Dobrý den, prosim o kontrolu, při startu vyskakuje černé okno s názvem C:\User\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpDatePref.exe
log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Blanka at 2013-04-04 13:31:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 153 GB (64%) free of 238 GB
Total RAM: 3835 MB (58% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:31:20, on 4.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Blanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: GomPicker - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Seznam.chromeUpdatePref] C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12864 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
"C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
WLIDSvcM.exe 2520
"C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe"
szndesktop.exe default start
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {8FD60811-95EE-48AA-BA6F-4619894E73ED}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe fork 12454
\??\C:\Windows\system32\conhost.exe "1123167311-16959563111485849840-4212843462140106501670466746-106082675779661942
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3948.10e22800.1833234021 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 3948 "\\.\pipe\gecko-crash-server-pipe.3948" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash2932.6BEE63D8.16537 --host-broker-channel=Flash2932.6BEE63D8.29085 --host-pid=2932 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=3628.0031F324.1526061275 --proxy-stub-channel=Flash2932.6BEE63D8.16537 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Blanka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, personas@christopher.beard:1.6.2, silvermelxt@pardal.de:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, flaminglow-ff3-30@glowplug.bitasylum.net:4.0.3.06, penguin@loic.com:3.0, {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, silvermel@pardal.de:1.3.6, {333b42b0-9c75-11db-b606-0800200c9a66}:2.200100126"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =827316&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.CZE
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpplugin.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\
{07b2a769-ed19-4483-87ce-c643914c81bb}
{333b42b0-9c75-11db-b606-0800200c9a66}
{e7348bc0-16f6-11de-8c30-0800200c9a66}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-20 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-20 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
GretechBHO Class - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll [2012-04-24 2483320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"cz.seznam.software.autoupdate"=C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe [2012-09-13 1009288]
"Seznam.chromeUpdatePref"=C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe [2013-02-13 942080]
"cz.seznam.software.szndesktop"=C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-01-22 92152]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk]
C:\PROGRA~2\TOSHIBA\TRDCRE~1\TRDCRE~1.EXE [2009-09-01 481184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-01-08 295072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-07 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-04-01 20:09:30 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-03-26 12:00:37 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-20 20:56:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-20 20:56:31 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-18 12:00:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-15 19:48:47 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-15 19:48:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-13 22:05:43 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-13 22:05:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 22:05:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-13 22:05:38 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 22:05:37 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 22:05:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 22:05:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-13 22:05:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-13 22:05:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-13 22:05:24 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 22:05:23 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 22:05:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-10 10:22:28 ----D---- C:\Program Files (x86)\Seznam.cz
2013-03-10 10:21:59 ----D---- C:\Users\Blanka\AppData\Roaming\Seznam.cz
2013-03-08 21:14:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2013-04-04 13:31:18 ----D---- C:\Windows\Temp
2013-04-04 13:31:05 ----D---- C:\Program Files\trend micro
2013-04-04 13:28:35 ----D---- C:\Windows\system32\config
2013-04-03 14:25:16 ----D---- C:\Windows\system32\catroot2
2013-04-02 21:07:24 ----SHD---- C:\System Volume Information
2013-04-02 11:05:45 ----D---- C:\Windows\System32
2013-04-02 11:05:45 ----D---- C:\Windows\inf
2013-04-02 11:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-02 11:00:24 ----D---- C:\Windows
2013-04-01 20:59:13 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-01 20:14:49 ----D---- C:\Windows\Prefetch
2013-04-01 20:10:13 ----D---- C:\Windows\system32\drivers
2013-04-01 20:09:30 ----RD---- C:\Program Files (x86)
2013-03-29 11:51:20 ----D---- C:\Users\Blanka\AppData\Roaming\Skype
2013-03-26 16:18:13 ----D---- C:\Windows\winsxs
2013-03-26 16:16:45 ----D---- C:\Windows\system32\DriverStore
2013-03-26 11:57:44 ----D---- C:\Windows\system32\catroot
2013-03-20 20:57:30 ----SHD---- C:\Windows\Installer
2013-03-20 20:56:51 ----D---- C:\Windows\SysWOW64
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-20 20:56:19 ----D---- C:\Program Files (x86)\Java
2013-03-20 09:34:02 ----D---- C:\Windows\rescache
2013-03-18 11:59:03 ----D---- C:\Windows\Downloaded Program Files
2013-03-18 11:58:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-18 11:49:12 ----D---- C:\Windows\debug
2013-03-16 21:18:09 ----D---- C:\Program Files (x86)\rajce
2013-03-15 19:48:54 ----D---- C:\Windows\system32\Tasks
2013-03-14 10:11:24 ----D---- C:\Windows\AppPatch
2013-03-14 10:11:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:11:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 10:11:21 ----D---- C:\Windows\system32\migration
2013-03-14 10:11:20 ----D---- C:\Program Files\Internet Explorer
2013-03-13 22:07:00 ----A---- C:\Windows\system32\MRT.exe
2013-03-10 10:21:21 ----D---- C:\ProgramData\Adobe
2013-03-10 10:21:16 ----D---- C:\Program Files (x86)\Adobe
2013-03-07 20:54:27 ----D---- C:\ProgramData\hps
2013-03-07 20:53:39 ----D---- C:\ProgramData\tmp
2013-03-07 01:32:22 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 19496]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 145448]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18 253656]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-26 1255736]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S4 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakující okno při startu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Zdravím. 
