRecordingService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-07-11 13:33:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-11 11:33
ComboFix2.txt 2014-07-06 21:20
.
Před spuštěním: 5 923 520 512
Po spuštění: 5 808 381 952
.
- - End Of File - - C41F795EC66BAF6D671670C6DFA0ED3C
5C616939100B85E558DA92B899A0FC36
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2810.1669 [GMT 2:00]
Spuštěný z: c:\desktop\ComboFix.exe
Použité ovládací přepínače :: c:\desktop\CFScript.txt
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job"
"c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job"
"c:\windows\tasks\HPCeeScheduleForuzivatel.job"
"c:\windows\tasks\Norton Security Scan for uzivatel.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AP Suggestor
c:\program files\AP Suggestor\Uninstall.exe
c:\programdata\APSuggestor
c:\programdata\APSuggestor\ap10013.crx
C:\Thumbs.db
c:\windows\tasks\Adobe Flash Player Updater.job
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
c:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1949562949-18675200-2126537319-1001UA.job
c:\windows\tasks\HPCeeScheduleForuzivatel.job
c:\windows\tasks\Norton Security Scan for uzivatel.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-11 do 2014-07-11 )))))))))))))))))))))))))))))))
.
.
2014-07-11 11:26 . 2014-07-11 11:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-11 11:06 . 2014-06-05 10:54 8140904 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE9F188E-C816-47B6-93F9-65C2AE8032B4}\mpengine.dll
2014-07-09 00:12 . 2014-07-09 00:12 10603008 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2014-07-09 00:03 . 2014-06-18 01:50 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2014-07-09 00:03 . 2014-05-30 06:36 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-07-09 00:03 . 2014-05-30 07:52 172032 ----a-w- c:\windows\system32\wdigest.dll
2014-07-09 00:03 . 2014-05-30 07:52 65536 ----a-w- c:\windows\system32\TSpkg.dll
2014-07-09 00:03 . 2014-05-30 07:52 247808 ----a-w- c:\windows\system32\schannel.dll
2014-07-09 00:03 . 2014-05-30 07:52 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-07-09 00:03 . 2014-05-30 07:52 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-07-09 00:03 . 2014-05-30 07:52 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-07-09 00:03 . 2014-05-30 07:52 17408 ----a-w- c:\windows\system32\credssp.dll
2014-07-09 00:02 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2014-07-09 00:02 . 2014-06-05 14:26 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 00:01 . 2014-06-30 01:40 404480 ----a-w- c:\windows\system32\aepdu.dll
2014-07-09 00:01 . 2014-06-30 01:36 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-07-07 22:17 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-07-07 22:17 . 2014-07-07 22:23 -------- d-----w- C:\AdwCleaner
2014-07-06 18:56 . 2014-07-06 18:57 -------- d-----w- C:\rsit
2014-07-01 17:06 . 2014-07-01 17:06 -------- d-----w- c:\users\uzivatel\AppData\Roaming\SVDownloader
2014-07-01 17:04 . 2014-07-01 17:16 -------- d-----w- c:\program files\SVDownloader
2014-07-01 16:50 . 2014-07-01 16:50 -------- d-----w- c:\program files\Common Files\Symantec Shared
2014-07-01 16:45 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Local\IsolatedStorage
2014-07-01 16:44 . 2014-07-01 16:44 -------- d-----w- c:\users\uzivatel\AppData\Local\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\windows\system32\drivers\NSS
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\Norton Security Scan
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Opera Software
2014-07-01 16:41 . 2014-07-01 16:45 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Yandex
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\program files\NortonInstaller
2014-07-01 16:41 . 2014-07-01 16:41 -------- d-----w- c:\programdata\NortonInstaller
2014-07-01 16:40 . 2014-07-01 16:40 -------- d-----w- c:\users\uzivatel\AppData\Roaming\ImperiaOnline
2014-06-15 16:27 . 2014-06-16 20:55 -------- d-----w- c:\users\uzivatel\AppData\Local\DOSBox
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 00:12 . 2012-09-23 13:28 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-09 00:12 . 2012-09-23 13:28 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-06-24 11:13 . 2013-03-20 04:48 97648 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-03 17:40 . 2013-03-20 04:48 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-04-25 02:06 . 2014-06-10 20:22 626688 ----a-w- c:\windows\system32\usp10.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-05 222496]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-02-22 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-08 102400]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-07-14 738984]
"ZoneAlarm"="c:\program files\CheckPoint\ZoneAlarm\zatray.exe" [2012-08-29 73392]
"hpqSRMon"="c:\f\Tiskárna\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-06-24 750160]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2013-06-01 495708]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2013-06-21 6510592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-12-29 795936]
HP Digital Imaging Monitor.lnk - c:\f\Tiskárna\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-18 108032]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-28 1343400]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-02-19 33112]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-07 37352]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\aestsrv.exe [2013-06-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-08 172032]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-06-24 430160]
S2 BackupService;BackupService;c:\users\uzivatel\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-10-21 196176]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-10-13 249648]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-07-14 27056]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-07-14 497320]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2013-06-21 35088]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [2009-11-03 134944]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2013-06-01 14:02 78848]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-02-22 18:38 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://webtv.starnet.cz/
IE: Add to AMV Converter... - c:\f\AMVConverter\grab.html
IE: Append the content of the link to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Append the content of the selected links to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML
IE: Append to existing PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML
IE: Create PDF file - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF file from the content of the link - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTML
IE: Create PDF files from the selected links - c:\program files\Nuance\PDF Professional 6\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Open with Nuance PDF Converter 6.0 - c:\program files\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: Open with PDF Professional 6 - c:\program files\Nuance\PDF Professional 6\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files\ICQ7M\ICQ.exe
IE: {{02E2473F-766B-4ce2-8FD0-C4E8071EF1C4} - {D0984FD4-FA9A-46ee-9072-70B0735FF852} -
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-AP Suggestor - c:\program files\AP Suggestor\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(504)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'Explorer.exe'(3392)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\program files\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFTaskbar.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\IDT\WDM\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
c:\program files\Broadcom\Broadcom 802.11\bcmwltry.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\f\video\GBPVRRecordingService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2014-07-11 13:33:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-07-11 11:33
ComboFix2.txt 2014-07-06 21:20
.
Před spuštěním: 5 923 520 512
Po spuštění: 5 808 381 952
.
- - End Of File - - C41F795EC66BAF6D671670C6DFA0ED3C
5C616939100B85E558DA92B899A0FC36
Re: Prosím o kontrolu
Jak se chova PC???
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Vše se zdá v pořádku.
Re: Prosím o kontrolu
Tak jeste uklidime 
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Díky moc! 
Přispějete na provoz fóra?