win8 a nechteny uzivatelsky ucet

Příspěvekod **jaro3** » 19 črc 2013 23:39

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Reklama

Kamos · Příspěvekod **Kamos** » 20 črc 2013 01:29

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.07.19.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Karel :: DOMA [administrátor]

Ochrana: Povolena

20. 7. 2013 1:25:51
mbam-log-2013-07-20 (01-25-51).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 238860
Uplynulý čas: 2 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

--- Doplnění předchozího příspěvku (Sob Črc 20, 2013 1:34 am) ---

# AdwCleaner v2.306 - Log vytvooen 20/07/2013 v 01:30:15
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 8 Pro (64 bits)
# Uživatel : Karel - DOMA
# Spuštin systém : Normální
# Spuštino z : C:\Users\Karel\Desktop\AdwCleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\Users\Karel\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\CT2832595
Složka Vymazáno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\extensions\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}
Složka Vymazáno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\Smartbar
Složka Vymazáno : C:\Users\Karel\AppData\Roaming\OpenCandy
Soubor Vymazáno : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\searchplugins\Askcom.xml

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v22.0 (cs)

Soubor : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\prefs.js

C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\user.js ... Vymazáno !

Vymazáno : user_pref("CT2832595.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT2832595.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Vymazáno : user_pref("CT2832595.FF19Solved", "true");
Vymazáno : user_pref("CT2832595.FirstTime", "true");
Vymazáno : user_pref("CT2832595.FirstTimeFF3", "true");
Vymazáno : user_pref("CT2832595.UserID", "UN27349880252878010");
Vymazáno : user_pref("CT2832595.activeToolbar.enc", "c3RhZW1tZQ==");
Vymazáno : user_pref("CT2832595.addressBarTakeOverEnabledInHidden", "true");
Vymazáno : user_pref("CT2832595.addressUrlXPETakeover", "true");
Vymazáno : user_pref("CT2832595.autoDisableScopes", -1);
Vymazáno : user_pref("CT2832595.browser.search.defaultthis.engineName", true);
Vymazáno : user_pref("CT2832595.countryCode", "CZ");
Vymazáno : user_pref("CT2832595.defaultSearch", "false");
Vymazáno : user_pref("CT2832595.embeddedsData", "[{\"appId\":\"129333561190981396\",\"apiPermissions\":{\"cross[...]
Vymazáno : user_pref("CT2832595.enableFix404ByUser", "FALSE");
Vymazáno : user_pref("CT2832595.enableSearchFromAddressBar", "true");
Vymazáno : user_pref("CT2832595.firstTimeDialogOpened", "true");
Vymazáno : user_pref("CT2832595.fixPageNotFoundErrorByUser", "TRUE");
Vymazáno : user_pref("CT2832595.fixPageNotFoundErrorInHidden", "true");
Vymazáno : user_pref("CT2832595.fixUrls", true);
Vymazáno : user_pref("CT2832595.fullUserID", "UN27349880252878010.IN.20130630101132");
Vymazáno : user_pref("CT2832595.homepageuserchanged", true);
Vymazáno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_flags.APP_WIN_FEATURES.enc", "cmVzaXphYmxl[...]
Vymazáno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_staemme.APP_WIN_FEATURES.enc", "cmVzaXphYm[...]
Vymazáno : user_pref("CT2832595.hxxp___toolbar_innogames_de_toolbars_switch.APP_WIN_FEATURES.enc", "cmVzaXphYmx[...]
Vymazáno : user_pref("CT2832595.installDate", "30/06/2013 10:11:31");
Vymazáno : user_pref("CT2832595.installSessionId", "47D998F1-E920-4EE2-8595-AB4255411AD8");
Vymazáno : user_pref("CT2832595.installSp", "false");
Vymazáno : user_pref("CT2832595.installType", "xpe");
Vymazáno : user_pref("CT2832595.isCheckedStartAsHidden", true);
Vymazáno : user_pref("CT2832595.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT2832595.isFirstTimeToolbarLoading", "false");
Vymazáno : user_pref("CT2832595.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Vymazáno : user_pref("CT2832595.keyword", "true");
Vymazáno : user_pref("CT2832595.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.condui[...]
Vymazáno : user_pref("CT2832595.lastVersion", "10.16.4.519");
Vymazáno : user_pref("CT2832595.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Vymazáno : user_pref("CT2832595.migrateAppsAndComponents", true);
Vymazáno : user_pref("CT2832595.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Vymazáno : user_pref("CT2832595.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Vymazáno : user_pref("CT2832595.openThankYouPage", "false");
Vymazáno : user_pref("CT2832595.openUninstallPage", "true");
Vymazáno : user_pref("CT2832595.originalHomepage", "hxxp://www.seznam.cz/");
Vymazáno : user_pref("CT2832595.originalSearchAddressUrl", "");
Vymazáno : user_pref("CT2832595.originalSearchEngine", "Google");
Vymazáno : user_pref("CT2832595.revertSettingsEnabled", "false");
Vymazáno : user_pref("CT2832595.search.searchAppId", "129333561190981396");
Vymazáno : user_pref("CT2832595.search.searchCount", "2");
Vymazáno : user_pref("CT2832595.searchInNewTabEnabledByUser", "false");
Vymazáno : user_pref("CT2832595.searchInNewTabEnabledInHidden", "true");
Vymazáno : user_pref("CT2832595.searchRevert", "false");
Vymazáno : user_pref("CT2832595.searchSuggestEnabledByUser", "true");
Vymazáno : user_pref("CT2832595.searchUserMode", "1");
Vymazáno : user_pref("CT2832595.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Vymazáno : user_pref("CT2832595.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Vymazáno : user_pref("CT2832595.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Vymazáno : user_pref("CT2832595.serviceLayer_services_Configuration_lastUpdate", "1372676298384");
Vymazáno : user_pref("CT2832595.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1372579900316");
Vymazáno : user_pref("CT2832595.serviceLayer_services_appsMetadata_lastUpdate", "1372725652381");
Vymazáno : user_pref("CT2832595.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1372579900146");
Vymazáno : user_pref("CT2832595.serviceLayer_services_login_10.16.4.19_lastUpdate", "1372638115541");
Vymazáno : user_pref("CT2832595.serviceLayer_services_login_10.16.4.519_lastUpdate", "1372743983814");
Vymazáno : user_pref("CT2832595.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1372579900230");
Vymazáno : user_pref("CT2832595.serviceLayer_services_searchAPI_lastUpdate", "1372676298394");
Vymazáno : user_pref("CT2832595.serviceLayer_services_serviceMap_lastUpdate", "1372676298226");
Vymazáno : user_pref("CT2832595.serviceLayer_services_setupAPI_lastUpdate", "1372589898454");
Vymazáno : user_pref("CT2832595.serviceLayer_services_toolbarContextMenu_lastUpdate", "1372579899786");
Vymazáno : user_pref("CT2832595.serviceLayer_services_toolbarSettings_lastUpdate", "1372751183958");
Vymazáno : user_pref("CT2832595.serviceLayer_services_translation_lastUpdate", "1372752700528");
Vymazáno : user_pref("CT2832595.settingsINI", true);
Vymazáno : user_pref("CT2832595.shouldFirstTimeDialog", "false");
Vymazáno : user_pref("CT2832595.showToolbarPermission", "false");
Vymazáno : user_pref("CT2832595.smartbar.CTID", "CT2832595");
Vymazáno : user_pref("CT2832595.smartbar.Uninstall", "0");
Vymazáno : user_pref("CT2832595.smartbar.homepage", true);
Vymazáno : user_pref("CT2832595.smartbar.isHidden", false);
Vymazáno : user_pref("CT2832595.smartbar.toolbarName", "InnoGames International ");
Vymazáno : user_pref("CT2832595.staemme_token_cz.enc", "ZWUwMjhlMWZkNThhMzlkMDdlZWQzOWVhNDFmNzNkMDcyMTg4OTQyZQ=[...]
Vymazáno : user_pref("CT2832595.staemme_username_cz.enc", "TFdkc2RXMDBMUT09");
Vymazáno : user_pref("CT2832595.staemme_village_cs30.enc", "MjQ2ODY=");
Vymazáno : user_pref("CT2832595.startPage", "false");
Vymazáno : user_pref("CT2832595.toolbarBornServerTime", "30-6-2013");
Vymazáno : user_pref("CT2832595.toolbarCurrentServerTime", "2-7-2013");
Vymazáno : user_pref("CT2832595.toolbarDisabled", "true");
Vymazáno : user_pref("CT2832595.toolbarLoginClientTime", "Sun Jun 30 2013 10:11:40 GMT+0200");
Vymazáno : user_pref("CT2832595.toolbarUrl.enc", "aHR0cDovL3Rvb2xiYXIuaW5ub2dhbWVzLmRlL3Rvb2xiYXJzL3N0YWVtbWUvd[...]
Vymazáno : user_pref("CT2832595.toolbar_market.enc", "Y3o=");
Vymazáno : user_pref("CT2832595_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Vymazáno : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Vymazáno : user_pref("browser.search.defaultengine", "Ask.com");
Vymazáno : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Vymazáno : user_pref("browser.search.order.1", "Ask.com");
Vymazáno : user_pref("smartbar.addressBarOwnerCTID", "CT2832595");
Vymazáno : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?octid=CT2832595&ctid=CT2832595[...]
Vymazáno : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Vymazáno : user_pref("smartbar.defaultSearchOwnerCTID", "CT2832595");
Vymazáno : user_pref("smartbar.homePageOwnerCTID", "CT2832595");
Vymazáno : user_pref("smartbar.machineId", "65PFV6H/HVB7QVFU5O64IKCNSIMPRRLTPXBGAAOE3RTUVE86SLR7BAUN6ETDNLR5UVY[...]