Vydrž minutku, na logu se intenzivně pracuje.
Vydrž minutku, na logu se intenzivně pracuje.
-
-
- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Odinstaluj Spybot - Search & Destroy. Program má svá nejlepší léta již dávno za sebou a není schopen čelit aktuálním hrozbám. U programu Malwarebytes' Anti-Malware vypni v jeho nastaveních rezidentní ochranu, případně i spouštění při startu systému - bude se Ti tlouct s Avastem, který máš nainstalovaný. A udělej mi s ním preventivní scan podle návodu, když už ho tam máš. Ty nemusíš stahovat a instalovat, jen ho spusť a stáhni mu aktualizace. Při spouštění tam máš více nepotřebností, to odstraním později. Stáhni a nainstaluj Malwarebytes' Anti-Malware (zkráceně MBAM) podle návodu z tohoto topicu.
- Proveď aktualizaci virové databáze.
- V záložce Kontrolor zvol Úplná kontrola a zaškrtni všechny pevné disky, které máš na počítači.
- Předem nic nemaž!!
- MBAM mívá občas falešné detekce, proto vlož jeho log do příspěvku a počkej na posouzení!
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
log z mbam:
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.04.04.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Blanka :: BLANKA-T [administrátor]
Ochrana: Zakázána
4.4.2013 14:26:16
mbam-log-2013-04-04 (14-26-16).txt
Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 364618
Uplynulý čas: 57 minut, 33 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.04.04.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Blanka :: BLANKA-T [administrátor]
Ochrana: Zakázána
4.4.2013 14:26:16
mbam-log-2013-04-04 (14-26-16).txt
Typ: Kompletní kontrola (C:\|D:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 364618
Uplynulý čas: 57 minut, 33 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Super, čisto. Teď prosím MBAM buď odinstaluj, nebo mu zakaž rezidentní ochranu, případně spouštění při startu systému, bude to někde v Nastaveních.
Potom stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner
Potom stáhni AdwCleaner - http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulož jej nejlépe na Plochu.
- Ukonči všechny programy!!
- Spusť AdwCleaner.
- Pokud používáš operační systém Windows Vista či Windows 7, klikni na AdwCleaner pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Klikni na [Delete].
- Proběhne scan a pak se objeví log, který bude případně uložen na systémovém disku jako C:\AdwCleaner [S1].txt - jeho obsah mi sem vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
log:
# AdwCleaner v2.200 - Log vytvooen 04/04/2013 v 15:54:08
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Blanka - BLANKA-T
# Spuštin systém : Normální
# Spuštino z : C:\Users\Blanka\Downloads\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Software
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0 (cs)
Soubor : C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\prefs.js
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [927 octets] - [04/04/2013 15:52:43]
AdwCleaner[R2].txt - [986 octets] - [04/04/2013 15:53:16]
AdwCleaner[R3].txt - [1045 octets] - [04/04/2013 15:53:53]
AdwCleaner[S1].txt - [978 octets] - [04/04/2013 15:54:08]
########## EOF - C:\AdwCleaner[S1].txt - [1037 octets] ##########
# AdwCleaner v2.200 - Log vytvooen 04/04/2013 v 15:54:08
# Aktualizováno 02/04/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Blanka - BLANKA-T
# Spuštin systém : Normální
# Spuštino z : C:\Users\Blanka\Downloads\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
***** [Registry] *****
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Software
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v9.0.8112.16470
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0 (cs)
Soubor : C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\prefs.js
[OK] Soubor je eistý.
*************************
AdwCleaner[R1].txt - [927 octets] - [04/04/2013 15:52:43]
AdwCleaner[R2].txt - [986 octets] - [04/04/2013 15:53:16]
AdwCleaner[R3].txt - [1045 octets] - [04/04/2013 15:53:53]
AdwCleaner[S1].txt - [978 octets] - [04/04/2013 15:54:08]
########## EOF - C:\AdwCleaner[S1].txt - [1037 octets] ##########
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Tady bylo celkem čisto.
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ulož jej nejlépe na Plochu.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Potom klikni na tlačítko [Prohledat] a počkej, až prohlídka proběhne.
- Klikni na tlačítko [Zpráva] - otevře se log, ten mi sem vlož.
- Detailní postup včetně obrázků najdeš zde: http://forum.viry.cz/viewtopic.php?f=24&t=120452
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
log:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Kontrola -- Datum : 04/04/2013 16:20:34
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] chromeUpdatePref.exe -- C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe [-] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] fc954a96db7bad449c5f70d77cbbc770
[BSP] 956891fe18611f11f2af580faad4eca3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238234 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488724480 | Size: 238304 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04042013_02d1620.txt >>
RKreport[1]_S_04042013_02d1620.txt
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Kontrola -- Datum : 04/04/2013 16:20:34
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] szndesktop.exe -- C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] chromeUpdatePref.exe -- C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe [-] -> SMAZÁNO [TermProc]
¤¤¤ ¤¤¤ Záznamy Registrů: : 14 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-819589781-1855769215-1360403588-1000[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJPOL] HKLM\[...]\Wow6432Node\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] fc954a96db7bad449c5f70d77cbbc770
[BSP] 956891fe18611f11f2af580faad4eca3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238234 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488724480 | Size: 238304 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1]_S_04042013_02d1620.txt >>
RKreport[1]_S_04042013_02d1620.txt
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
No vida, tam toho bylo! 
Takže provedeme opravy.
Takže provedeme opravy.
- Ukonči všechny programy!
- Spusť RogueKiller. Pokud používáš operační systém Windows Vista či Windows 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
- Počkej, než program dokončí Prescan.
- Zvol možnost [Prohledat] a počkej, až prohlídka proběhne.
- V záložce Registry nech všechny nálezy označeny.
- Klikni na tlačítko [Smazat] a následně na [Zpráva] - otevře se log, ten mi sem vlož.
- Pak ještě klikni na tlačítko [Oprava Hosts] a potom opět na [Zpráva] - otevře se další log, který mi sem také vlož.
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
log registry:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Odebrat -- Datum : 04/04/2013 16:43:16
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] fc954a96db7bad449c5f70d77cbbc770
[BSP] 956891fe18611f11f2af580faad4eca3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238234 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488724480 | Size: 238304 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04042013_02d1643.txt >>
RKreport[1]_S_04042013_02d1620.txt ; RKreport[2]_S_04042013_02d1641.txt ; RKreport[3]_D_04042013_02d1643.txt
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Odebrat -- Datum : 04/04/2013 16:43:16
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\szninstall.exe" -c) [7] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : Seznam.chromeUpdatePref (C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\chromeUpdatePref.exe 12454) [-] -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Blanka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q) [7] -> VYMAZÁNO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS545050B9A300 ATA Device +++++
--- User ---
[MBR] fc954a96db7bad449c5f70d77cbbc770
[BSP] 956891fe18611f11f2af580faad4eca3 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238234 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 488724480 | Size: 238304 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[3]_D_04042013_02d1643.txt >>
RKreport[1]_S_04042013_02d1620.txt ; RKreport[2]_S_04042013_02d1641.txt ; RKreport[3]_D_04042013_02d1643.txt
Re: Vyskakující okno při startu
log hosts:
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/04/2013 16:46:24
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_04042013_02d1646.txt >>
RKreport[3]_D_04042013_02d1643.txt ; RKreport[4]_H_04042013_02d1646.txt
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Blanka [Práva správce]
Mód : Oprava HOSTS -- Datum : 04/04/2013 16:46:24
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
[...]