Soubor : C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\87dwdldz.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.29] : icon_url = "hxxp://www.ask.com/favicon.ico",
Vymazáno [l.32] : keyword = "ask.com",
Vymazáno [l.36] : search_url = "hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=6E[...]
Vymazáno [l.37] : suggest_url = "hxxp://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms[...]

*************************

AdwCleaner[R1].txt - [12794 octets] - [19/07/2013 12:11:07]
AdwCleaner[R2].txt - [12733 octets] - [19/07/2013 23:51:48]
AdwCleaner[R3].txt - [12794 octets] - [20/07/2013 01:29:38]
AdwCleaner[S1].txt - [12709 octets] - [20/07/2013 01:30:15]

########## EOF - C:\AdwCleaner[S1].txt - [12770 octets] ##########

--- Doplnění předchozího příspěvku (Sob Črc 20, 2013 1:44 am) ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows 8 Pro x64
Ran by Karel on so 20. 07. 2013 at 1:36:00,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7717C5FC-C00D-4466-94C2-2B7F805774D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{F53C5159-3549-49E7-B055-5148E2972B91}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\driver-soft"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

~~~ FireFox

Emptied folder: C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\minidumps [31 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 20. 07. 2013 at 1:43:38,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- Doplnění předchozího příspěvku (Sob Črc 20, 2013 1:49 am) ---

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Karel [Práva správce]
Mód : Kontrola -- Datum : 07/20/2013 01:48:14
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1999660442-3509506789-3362239459-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1999660442-3509506789-3362239459-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FF][PROXY] dum2y98l.default : user_pref("network.proxy.hxxp", "41.222.196.52"); -> NALEZENO
[FF][PROXY] dum2y98l.default : user_pref("network.proxy.hxxp_port", 8080); -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAJS-07M0A0 ATA Device +++++
--- User ---
[MBR] f1142a3f7bc23647faa17b8351f66c63
[BSP] 2c5cf0f904e4ebc0bfebef37768e5bca : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152624 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 312578048 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD3200AAJS-07M0A0 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07202013_014814.txt >>

Příspěvekod **jaro3** » 20 črc 2013 11:41

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Kamos · Příspěvekod **Kamos** » 20 črc 2013 22:19

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Karel [Práva správce]
Mód : Odebrat -- Datum : 07/20/2013 12:13:08
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\17648libfoxloader-x64.dll [x] ->
[SUSP PATH][WHITELIST] explorer.exe -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\17648libfoxloader-x64.dll [x] ->
[SUSP PATH] szndesktop.exe -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] listicka-x64.exe -- C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe [7] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKCU\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1999660442-3509506789-3362239459-1001\[...]\Run : cz.seznam.software.autoupdate ("C:\Users\Karel\AppData\Roaming\Seznam.cz\szninstall.exe" -c [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[RUN][SUSP PATH] HKUS\S-1-5-21-1999660442-3509506789-3362239459-1001\[...]\Run : cz.seznam.software.szndesktop ("C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [7]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 2 ¤¤¤
[FF][PROXY] dum2y98l.default : user_pref("network.proxy.hxxp", "41.222.196.52"); -> NEBYLO ODSTRANĚNO, POUŽIJTE PROXYFIX
[FF][PROXY] dum2y98l.default : user_pref("network.proxy.hxxp_port", 8080); -> NEBYLO ODSTRANĚNO, POUŽIJTE PROXYFIX

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAJS-07M0A0 ATA Device +++++
--- User ---
[MBR] f1142a3f7bc23647faa17b8351f66c63
[BSP] 2c5cf0f904e4ebc0bfebef37768e5bca : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152624 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 312578048 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD3200AAJS-07M0A0 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07202013_121308.txt >>
RKreport[0]_S_07202013_014814.txt;RKreport[0]_S_07202013_121300.txt

Příspěvekod **jaro3** » 21 črc 2013 00:14

OTL Extras logfile created on: 20. 7. 2013 12:17:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karel\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

6,00 Gb Total Physical Memory | 4,40 Gb Available Physical Memory | 73,38% Memory free
12,00 Gb Paging File | 10,31 Gb Available in Paging File | 85,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 85,91 Gb Free Space | 57,64% Space Free | Partition Type: NTFS
Drive D: | 931,39 Gb Total Space | 159,66 Gb Free Space | 17,14% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 108,19 Gb Free Space | 72,59% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044D3F56-93CC-403A-A62B-EE34D67008AD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0E428D95-0FFF-455B-B3F6-6CF30CA0267B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17FB2CDE-BC74-40FE-824F-73ECB018A700}" = lport=445 | protocol=6 | dir=in | app=system |
"{1CB8451A-E1A6-4987-89BC-8C4775B9EB2D}" = rport=138 | protocol=17 | dir=out | app=system |
"{1EC52A18-BBF4-459C-9EF7-C21BDD1385DF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2504D578-82B1-4325-9721-611DF48605DB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2778F3B1-AA8D-4703-8B4A-A67FA6D9701D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2EB1F1F7-56B7-44D5-A755-2B55FE788AF6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4AA72022-64C7-462E-94F9-744B6C10331E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54251C67-D5E5-41D4-901B-A71C04AEDFC8}" = lport=137 | protocol=17 | dir=in | app=system |
"{57F922AB-82CB-4BE4-9B39-32C8E942CA05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5E14AD9A-EA11-4830-B0CE-8E93CB6154A0}" = lport=59069 | protocol=17 | dir=in | name=pando media booster |
"{61831212-BA40-48C6-AEB8-6841CBF67CFA}" = lport=138 | protocol=17 | dir=in | app=system |
"{68CA4C07-3E67-4EE2-BD8A-19C4220DC70D}" = lport=139 | protocol=6 | dir=in | app=system |
"{6BB507E8-7023-42AB-BB73-8A3B58E8F449}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{70F0669C-3BE4-4F5A-8368-EDBC13B7EE7E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7CF07D40-55E0-4240-AF88-6BF36ABA49F5}" = lport=59069 | protocol=6 | dir=in | name=pando media booster |
"{842FB606-8231-4D9B-AFB2-DA64A1275823}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{873FC32F-22F9-4FC2-ADFB-0865728D8899}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8F8AAB5D-DC57-43C0-8BB6-D6D87F05993B}" = rport=139 | protocol=6 | dir=out | app=system |
"{ADBEFA06-70ED-4F46-886E-FC18A4C0BBFB}" = lport=59069 | protocol=6 | dir=in | name=pando media booster |
"{B256FA8D-EA06-42B6-9AD6-C1FEC916FC80}" = rport=137 | protocol=17 | dir=out | app=system |
"{BD170E88-D83A-488D-8E4D-19E6811F36AC}" = rport=445 | protocol=6 | dir=out | app=system |
"{BD960BF0-BF60-429D-B2DF-38154B529056}" = lport=59069 | protocol=17 | dir=in | name=pando media booster |
"{C16AFE6F-023A-49DA-B434-6E581AA0E9F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFA1E01C-EE2D-4614-846C-01E11E36F8B2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007291BF-B395-4698-A445-02E0345FFF42}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{011D4FB0-5D3F-4FCA-9DF0-8561E2D9ADEE}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{02B648C9-08C3-4159-85D5-8BD5EF330FAC}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0753FC5C-81ED-4850-99F8-DBEF2243616A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{078BD568-9D89-4A22-A6B3-E92707B0E8CC}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{0C2DD2F3-7C65-4E66-9C58-ADD28590BADE}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{10F458B1-391F-41B0-A48C-0F0A354AD021}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{113A12A9-69ED-4BF1-86FA-3DD0CFD414E4}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{12604A1E-9A79-4AD2-90CF-9869930424B0}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{14FEAD01-A899-432A-AC44-7F312D0B9985}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{155AF618-42D7-4AEA-A22D-BF379783BBA7}" = protocol=6 | dir=out | app=system |