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[4]_H_04042013_02d1646.txt >>
RKreport[3]_D_04042013_02d1643.txt ; RKreport[4]_H_04042013_02d1646.txt
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Výborně, teď mi sem vlož prosím nový aktuální log ze RSITu, ať se podívám, co se povedlo a co zatím ne.--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
rsit:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Blanka at 2013-04-04 17:00:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 152 GB (64%) free of 238 GB
Total RAM: 3835 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:18, on 4.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Blanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: GomPicker - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11222 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
taskeng.exe {5B3AB430-DCC7-40A3-96A6-A86326133822}
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
WLIDSvcM.exe 2608
"C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4468.ccfce00.2072908007 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 4468 "\\.\pipe\gecko-crash-server-pipe.4468" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash3960.6C491D80.8903 --host-broker-channel=Flash3960.6C491D80.15633 --host-pid=3960 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2228.0045F19C.964183790 --proxy-stub-channel=Flash3960.6C491D80.8903 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Blanka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, personas@christopher.beard:1.6.2, silvermelxt@pardal.de:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, flaminglow-ff3-30@glowplug.bitasylum.net:4.0.3.06, penguin@loic.com:3.0, {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, silvermel@pardal.de:1.3.6, {333b42b0-9c75-11db-b606-0800200c9a66}:2.200100126"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =827316&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.CZE
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpplugin.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\
{07b2a769-ed19-4483-87ce-c643914c81bb}
{333b42b0-9c75-11db-b606-0800200c9a66}
{e7348bc0-16f6-11de-8c30-0800200c9a66}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-20 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-20 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
GretechBHO Class - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll [2012-04-24 2483320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk]
C:\PROGRA~2\TOSHIBA\TRDCRE~1\TRDCRE~1.EXE [2009-09-01 481184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-01-08 295072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-07 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-04-04 15:54:08 ----A---- C:\AdwCleaner[S1].txt
2013-04-04 15:53:53 ----A---- C:\AdwCleaner[R3].txt
2013-04-04 15:53:16 ----A---- C:\AdwCleaner[R2].txt
2013-04-04 15:52:43 ----A---- C:\AdwCleaner[R1].txt
2013-04-04 14:04:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-26 12:00:37 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-20 20:56:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-20 20:56:31 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-18 12:00:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-15 19:48:47 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-15 19:48:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-13 22:05:43 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-13 22:05:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 22:05:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-13 22:05:38 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 22:05:37 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 22:05:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 22:05:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-13 22:05:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-13 22:05:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-13 22:05:24 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 22:05:23 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 22:05:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-10 10:22:28 ----D---- C:\Program Files (x86)\Seznam.cz
2013-03-10 10:21:59 ----D---- C:\Users\Blanka\AppData\Roaming\Seznam.cz
======List of files/folders modified in the last 1 month======
2013-04-04 17:00:05 ----D---- C:\Windows\Temp
2013-04-04 17:00:04 ----D---- C:\Program Files\trend micro
2013-04-04 16:09:22 ----D---- C:\Windows\system32\config
2013-04-04 15:49:38 ----RD---- C:\Program Files (x86)
2013-04-04 15:44:03 ----D---- C:\Windows
2013-04-04 15:43:02 ----D---- C:\Windows\system32\drivers
2013-04-04 14:23:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-04 14:23:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2013-04-03 14:25:16 ----D---- C:\Windows\system32\catroot2
2013-04-02 21:07:24 ----SHD---- C:\System Volume Information
2013-04-02 11:05:45 ----D---- C:\Windows\System32
2013-04-02 11:05:45 ----D---- C:\Windows\inf
2013-04-02 11:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-01 20:14:49 ----D---- C:\Windows\Prefetch
2013-03-29 11:51:20 ----D---- C:\Users\Blanka\AppData\Roaming\Skype
2013-03-26 16:18:13 ----D---- C:\Windows\winsxs
2013-03-26 16:16:45 ----D---- C:\Windows\system32\DriverStore
2013-03-26 11:57:44 ----D---- C:\Windows\system32\catroot
2013-03-20 20:57:30 ----SHD---- C:\Windows\Installer
2013-03-20 20:56:51 ----D---- C:\Windows\SysWOW64
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-20 20:56:19 ----D---- C:\Program Files (x86)\Java
2013-03-20 09:34:02 ----D---- C:\Windows\rescache
2013-03-18 11:59:03 ----D---- C:\Windows\Downloaded Program Files
2013-03-18 11:58:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-18 11:49:12 ----D---- C:\Windows\debug
2013-03-16 21:18:09 ----D---- C:\Program Files (x86)\rajce
2013-03-15 19:48:54 ----D---- C:\Windows\system32\Tasks
2013-03-14 10:11:24 ----D---- C:\Windows\AppPatch
2013-03-14 10:11:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:11:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 10:11:21 ----D---- C:\Windows\system32\migration
2013-03-14 10:11:20 ----D---- C:\Program Files\Internet Explorer
2013-03-13 22:07:00 ----A---- C:\Windows\system32\MRT.exe
2013-03-10 10:21:21 ----D---- C:\ProgramData\Adobe
2013-03-10 10:21:16 ----D---- C:\Program Files (x86)\Adobe
2013-03-07 20:54:27 ----D---- C:\ProgramData\hps
2013-03-07 20:53:39 ----D---- C:\ProgramData\tmp
2013-03-07 01:32:22 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 19496]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 145448]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18 253656]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-04 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-26 1255736]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S4 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Blanka at 2013-04-04 17:00:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 152 GB (64%) free of 238 GB
Total RAM: 3835 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:18, on 4.4.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
C:\Program Files\trend micro\Blanka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... nkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: GomPicker - {F0181C6E-9218-4792-9F3C-E8DF52B2F1AC} - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11222 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
taskeng.exe {5B3AB430-DCC7-40A3-96A6-A86326133822}
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
WLIDSvcM.exe 2608
"C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4468.ccfce00.2072908007 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox" E7CF176E110C211B 4468 "\\.\pipe\gecko-crash-server-pipe.4468" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --proxy-stub-channel=Flash3960.6C491D80.8903 --host-broker-channel=Flash3960.6C491D80.15633 --host-pid=3960 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe" --channel=2228.0045F19C.964183790 --proxy-stub-channel=Flash3960.6C491D80.8903 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll" --host-npapi-version=27 --type=renderer
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Blanka\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1, personas@christopher.beard:1.6.2, silvermelxt@pardal.de:1.3.6, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, flaminglow-ff3-30@glowplug.bitasylum.net:4.0.3.06, penguin@loic.com:3.0, {e7348bc0-16f6-11de-8c30-0800200c9a66}:3.6.19.02.10, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91, silvermel@pardal.de:1.3.6, {333b42b0-9c75-11db-b606-0800200c9a66}:2.200100126"
prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=green ... =827316&p="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282]
"Description"=RealPlayer Download Plugin
"Path"=c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.180 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFFICE.DLL
nppdf32.CZE
nppdf32.dll
nppl3260.dll
nppl3260.xpt
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprpplugin.dll
QuickTimePlugin.class
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\
{07b2a769-ed19-4483-87ce-c643914c81bb}
{333b42b0-9c75-11db-b606-0800200c9a66}
{e7348bc0-16f6-11de-8c30-0800200c9a66}
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-20 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-20 170912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
GretechBHO Class - C:\Program Files (x86)\GRETECH\GomPicker\GomPickerBHO.dll [2012-04-24 2483320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]
TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-19 529784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2013-03-07 1497560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-03-07 1224568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-10 2052392]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2010-02-05 709976]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2010-03-10 520760]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-11-05 505696]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-09 52600]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2010-03-03 913720]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2010-03-17 1489760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [2010-03-09 1086760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher]
C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-10-19 238080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-08-13 570680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [2010-03-03 4581280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [2010-02-12 136136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO]
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [2010-02-11 1050072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-10-06 1294136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2010-03-09 595816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2010-03-03 35672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator]
C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [2009-11-11 24376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv]
C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2010-02-23 705368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk]
C:\PROGRA~2\TOSHIBA\TRDCRE~1\TRDCRE~1.EXE [2009-09-01 481184]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2010-02-24 2454840]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-15 98304]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-03-07 4767304]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-01-08 295072]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2012-09-13 1009288]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acrobat Assistant.lnk - C:\Program Files (x86)\Adobe\Acrobat 5.0 CE\Distillr\AcroTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-06-07 249344]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-04-04 15:54:08 ----A---- C:\AdwCleaner[S1].txt