"{1840D49A-CB55-4BD6-AADE-C8D462F59A96}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{1CDEB594-0611-448F-8C72-34072E646C75}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D573BAE-758D-4843-ABED-F5A53E0B8B1C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{1F22C091-C430-4297-9464-71FD728D0B6B}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{1F262394-F1DE-4D2D-8B82-5542907008EE}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{1F44911A-BDE8-4F26-BE56-EFE9C2A481BE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{21796714-1A02-4D79-B3B5-C91AC4008BAA}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{21CA46F1-0A60-4BA8-B5E1-FB327E17812A}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{252F05B2-2ECB-4ED5-9F0B-E7263DB5FE3B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{26DAC405-9AD4-456D-9270-ACA9EDD63D11}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{28E64872-7DE6-40BD-A67B-8C95E0EB69DE}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{29A8C1DE-1EBB-4DDE-A194-1D36F1535C49}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{2C188CAB-F8B2-46C1-8AAB-8CCE85FF8FC5}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{2D3A0461-8A19-47D8-B81B-43FB05F4E11E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2DA61ECD-02FF-42A8-820B-CAABBBBCD10A}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{2E897759-FCEE-4FFB-8EC8-C1DEEC1F4934}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2F50D5A4-E5D6-480E-8C13-008B6F686BD2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{305BC01C-2D68-4A27-98C9-442BA5F0DC3F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{344C7AE3-5D0E-4D6B-9841-302443E2F45A}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{34E9569E-5715-4DF3-84B2-4994BA01D61C}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{36037133-AD3C-4987-AF69-E4726065BD72}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3736F135-1653-4E7A-8C94-28777D598AFA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{3911D700-7B42-4638-88DB-E92E449880C9}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3C95DE65-6C9E-4304-9C7A-E51807391130}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3E3081D4-848B-4E19-9AFB-5FC852061C3A}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3E9FD514-3D8D-4D56-B3E7-F235875C7099}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{40A41295-7F63-490D-BB30-62F1AC9F049F}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{40CF4A0A-05D2-4692-B2E5-394D76741ED2}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{432F57B8-8E66-4FE1-A086-A6C21F553888}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{444E3DFA-D039-408D-BA4F-34B8B59812D2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4568124E-1510-406C-A98F-B54FDE2E5ED3}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{466A0D4C-F3AE-4377-921C-C3DA20F1B6CD}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{475EB8E2-5C0F-4B8C-9FB4-74E732711998}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{4834F675-09F5-42F8-8DED-F2FBD0BBA12C}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{48C9003B-163B-4E84-A515-9FDBC5AF0080}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{48FF241B-E8D4-4B7D-BBC7-310710F80C60}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4A727F54-44BC-402D-96AD-EF507260905C}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4A839402-B9C1-4EA4-A03A-752B020EC0C2}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4B1D046C-88CF-434A-92FE-38C5953225AE}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{4B686FF7-3ABA-4BDA-855B-6FDDAE3C8476}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{50EE5374-1FF5-4A27-B87F-F7C337C158A2}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{51447866-C118-4D8A-AB2B-2140F73A486B}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{5183B10B-BEFB-499E-8871-5F0DF56E22A0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{51C960FB-9C0E-4D6C-8DC0-0FBA5BF51A0C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{55ACC17D-8993-43CF-BDEA-2F9DA722D4C6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{55D1FCEB-199C-43F6-B90A-E352FABCEDAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{56449EFB-CF8E-41DB-A736-082EEDDBDEF6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{57AE4AB9-D3C0-4AA5-8921-30C8C1FD80B6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{580799EC-F12A-4978-A8EC-01487EE158B6}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{58270596-7744-4DDF-A02B-99933E5D3CE9}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{58AB6E41-0D81-44FF-BF64-9F7C0120BC1F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5908D77F-0807-421A-91D5-BB8A74690584}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{5D0F8CDA-ADAA-4BAD-98A6-107FFD67BB88}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{655AA284-7F44-4034-8B4A-A6B1C06CCDF4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{68EB9D49-12D7-4EE8-BB9B-B8C0E25ADC4D}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{6BA28929-2754-4E98-9D3A-44A49D0750B2}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{6C033744-5020-4116-9380-11739E586235}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6DAC655C-C682-4B6C-9021-F235AA211EC1}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6FF882ED-354E-414F-BD7A-F2E1379CE1CA}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{750CDCB7-4120-4464-B578-F018CB98B104}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{768CD518-7DB6-44E0-8B0E-E2746429AB8A}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{78E3AD8B-4A9B-49D4-97CB-DF3952E01BC3}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{795FBAA3-DBE2-43AB-A80D-FF2316974545}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7C14E672-F964-4DD4-8C15-04531EF8A2DE}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{7C730E60-0218-43C9-8B98-AA6C4DCA9D1D}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{7F5F642B-9DF7-4E58-BDA6-5A255631175E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{7F9780D8-F84D-445C-9900-807E98AEABF6}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{85A2F7AD-C4A3-4064-9216-4D15A1FCE5C9}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{8624A89A-9CAE-4216-A743-C8E89301E0B8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{864CA2A4-BD8F-4FE9-A030-079C5507C1CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86916FAC-15E6-4228-BC41-0900930C47F9}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{87459CC7-A0C5-41D2-B621-D8E642EE0693}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{8849A966-9D7F-4C83-941E-182B9F3A1590}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{8CE62245-3FC3-4372-B749-702C93CD4DAF}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{8FD96542-DFE0-40D2-8009-5E8885851822}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{903120EB-B3A0-4F87-A7D7-9D5410422DFF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2006\agent.exe |
"{918153BD-705D-4EEA-8778-86CA36A5D1A0}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{92F675C2-112E-4432-B018-D0E46839EFC2}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{94EFA9F0-B69B-40A3-89B5-C83CD1A19F89}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{9539CEF9-1DF3-4101-ADCA-AB4629013BB6}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{96F6544D-D3A5-452F-85AD-12DA66950337}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{97CDE0A0-B9AF-45A6-AF59-44CDAA4E5079}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9B5A4FC2-F829-4CC5-89FF-B2548EE27DBF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9EB065EF-C65B-4414-9345-ACCE6C65D029}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A32D337F-B69D-491B-8D47-A0EB5650F362}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A6DF7D56-A30C-4530-A716-32F8ACD56E5D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{A740781C-81A1-4453-9ABB-4C9B6859CBA2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A78D92C4-858A-4AFC-95EB-EF6F6086180A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{A7BC2F06-38C2-420C-878E-368D568D05EE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{A9B95BF1-8760-4A68-97EA-996896AD86B7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{AC46D779-73A7-481F-ACDE-5EEB9CCE69CC}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{AE867B27-3189-4B61-A1A7-CBAF9733F769}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AFE5F7FC-58E6-4BED-946B-07CD7CB5F9C3}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B0387F0F-A531-444E-BB9D-16FF0BB189E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B25CEA3B-5F6C-4CD5-9619-DAAEC11558D6}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{B3281471-B6B5-4756-A166-20CFCAAB8443}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{B33302A1-CBB3-43C1-B014-C29CD99CD98A}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{B6DBBFA4-9CD7-4DBE-813A-0846364D58A1}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B7D07CB5-F4B6-48C4-BD3E-29A1F46ACDF8}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{BA730A02-AD1E-464F-B9F5-AA43E682FDE1}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{BAEC2E40-596B-4E7C-9D81-9515966841B8}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BB7070D3-4A4E-4708-8FCE-C9270C5F54FD}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{BB9ADFB8-F0EB-4962-A3DC-A2AE879A41C4}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{BC55FD0D-B639-4547-BDBC-38329D1C0901}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{BCA46B13-DB24-412E-B237-6774854DC057}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{BE3EDDEA-F101-4268-AE01-80C0294226FC}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C304985A-C19D-4DA4-8315-9EE506D57BB1}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C4DF2E32-DCDD-48A9-A065-98C8AAA587D6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C61E6B4B-A3FE-4C24-BEB3-656C8683A7A6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{C68E9686-5D55-4768-9514-FFFB3E74AE8D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C7BC49A7-EB24-46D3-A2C4-AD31B4522668}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C82A2B2E-45A1-42D4-A597-71847811EB8B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C8B64BCE-E834-4AEA-B891-78B261759652}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD0B13B5-7F88-4EFC-828A-F36B2A676C92}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D756D057-92E8-48F9-9885-63C402BDA6A6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D7D60BAB-AA02-4D8F-9ED1-2D5F091B771A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D7E95241-7E9C-43C4-B20A-C738C32AB535}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D9EECA0A-FB39-4927-A9D8-6839B0B189AA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{DB10B5AF-F807-4ACC-9EF4-4BC0434EB890}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E09D46F1-19C8-4B47-8E3A-B4B3E3B21A1E}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{E0B1EEC3-157C-4A18-B817-CF77B43F0838}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{E10E2488-BA9E-41DC-B603-D5C5D7730527}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{E5D663E7-8FC0-415E-BBF2-BF8DB06DA59B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7A79A90-DD92-40CA-9BC4-C9116F01AE71}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E858E35D-A44B-4CC6-BE1C-08528998942B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E87C1772-1E80-4617-AD92-D4C190F2C8FC}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E9933E6B-6A42-4ACC-B5E7-028653DB424C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E9DFD1BE-73D6-43DF-AB22-A7057DEEC443}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F0C943E1-1E33-45AD-8BF2-8FE624218191}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F0CF7EA1-27E6-470B-A16F-743525DF401A}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F27C3F8A-0F64-44F5-8171-90C043FDA9DF}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F2C58E2D-793D-4658-A305-FCB4F8B1B922}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F4063E22-72A3-48AE-9BB5-8ECB32A990D4}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F63D02C4-EF83-4789-B4BD-A707FF6122D2}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F6751FF4-425F-4CF6-895B-8BBF0A5CA2AC}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FD90F718-1F28-406C-B5AF-B67E05DAFA67}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FE292018-089A-42A2-B5E9-E39D1FAB5974}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{FEC77301-059F-4219-9A4B-7D264BC998E2}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{AEC2C00D-1E7E-45E3-9058-81EA2446B3CD}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-1000-0000000FF1CE}_Office14.PROPLUSR_{4B806706-B352-42E8-8C8B-5CEBCEDBC4E0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{715203B3-AD16-41A4-B13C-E1065EAB8963}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{15D45352-C443-406A-9DF2-EF4A750A40CF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{4B8654FE-410D-462C-9B3C-09D031BF4534}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}_Office14.PROPLUSR_{9F412D54-AC04-46F9-AFE7-FE15DC0147A0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play version 1.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.4.0 "Legend"
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B6ADD537-BDC9-4D2B-B135-01C261D675BC}" = StartW8 1.1.34.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{E0363CCC-3535-4BAA-9F2C-200F548675D6}" = TuneUp Utilities Language Pack (cs-CZ)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Diablo III" = Diablo III
"GOM Player" = GOM Player
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Neverwinter" = Neverwinter
"Opera 15.0.1147.148" = Opera Stable 15.0.1147.148
"PlayerScore" = PlayerScore
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"SeznamInstall" = Seznam Software
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20. 7. 2013 0:31:45 | Computer Name = Doma | Source = SideBySide | ID = 16842830
Description = Generování kontextu aktivace pro D:\Nová složka\film\SoftonicDownloader_for_hamachi.exe
se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná
aplikací je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní
součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error - 20. 7. 2013 4:37:08 | Computer Name = Doma | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Aplikace windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
se nespustila ve stanovenou dobu.

Error - 20. 7. 2013 5:37:42 | Computer Name = Doma | Source = Application Error | ID = 1000
Description = Název chybující aplikace: egui.exe, verze: 6.0.316.0, časové razítko:
0x514b13e3 Název chybujícího modulu: egui.exe, verze: 6.0.316.0, časové razítko:
0x514b13e3 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000d48d3 ID chybujícího
procesu: 0xf54 Čas spuštění chybující aplikace: 0x01ce852c89d82263 Cesta k chybující
aplikaci: C:\Program Files\ESET\ESET Smart Security\egui.exe Cesta k chybujícímu
modulu: C:\Program Files\ESET\ESET Smart Security\egui.exe ID zprávy: 06299498-f120-11e2-be86-001d923bc235
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 20. 7. 2013 5:41:44 | Computer Name = Doma | Source = Application Error | ID = 1000
Description = Název chybující aplikace: egui.exe, verze: 6.0.316.0, časové razítko:
0x514b13e3 Název chybujícího modulu: egui.exe, verze: 6.0.316.0, časové razítko:
0x514b13e3 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000131a6 ID chybujícího
procesu: 0xd0c Čas spuštění chybující aplikace: 0x01ce852cd6ca1681 Cesta k chybující
aplikaci: C:\Program Files\ESET\ESET Smart Security\egui.exe Cesta k chybujícímu
modulu: C:\Program Files\ESET\ESET Smart Security\egui.exe ID zprávy: 9655296a-f120-11e2-be86-001d923bc235
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

[ System Events ]
Error - 20. 7. 2013 4:55:01 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:37 | Computer Name = Doma | Source = Service Control Manager | ID = 7022
Description = Služba ESET Service přestala během spouštění reagovat.

Error - 20. 7. 2013 5:35:50 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:51 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:51 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:51 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:52 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:52 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 5:35:52 | Computer Name = Doma | Source = DCOM | ID = 10016
Description =

Error - 20. 7. 2013 6:05:56 | Computer Name = Doma | Source = Service Control Manager | ID = 7030
Description = Služba ESET Service je označena jako interaktivní služba. Avšak systém
je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude
fungovat správně.

< End of report >

Příspěvekod **jaro3** » 21 črc 2013 00:15

OTL logfile created on: 20. 7. 2013 12:17:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karel\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