2013-04-04 15:53:53 ----A---- C:\AdwCleaner[R3].txt
2013-04-04 15:53:16 ----A---- C:\AdwCleaner[R2].txt
2013-04-04 15:52:43 ----A---- C:\AdwCleaner[R1].txt
2013-04-04 14:04:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-03-26 12:00:37 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-20 20:56:51 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-20 20:56:31 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-18 12:00:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-03-15 19:48:47 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2013-03-15 19:48:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2013-03-13 22:05:43 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-03-13 22:05:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-03-13 22:05:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\url.dll
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-13 22:05:40 ----A---- C:\Windows\system32\ieui.dll
2013-03-13 22:05:39 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-03-13 22:05:38 ----A---- C:\Windows\system32\urlmon.dll
2013-03-13 22:05:37 ----A---- C:\Windows\system32\jscript9.dll
2013-03-13 22:05:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-13 22:05:35 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-03-13 22:05:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\wininet.dll
2013-03-13 22:05:33 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-03-13 22:05:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\vbscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\jscript.dll
2013-03-13 22:05:31 ----A---- C:\Windows\system32\iertutil.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-03-13 22:05:30 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-03-13 22:05:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-03-13 22:05:24 ----A---- C:\Windows\system32\mshtml.dll
2013-03-13 22:05:23 ----A---- C:\Windows\system32\ieframe.dll
2013-03-13 22:05:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-03-10 10:22:28 ----D---- C:\Program Files (x86)\Seznam.cz
2013-03-10 10:21:59 ----D---- C:\Users\Blanka\AppData\Roaming\Seznam.cz
======List of files/folders modified in the last 1 month======
2013-04-04 17:00:05 ----D---- C:\Windows\Temp
2013-04-04 17:00:04 ----D---- C:\Program Files\trend micro
2013-04-04 16:09:22 ----D---- C:\Windows\system32\config
2013-04-04 15:49:38 ----RD---- C:\Program Files (x86)
2013-04-04 15:44:03 ----D---- C:\Windows
2013-04-04 15:43:02 ----D---- C:\Windows\system32\drivers
2013-04-04 14:23:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2013-04-04 14:23:03 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2013-04-03 14:25:16 ----D---- C:\Windows\system32\catroot2
2013-04-02 21:07:24 ----SHD---- C:\System Volume Information
2013-04-02 11:05:45 ----D---- C:\Windows\System32
2013-04-02 11:05:45 ----D---- C:\Windows\inf
2013-04-02 11:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-04-01 20:14:49 ----D---- C:\Windows\Prefetch
2013-03-29 11:51:20 ----D---- C:\Users\Blanka\AppData\Roaming\Skype
2013-03-26 16:18:13 ----D---- C:\Windows\winsxs
2013-03-26 16:16:45 ----D---- C:\Windows\system32\DriverStore
2013-03-26 11:57:44 ----D---- C:\Windows\system32\catroot
2013-03-20 20:57:30 ----SHD---- C:\Windows\Installer
2013-03-20 20:56:51 ----D---- C:\Windows\SysWOW64
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\npdeployJava1.dll
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-20 20:56:22 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-20 20:56:19 ----D---- C:\Program Files (x86)\Java
2013-03-20 09:34:02 ----D---- C:\Windows\rescache
2013-03-18 11:59:03 ----D---- C:\Windows\Downloaded Program Files
2013-03-18 11:58:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-18 11:49:12 ----D---- C:\Windows\debug
2013-03-16 21:18:09 ----D---- C:\Program Files (x86)\rajce
2013-03-15 19:48:54 ----D---- C:\Windows\system32\Tasks
2013-03-14 10:11:24 ----D---- C:\Windows\AppPatch
2013-03-14 10:11:24 ----D---- C:\Program Files (x86)\Internet Explorer
2013-03-14 10:11:21 ----D---- C:\Windows\SYSWOW64\migration
2013-03-14 10:11:21 ----D---- C:\Windows\system32\migration
2013-03-14 10:11:20 ----D---- C:\Program Files\Internet Explorer
2013-03-13 22:07:00 ----A---- C:\Windows\system32\MRT.exe
2013-03-10 10:21:21 ----D---- C:\ProgramData\Adobe
2013-03-10 10:21:16 ----D---- C:\Program Files (x86)\Adobe
2013-03-07 20:54:27 ----D---- C:\ProgramData\hps
2013-03-07 20:53:39 ----D---- C:\ProgramData\tmp
2013-03-07 01:32:22 ----A---- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-07 65336]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-14 26840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-31 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-03-07 70992]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-07 1025808]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-07 377920]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-07 68920]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-07 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-07 80816]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys [2009-06-19 14472]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-03-15 6403072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-03-15 188928]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368]
R3 CnxtHdmiAudService;Conexant UAA HDMI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDMI64.sys [2010-03-05 720952]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2009-07-07 9216]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-02-22 75304]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 35008]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2009-10-02 946688]