6,00 Gb Total Physical Memory | 4,40 Gb Available Physical Memory | 73,38% Memory free
12,00 Gb Paging File | 10,31 Gb Available in Paging File | 85,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 149,05 Gb Total Space | 85,91 Gb Free Space | 57,64% Space Free | Partition Type: NTFS
Drive D: | 931,39 Gb Total Space | 159,66 Gb Free Space | 17,14% Space Free | Partition Type: NTFS
Drive E: | 149,04 Gb Total Space | 108,19 Gb Free Space | 72,59% Space Free | Partition Type: NTFS

Computer Name: DOMA | User Name: Karel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Karel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
MOD - C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\17645libfoxloader.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF ()

========== Services (SafeList) ==========

SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (StartW8Service) -- C:\Program Files (x86)\StartW8\bin\StartW8Service.exe (SODATSW spol. s .r.o.)
SRV - (PCToolsSSDMonitorSvc) -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe (PC Tools)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\Drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\Drivers\epfwwfp.sys (ESET)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\Drivers\eamonm.sys (ESET)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\Drivers\epfw.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\Drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\Drivers\ehdrv.sys (ESET)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (VX1000) -- C:\Windows\SysNative\Drivers\VX1000.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=14875LinkId=54896
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {952BF5F9-4C6C-4204-999C-08F2A511C574}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{766EA1B7-2EF7-436A-9443-871882368012}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{7A11F359-8CA2-4C87-946E-C95210ADACD1}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{952BF5F9-4C6C-4204-999C-08F2A511C574}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{95C8222C-69F4-4097-AD8B-3E70CC5265CB}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{9A03FF84-B8A9-435E-966F-5039F3ECF68D}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{AFB12C33-1B36-4188-B71E-9D77B3486121}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{DD1F48D0-BD0C-4F57-9D8E-7980FA0B927E}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{E08EA8DF-FE94-4FF4-B64E-3A5FBA8C8231}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{F77AABEC-C09C-4338-AA47-0455EBC39BEA}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.96.0
FF - prefs.js..extensions.enabledAddons: %7B000F1EA4-5E08-4564-A29B-29076F63A37A%7D:1.0.3.171
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..network.proxy.backup.ftp: ""
FF - prefs.js..network.proxy.backup.ftp_port: 0
FF - prefs.js..network.proxy.backup.socks: ""
FF - prefs.js..network.proxy.backup.socks_port: 0
FF - prefs.js..network.proxy.backup.ssl: ""
FF - prefs.js..network.proxy.backup.ssl_port: 0
FF - prefs.js..network.proxy.ftp: "41.222.196.52"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: "41.222.196.52"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "41.222.196.52"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "41.222.196.52"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\dum2y98l.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Karel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/07/20 12:05:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/07/20 12:05:36 | 000,000,000 | ---D | M]

[2013/05/10 10:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\Extensions
[2013/07/20 01:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions
[2013/05/28 15:31:53 | 000,000,000 | ---D | M] () -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2013/07/20 00:01:40 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013/05/17 12:09:03 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\battlefieldplay4free@ea.com
[2013/07/02 02:53:09 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/10 17:28:10 | 000,002,402 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\bingp.xml
[2013/07/02 00:22:39 | 000,001,160 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\innogames-international-customized-web-search.xml
[2013/05/18 19:42:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/05/25 07:51:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/18 19:42:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/25 07:51:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/04 05:27:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.seznam.cz/?clid=14875
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll
CHR - Extension: Seznam Li\u0161ti\u010Dka - Email = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Slovn\u00EDk = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: Seznam Li\u0161ti\u010Dka - Rychl\u00E1 volba = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Gmail = C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/07/26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NtVdmSrv] C:\Windows\Inf\ntvdm.vbe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartW8Button] C:\Program Files (x86)\StartW8\bin\StartW8Button.exe (SODATSW spol. s r.o.)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Wowhead_Client] D:\World of Warcraft\Programy\Wowhead_Client.exe (Wowhead)
O4 - HKCU..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe (ZONER software)
O4 - Startup: C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PlayerScore.lnk = D:\World of Warcraft\PlayerScoreClient\PlayerScore.exe ()
O4 - Startup: C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.113 160.218.161.54
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{103CDA5D-F325-422D-8872-D4B27CAEF4D2}: DhcpNameServer = 194.228.41.113 160.218.161.54
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\lifecam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\lifecam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Příspěvekod **jaro3** » 21 črc 2013 00:16

========== Files/Folders - Created Within 30 Days ==========

[2013/07/20 12:15:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2013/07/20 12:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/07/20 12:05:27 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/07/20 10:34:51 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/07/20 01:45:22 | 000,000,000 | ---D | C] -- C:\Users\Karel\Desktop\RK_Quarantine
[2013/07/20 01:35:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/07/20 01:35:18 | 000,559,341 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Karel\Desktop\JRT.exe
[2013/07/20 00:01:51 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\CrashDumps
[2013/07/20 00:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013/07/20 00:01:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SuperOvladac
[2013/07/20 00:01:24 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Seznam.cz
[2013/07/19 23:37:17 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Karel\Desktop\TFC.exe
[2013/07/19 23:01:21 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Opera Software
[2013/07/19 23:01:21 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Opera Software
[2013/07/19 23:01:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013/07/19 22:36:30 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Chromium
[2013/07/19 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\ZPS15
[2013/07/19 16:18:55 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Zoner
[2013/07/19 16:18:53 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Zoner
[2013/07/19 16:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2013/07/19 16:18:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 15
[2013/07/19 16:18:01 | 000,000,000 | ---D | C] -- C:\Program Files\Zoner
[2013/07/19 14:54:40 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2013/07/19 14:54:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2013/07/19 14:54:40 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2013/07/19 14:54:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2013/07/19 14:54:38 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2013/07/19 14:54:38 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2013/07/19 14:50:10 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Gameforge4d
[2013/07/19 14:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2013/07/19 12:14:22 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Malwarebytes
[2013/07/19 12:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/07/19 12:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/07/19 12:13:53 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/07/19 12:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/07/19 11:57:31 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Apps
[2013/07/19 09:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2013/07/19 09:06:29 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/07/18 11:14:58 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/18 11:14:56 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/18 11:14:56 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/18 11:14:56 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/18 11:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/07/17 08:36:24 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox210.ocx
[2013/07/17 08:36:24 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2013/07/17 08:36:24 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBox10.ocx
[2013/07/17 08:36:24 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2013/07/17 08:36:24 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\Windows\SysWow64\UniBoxVB12.ocx
[2013/07/17 08:36:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2013/07/17 08:36:23 | 000,513,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml.dll
[2013/07/17 08:36:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2013/07/17 08:36:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Registry Mechanic
[2013/07/17 08:36:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2013/07/17 04:48:18 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2013/07/17 04:48:16 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013/07/17 04:48:16 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013/07/17 04:48:16 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013/07/17 04:48:16 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2013/07/17 04:48:16 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2013/07/17 04:48:15 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013/07/17 04:48:13 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2013/07/17 04:48:12 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013/07/17 04:48:12 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013/07/17 04:48:12 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013/07/17 04:48:12 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013/07/17 04:48:12 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013/07/17 04:48:11 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013/07/17 04:48:11 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013/07/17 04:48:11 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2013/07/17 04:48:11 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013/07/17 04:48:11 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013/07/17 04:48:11 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2013/07/17 04:48:10 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013/07/17 04:48:10 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll
[2013/07/17 04:48:10 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013/07/17 04:48:10 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013/07/17 04:48:10 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013/07/17 04:48:10 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe
[2013/07/17 04:48:10 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2013/07/13 18:28:51 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\Poznámkové bloky aplikace OneNote
[2013/07/10 20:02:04 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\TeamViewer
[2013/07/10 06:28:57 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013/07/10 06:28:25 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013/07/10 06:28:25 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013/07/10 06:27:17 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/07/10 06:27:12 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013/07/10 06:27:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013/07/10 06:27:11 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013/07/10 06:27:11 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/07/10 06:27:09 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013/07/10 06:27:09 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013/07/07 19:16:06 | 000,000,000 | ---D | C] -- C:\Users\Karel\Desktop\tisk H
[2013/07/06 14:45:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Ovladac
[2013/07/05 08:33:54 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013/07/05 08:33:54 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013/07/05 08:33:54 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013/07/05 08:33:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013/07/05 08:33:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013/07/04 05:29:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
[2013/07/02 12:32:14 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\The Lord of the Rings Online
[2013/07/02 11:03:17 | 000,000,000 | ---D | C] -- C:\Users\Karel\Documents\The Lord of the Rings Online
[2013/07/02 11:01:33 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Turbine
[2013/07/02 10:45:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2013/07/02 10:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbine
[2013/07/02 09:59:27 | 000,000,000 | ---D | C] -- C:\Users\Karel\Desktop\TheLordoftheRingsOnlineEN
[2013/07/02 09:58:48 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\PMB Files
[2013/07/02 09:58:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/07/02 07:35:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/07/02 00:22:58 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Roaming\TuneUp Software
[2013/07/02 00:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013/07/02 00:22:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013/07/02 00:22:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/07/01 15:51:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2013/07/01 15:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2013/07/01 15:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2013/07/01 15:48:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2013/07/01 06:23:12 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/06/30 10:10:56 | 000,977,904 | ---- | C] (Conduit) -- C:\Users\Karel\Documents\tb_InnoGames_International.exe
[2013/06/26 12:37:12 | 000,000,000 | ---D | C] -- C:\Users\Karel\AppData\Local\Diagnostics
[2013/06/24 19:52:56 | 000,000,000 | ---D | C] -- C:\Games

========== Files - Modified Within 30 Days ==========

[2013/07/20 12:19:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/20 12:15:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\OTL.exe
[2013/07/20 12:09:01 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce51208db58ab4.job
[2013/07/20 11:50:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/20 11:50:11 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/20 11:50:10 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013/07/20 11:48:43 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013/07/20 11:48:40 | 858,509,311 | -HS- | M] () -- C:\hiberfil.sys
[2013/07/20 11:47:48 | 000,000,505 | ---- | M] () -- C:\Users\Karel\Desktop\Uživatelské účty – zástupce.lnk
[2013/07/20 01:36:28 | 003,778,560 | ---- | M] () -- C:\Users\Karel\Desktop\RogueKillerX64.exe
[2013/07/20 01:35:18 | 000,559,341 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Karel\Desktop\JRT.exe
[2013/07/20 01:19:38 | 000,001,211 | ---- | M] () -- C:\Users\Karel\Desktop\Super Ovladač.lnk
[2013/07/19 23:51:01 | 000,666,633 | ---- | M] () -- C:\Users\Karel\Desktop\AdwCleaner.exe
[2013/07/19 23:01:11 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2013/07/19 19:47:07 | 000,000,294 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013/07/19 17:21:28 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/07/19 16:18:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2013/07/19 16:18:46 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2013/07/19 14:53:13 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013/07/19 14:50:04 | 000,000,766 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk