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-10 316464]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2009-07-30 27784]
S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-07 178624]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-03-15 6403072]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-01 232992]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\Windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s916mdfl.sys [2007-11-02 19496]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s916mdm.sys [2007-11-02 145448]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-03-15 202752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-03-07 45248]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-01-28 249200]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-11-05 489312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-03-17 258928]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18 253656]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-04 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-02-11 124368]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-23 835952]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-26 1255736]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-01-15 935208]
S4 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2009-07-28 140632]
-----------------EOF-----------------
-
Mc_Murphy
- VIP in memoriam
- Příspěvky: 6706
- Registrován: 03 lis 2008 15:55
- Bydliště: Plzeň [ZČ]
- Kontaktovat uživatele:
Re: Vyskakující okno při startu
Fixni v HJT níže uvedené položky.
- Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
- Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
- Položky, které v seznamu nenajdeš, prostě přeskoč.
- HJT najdeš zde: C:\Program Files\trend micro\Blanka.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Dále stáhni utilitu OTM z jednoho z těchto odkazů:
- http://oldtimer.geekstogo.com/OTM.exe
- http://oldtimer.geekstogo.com/OTM.com
- http://oldtimer.geekstogo.com/OTM.scr
Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli, včetně té dvojtečky před Commands!):
Kód: Vybrat vše
:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]
:Services
gusvc
SkypeUpdate
AdobeFlashPlayerUpdateSvc
Nero BackItUp Scheduler 4.0
:Files
C:\ProgramData\Spybot - Search & Destroy
C:\Program Files (x86)\Spybot - Search & Destroy
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml
C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk
C:\AdwCleaner[S1].txt
C:\AdwCleaner[R3].txt
C:\AdwCleaner[R2].txt
C:\AdwCleaner[R1].txt
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"TkBellExe"=-
"Adobe ARM"=-
"seznam-listicka-distribuce"=-
"SunJavaUpdateSched"=-Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\
--- ... I'm moving on, I'm moving on, I'm moving on by the Spirit.
- You gave me love, I've found my identity, found my identity.
I'm moving on, I'm moving on, I'm moving on by the Spirit.- You gave me hope, I've found my identity in Christ...
Re: Vyskakující okno při startu
tak jsem tu, zde log:
All processes killed
========== COMMANDS ==========
Restore point Set: OTM Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Blanka
->Temp folder emptied: 3513808 bytes
->Temporary Internet Files folder emptied: 4898320 bytes
->Java cache emptied: 6103996 bytes
->FireFox cache emptied: 257594105 bytes
->Flash cache emptied: 4192 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4706 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 672 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 7233 bytes
Total Files Cleaned = 260,00 mb
[EMPTYFLASH]
User: All Users
User: Blanka
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
========== SERVICES/DRIVERS ==========
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== FILES ==========
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FC8.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A97.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP68D1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AE2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8AE2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9108.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0F2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA7C5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA9C9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB55A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE501.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFBBC.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP11FA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1795.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP253C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP254B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2E03.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP39B5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP41E0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5E08.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6103.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP644D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6D72.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP74F0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8017.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8547.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD6F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB404.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB59F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC208.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDC99.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE8C9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEF00.tmp folder moved successfully.