[2013/07/19 12:13:57 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/19 12:00:43 | 001,740,092 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/07/19 12:00:43 | 000,734,558 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/07/19 12:00:43 | 000,718,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/19 12:00:43 | 000,152,390 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/07/19 12:00:43 | 000,136,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/07/19 11:48:03 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Karel\Desktop\TFC.exe
[2013/07/19 09:06:29 | 000,002,975 | ---- | M] () -- C:\Users\Karel\Desktop\HiJackThis.lnk
[2013/07/18 11:14:48 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/07/18 11:14:43 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/07/18 11:14:43 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/07/18 11:14:43 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/07/18 11:14:41 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013/07/18 11:14:41 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013/07/17 08:36:25 | 000,001,198 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2013/07/15 10:09:14 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/07/14 13:14:37 | 000,074,802 | ---- | M] () -- C:\Users\Karel\Documents\IMG_14072013_131314.png
[2013/07/13 18:28:53 | 000,001,274 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2013/07/11 22:23:04 | 000,423,048 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/06 20:17:22 | 000,000,809 | ---- | M] () -- C:\Users\Karel\Desktop\Neverwinter.lnk
[2013/07/02 11:02:20 | 000,002,712 | ---- | M] () -- C:\Users\Karel\Documents\UserPreferences.ini
[2013/07/02 10:47:52 | 000,000,093 | ---- | M] () -- C:\Users\Karel\AppData\Local\fusioncache.dat
[2013/07/02 10:47:32 | 001,739,504 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/02 10:15:30 | 000,001,572 | ---- | M] () -- C:\Users\Karel\Desktop\StartW8Button.exe – zástupce.lnk
[2013/07/02 07:38:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/07/02 07:35:31 | 232,148,289 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/06/30 10:10:57 | 000,977,904 | ---- | M] (Conduit) -- C:\Users\Karel\Documents\tb_InnoGames_International.exe
[2013/06/28 00:04:51 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/06/28 00:04:51 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/07/20 11:47:48 | 000,000,505 | ---- | C] () -- C:\Users\Karel\Desktop\Uživatelské účty – zástupce.lnk
[2013/07/20 01:36:27 | 003,778,560 | ---- | C] () -- C:\Users\Karel\Desktop\RogueKillerX64.exe
[2013/07/19 23:51:00 | 000,666,633 | ---- | C] () -- C:\Users\Karel\Desktop\AdwCleaner.exe
[2013/07/19 23:37:31 | 000,832,273 | ---- | C] () -- C:\Users\Karel\Desktop\RSITx64.exe
[2013/07/19 23:01:12 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2013/07/19 23:01:12 | 000,001,133 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013/07/19 16:18:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15.lnk
[2013/07/19 16:18:46 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Zoner Photo Studio 15 x64.lnk
[2013/07/19 14:53:13 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\AION Free-to-Play.lnk
[2013/07/19 14:50:04 | 000,000,766 | ---- | C] () -- C:\Users\Public\Desktop\Gameforge Live.lnk
[2013/07/19 12:13:57 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/07/19 09:06:29 | 000,002,975 | ---- | C] () -- C:\Users\Karel\Desktop\HiJackThis.lnk
[2013/07/18 19:00:02 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013/07/17 08:36:28 | 000,000,294 | ---- | C] () -- C:\Windows\tasks\RMSchedule.job
[2013/07/17 08:36:25 | 000,001,198 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2013/07/17 08:36:24 | 000,041,632 | ---- | C] () -- C:\Windows\SysNative\CleanMFT64.exe
[2013/07/17 04:48:17 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013/07/14 13:13:25 | 000,074,802 | ---- | C] () -- C:\Users\Karel\Documents\IMG_14072013_131314.png
[2013/07/13 18:28:53 | 000,001,274 | ---- | C] () -- C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
[2013/07/11 22:22:51 | 000,423,048 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/07/06 20:17:22 | 000,000,809 | ---- | C] () -- C:\Users\Karel\Desktop\Neverwinter.lnk
[2013/07/06 14:45:46 | 000,001,211 | ---- | C] () -- C:\Users\Karel\Desktop\Super Ovladač.lnk
[2013/07/05 08:33:52 | 000,002,221 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013/07/02 11:01:33 | 000,002,712 | ---- | C] () -- C:\Users\Karel\Documents\UserPreferences.ini
[2013/07/02 10:47:52 | 000,000,093 | ---- | C] () -- C:\Users\Karel\AppData\Local\fusioncache.dat
[2013/07/02 10:46:23 | 001,739,504 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/07/02 10:15:30 | 000,001,572 | ---- | C] () -- C:\Users\Karel\Desktop\StartW8Button.exe – zástupce.lnk
[2013/07/02 07:38:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2013/07/02 07:35:31 | 232,148,289 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/05/18 05:46:25 | 000,201,216 | ---- | C] () -- C:\Windows\SysWow64\mediarcpt.dll
[2013/05/10 17:11:28 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2013/05/10 13:23:20 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/05/10 10:29:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/07/26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012/07/26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012/07/26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012/07/26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012/07/25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012/07/25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012/06/02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2013/05/13 20:03:06 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/18 11:15:53 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\.minecraft
[2013/06/24 19:53:58 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Awesomium
[2013/05/10 17:50:21 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Curse Advertising
[2013/05/10 10:54:28 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\ESET
[2013/06/01 14:25:28 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\LolClient
[2013/07/19 23:01:21 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Opera Software
[2013/07/20 11:55:18 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Seznam.cz
[2013/07/10 20:06:26 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TeamViewer
[2013/06/04 11:51:23 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TS3Client
[2013/07/05 09:38:15 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\TuneUp Software
[2013/05/11 18:57:52 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Unity
[2013/07/19 16:18:55 | 000,000,000 | ---D | M] -- C:\Users\Karel\AppData\Roaming\Zoner

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >

Příspěvekod **jaro3** » 21 črc 2013 00:39

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
MOD - C:\Users\Karel\AppData\Roaming\Seznam.cz\bin\17645libfoxloader.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {952BF5F9-4C6C-4204-999C-08F2A511C574}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{766EA1B7-2EF7-436A-9443-871882368012}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{7A11F359-8CA2-4C87-946E-C95210ADACD1}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{952BF5F9-4C6C-4204-999C-08F2A511C574}: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{95C8222C-69F4-4097-AD8B-3E70CC5265CB}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{9A03FF84-B8A9-435E-966F-5039F3ECF68D}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{AFB12C33-1B36-4188-B71E-9D77B3486121}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{DD1F48D0-BD0C-4F57-9D8E-7980FA0B927E}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{E08EA8DF-FE94-4FF4-B64E-3A5FBA8C8231}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_14875
IE - HKCU\..\SearchScopes\{F77AABEC-C09C-4338-AA47-0455EBC39BEA}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..extensions.enabledAddons: %7B000F1EA4-5E08-4564-A29B-29076F63A37A%7D:1.0.3.171
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
[2013/05/10 10:48:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\Extensions
[2013/07/20 01:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions
[2013/07/20 00:01:40 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2013/07/02 02:53:09 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/05/10 17:28:10 | 000,002,402 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\bingp.xml
[2013/07/02 00:22:39 | 000,001,160 | ---- | M] () -- C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\innogames-international-customized-web-search.xml
[2013/05/18 19:42:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
CHR - default_search_provider: Ask (Enabled)
O4 - Startup: C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/07/19 12:00:43 | 000,734,558 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013/07/19 12:00:43 | 000,718,374 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/07/19 12:00:43 | 000,152,390 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013/07/19 12:00:43 | 000,136,106 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:D1B5B4F1

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\Karel\Desktop\RK_Quarantine
C:\Program Files (x86)\Common Files\Symantec Shared
C:\ProgramData\Symantec
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
C:\ProgramData\McAfee
C:\Windows\ativpsrm.bin

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

žádná níkaza ..

FF - prefs.js..network.proxy.ftp: "41.222.196.52"
FF - prefs.js..network.proxy.ftp_port: 8080
Ty porty sis otevíral sám?

Kamos · Příspěvekod **Kamos** » 21 črc 2013 09:22

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files (x86)\Skype\Updater\Updater.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{766EA1B7-2EF7-436A-9443-871882368012}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{766EA1B7-2EF7-436A-9443-871882368012}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7A11F359-8CA2-4C87-946E-C95210ADACD1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A11F359-8CA2-4C87-946E-C95210ADACD1}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{952BF5F9-4C6C-4204-999C-08F2A511C574}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{952BF5F9-4C6C-4204-999C-08F2A511C574}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95C8222C-69F4-4097-AD8B-3E70CC5265CB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95C8222C-69F4-4097-AD8B-3E70CC5265CB}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9A03FF84-B8A9-435E-966F-5039F3ECF68D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A03FF84-B8A9-435E-966F-5039F3ECF68D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFB12C33-1B36-4188-B71E-9D77B3486121}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFB12C33-1B36-4188-B71E-9D77B3486121}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD1F48D0-BD0C-4F57-9D8E-7980FA0B927E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD1F48D0-BD0C-4F57-9D8E-7980FA0B927E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E08EA8DF-FE94-4FF4-B64E-3A5FBA8C8231}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E08EA8DF-FE94-4FF4-B64E-3A5FBA8C8231}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F77AABEC-C09C-4338-AA47-0455EBC39BEA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F77AABEC-C09C-4338-AA47-0455EBC39BEA}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: %7B000F1EA4-5E08-4564-A29B-29076F63A37A%7D:1.0.3.171 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Extensions folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\JAK folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses\email folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components\subclasses folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\components folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules\classes folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\modules folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\chrome folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\META-INF folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A} folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\battlefieldplay4free@ea.com\plugins folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\battlefieldplay4free@ea.com\META-INF folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\battlefieldplay4free@ea.com folder moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions folder moved successfully.
Folder C:\Users\Karel\AppData\Roaming\mozilla\Firefox\Profiles\dum2y98l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}\ not found.
File C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\bingp.xml moved successfully.
C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\dum2y98l.default\searchplugins\innogames-international-customized-web-search.xml moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons\default folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome\icons folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\chrome folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} folder moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
ADS C:\ProgramData\TEMP:D1B5B4F1 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA1ce51208db58ab4.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
C:\Users\Karel\Desktop\RK_Quarantine folder moved successfully.
C:\Program Files (x86)\Common Files\Symantec Shared folder moved successfully.
C:\ProgramData\Symantec folder moved successfully.
C:\ProgramData\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963} folder moved successfully.
C:\ProgramData\Norton folder moved successfully.
C:\ProgramData\NortonInstaller\Logs\2013-07-02-02h25m57s folder moved successfully.
C:\ProgramData\NortonInstaller\Logs\2013-07-01-15h48m06s folder moved successfully.
C:\ProgramData\NortonInstaller\Logs folder moved successfully.
C:\ProgramData\NortonInstaller folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\SecurityScanner folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SSScheduler folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom\McCHSvc folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\PartnerCustom folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt\McUicnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS\McUICnt folder moved successfully.
C:\ProgramData\McAfee\MCLOGS folder moved successfully.
C:\ProgramData\McAfee folder moved successfully.
C:\Windows\ativpsrm.bin moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Karel
->Temp folder emptied: 159915890 bytes
->Temporary Internet Files folder emptied: 62817772 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 178116980 bytes
->Google Chrome cache emptied: 6690113 bytes
->Flash cache emptied: 4170 bytes

User: Public

User: Tom
->Temp folder emptied: 5140069 bytes
->Temporary Internet Files folder emptied: 33668745 bytes
->FireFox cache emptied: 15215003 bytes
->Google Chrome cache emptied: 6317175 bytes
->Flash cache emptied: 1048 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3218853 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 16106 bytes

Total Files Cleaned = 449,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 07212013_091602

Files\Folders moved on Reboot...
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JGRG8OIV\gameCAO0H1F3.htm moved successfully.
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully.
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\winstore.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

--- Doplnění předchozího příspěvku (Ned Črc 21, 2013 9:27 am) ---

jaro3 píše:žádná níkaza ..

FF - prefs.js..network.proxy.ftp: "41.222.196.52"
FF - prefs.js..network.proxy.ftp_port: 8080
Ty porty sis otevíral sám?

ano proxi hsem odeviral san ja ted momentalne je mam vypnuty jen obcas potrebuju jinou IP tak zapibam proxi

--- Doplnění předchozího příspěvku (Ned Črc 21, 2013 9:32 am) ---

a nechtenej ucet uz mam taky vyreseny bylo to nastavenim ESET anti-theft a tam byl zapnut fantom ucet JAN tak ze jsem ho vypnul a je to v poradku

--- Doplnění předchozího příspěvku (Ned Črc 21, 2013 9:34 am) ---

a vidis ze se me to sklada dam dole v levo odpovedet pak dam odeslat a nemam novy prispevek jen doplneni pod carou :-(

Příspěvekod **jaro3** » 21 črc 2013 10:52

Já to nevidím , a mě to šlo , ale může to být tím , že mám pro tyto sekce editorská práva , tak nevím , čím to je.

Spusť OTL a klikni na Vyčisti.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Kamos · Příspěvekod **Kamos** » 21 črc 2013 20:41

diky za pomoc

win8 a nechteny uzivatelsky ucet Vyřešeno

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet+

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet

Re: win8 a nechteny uzivatelsky ucet Vyřešeno

Kdo je online