C:\Windows\Installer\MSI4F77.tmp moved successfully.
C:\Windows\Installer\MSI552B.tmp moved successfully.
C:\Windows\Installer\MSIDEC2.tmp moved successfully.
C:\Windows\Installer\MSIE938.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt13DD.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt13ED.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1776.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1802.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1959.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt19C6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A24.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A5.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A62.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1CD2.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1E58.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt22BC.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt25C8.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2960.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2BC0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2EDC.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt313C.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt316B.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt32C2.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3A70.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt475B.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt5EF0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt9A0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtAA23.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtB626.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD5D4.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtDA6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEA0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF0B4.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF4F8.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF7C6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtFFD1.tmp moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\META-INF folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk moved successfully.
C:\AdwCleaner[S1].txt moved successfully.
C:\AdwCleaner[R3].txt moved successfully.
C:\AdwCleaner[R2].txt moved successfully.
C:\AdwCleaner[R1].txt moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 04042013_202428
Files moved on Reboot...
C:\Users\Blanka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
Restore point Set: OTM Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Blanka
->Temp folder emptied: 3513808 bytes
->Temporary Internet Files folder emptied: 4898320 bytes
->Java cache emptied: 6103996 bytes
->FireFox cache emptied: 257594105 bytes
->Flash cache emptied: 4192 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4706 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 672 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67978 bytes
RecycleBin emptied: 7233 bytes
Total Files Cleaned = 260,00 mb
[EMPTYFLASH]
User: All Users
User: Blanka
->Flash cache emptied: 0 bytes
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
========== SERVICES/DRIVERS ==========
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service Nero BackItUp Scheduler 4.0 stopped successfully!
Service Nero BackItUp Scheduler 4.0 deleted successfully!
========== FILES ==========
C:\ProgramData\Spybot - Search & Destroy\Recovery folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy\Logs folder moved successfully.
C:\ProgramData\Spybot - Search & Destroy folder moved successfully.
C:\Program Files (x86)\Spybot - Search & Destroy folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2FC8.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4A97.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP68D1.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6AE2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8AE2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9108.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA0F2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA7C5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA9C9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB55A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE501.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPFBBC.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP11FA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1795.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP253C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP254B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2E03.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP39B5.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP41E0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5E08.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6103.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP644D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6D72.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP74F0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8017.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8547.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAD6F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB404.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB59F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC208.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDC99.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE8C9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEF00.tmp folder moved successfully.
C:\Windows\Installer\MSI4F77.tmp moved successfully.
C:\Windows\Installer\MSI552B.tmp moved successfully.
C:\Windows\Installer\MSIDEC2.tmp moved successfully.
C:\Windows\Installer\MSIE938.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt13DD.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt13ED.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1776.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1802.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1959.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt19C6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A24.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A5.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1A62.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1CD2.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1E58.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt22BC.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt25C8.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2960.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2BC0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt2EDC.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt313C.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt316B.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt32C2.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt3A70.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt475B.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt5EF0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt9A0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtAA23.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtB626.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD5D4.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtDA6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtEA0.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF0B4.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF4F8.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF7C6.tmp moved successfully.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtFFD1.tmp moved successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg_igeared.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\META-INF folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Blanka\AppData\Roaming\Mozilla\Firefox\Profiles\ptcpvet8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk moved successfully.
C:\AdwCleaner[S1].txt moved successfully.
C:\AdwCleaner[R3].txt moved successfully.
C:\AdwCleaner[R2].txt moved successfully.
C:\AdwCleaner[R1].txt moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0181C6E-9218-4792-9F3C-E8DF52B2F1AC}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartFaceVWatcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSHIBA Online Product Information\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba TEMPRO\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosVolRegulator\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosWaitSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Blanka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TRDCReminder.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
OTM by OldTimer - Version 3.1.21.0 log created on 04042013_202428
Files moved on Reboot...
C:\Users\Blanka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Přispějete na provoz fóra?