kontrola-díky-nechtěné bannery Vyřešeno

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Reklama]

[79user]

..krom jiného, když jsem na netu a chci si přeložit zahraniční stránky-text (pc translator2010), tak na první straně mi to jde, dám jinou stránku a už to nejde, dokud nedám novou stránku znovu aktualizivat a to dělá nejem u překladače.
Mimi to přehřívá se notebook a vypne se i na banalních hrách, které by jeli na pentium 1. Při koupi notebooku jsem hrál mafii 2 na nejvetší rozlišení, grafika má 2gb. Múže jít o softwerový problém, nebo je to způsobeno hardwerem. Hardwer i softwer legál originál stáří cc2roky. Poslední povedená aktualizace cca15dní.
Při psaní této zprávy vypadává firefox a seká se.

log
ComboFix 13-12-21.01 - uzivatel 22.12.2013 22:15:07.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2807 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\uzivatel\AppData\Roaming\technic-launcher.jar
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-22 do 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2014-06-11 15:01 . 2014-06-11 15:01 -------- d-----w- c:\program files\ESET
2013-12-22 21:28 . 2013-12-22 21:28 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-22 21:28 . 2013-12-22 21:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-22 21:28 . 2013-12-22 21:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-22 17:41 . 2013-12-22 17:41 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{82AABC8A-B34A-4B2E-9E05-6EA644701BC7}\offreg.dll
2013-12-21 09:22 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{82AABC8A-B34A-4B2E-9E05-6EA644701BC7}\mpengine.dll
2013-12-20 09:45 . 2013-12-20 09:45 -------- d-----w- c:\windows\ERUNT
2013-12-19 22:12 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwhnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwh.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 18944 ----a-w- c:\windows\system32\drivers\zebrmdfl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdmc.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcmnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 21504 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 108544 ----a-w- c:\windows\system32\drivers\zebrbus.sys.bak
2013-12-19 16:29 . 2013-12-20 10:01 95232 ----a-w- c:\windows\system32\drivers\bridge.sys.bak
2013-12-19 16:05 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-18 22:53 . 2013-12-19 15:59 -------- d-----w- C:\AdwCleaner
2013-12-18 22:36 . 2013-12-19 16:05 -------- d-----w- C:\Malwarebytes' Anti-Malware
2013-12-04 01:22 . 2013-12-04 01:22 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-12-04 01:22 . 2013-12-04 01:22 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-12-04 01:22 . 2013-12-04 01:22 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2013-12-04 01:22 . 2013-12-04 01:22 74016 ----a-w- c:\windows\system32\nvapo64v.dll
2013-11-29 16:57 . 2013-11-29 17:10 -------- d-----w- C:\Seznam DVD
2013-11-23 16:59 . 2013-11-23 16:59 -------- d-sh--w- c:\windows\ftpcache
2013-11-23 16:56 . 2013-11-23 16:56 -------- d-----w- c:\program files (x86)\Activision
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-12 17:54 . 2011-08-05 13:31 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 11:38 . 2012-04-26 13:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-12 11:38 . 2011-07-26 18:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 10:21 . 2011-08-06 14:42 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 08:45 . 2013-11-20 16:33 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-10-12 08:45 . 2013-11-20 16:33 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-10-12 08:45 . 2013-11-20 16:33 1364992 ----a-w- c:\windows\system32\urlmon.dll
2013-10-12 08:43 . 2013-11-20 16:33 19269632 ----a-w- c:\windows\system32\mshtml.dll
2013-10-12 08:43 . 2013-11-20 16:33 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-10-12 08:43 . 2013-11-20 16:33 855552 ----a-w- c:\windows\system32\jscript.dll
2013-10-12 08:43 . 2013-11-20 16:33 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-10-12 08:43 . 2013-11-20 16:33 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-10-12 08:43 . 2013-11-20 16:33 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-12 08:43 . 2013-11-20 16:33 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-10-12 08:43 . 2013-11-20 16:33 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-10-12 08:43 . 2013-11-20 16:33 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-12 08:43 . 2013-11-20 16:33 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-10-12 08:43 . 2013-11-20 16:33 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-10-12 07:03 . 2013-11-20 16:33 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-10-12 07:02 . 2013-11-20 16:33 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-12 07:02 . 2013-11-20 16:33 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-10-12 07:02 . 2013-11-20 16:33 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-10-12 06:35 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-12 06:08 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-12 05:44 . 2013-11-20 16:33 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 05:15 . 2013-11-20 16:33 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30 . 2013-11-20 16:26 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-20 16:26 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-20 16:26 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-20 16:26 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-20 16:26 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-20 16:28 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-20 16:28 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-20 16:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-20 16:28 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-20 16:28 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-20 16:28 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-20 16:28 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-20 16:28 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-20 16:28 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-20 16:28 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-20 16:28 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2011-04-27 13:25 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:26 . 2013-11-20 16:28 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-20 16:28 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-20 16:28 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-20 16:28 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-20 16:28 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-20 16:28 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-20 16:28 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-20 16:28 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-20 16:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-20 16:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-20 16:28 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-20 16:28 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-20 16:28 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"supertintin_skype"="c:\program files (x86)\Supertintin for Skype\supertintin_skype.exe" [2011-12-19 976896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ShowBatteryBar"="c:\batterybar\ShowBatteryBar.exe" [2013-04-11 89600]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"BitTorrent DNA"="c:\users\uzivatel\Program Files (x86)\DNA\btdna.exe" [2013-05-06 290112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePDRShortCut"="c:\powerdirector\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 prodrv03;Star Force copy protection driver v3;c:\windows\System32\drivers\prodrv03.sys;c:\windows\SYSNATIVE\drivers\prodrv03.sys [x]
R1 SASDIFSV;SASDIFSV;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys;c:\windows\SYSNATIVE\Drivers\AF9035HB.sys [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys;c:\windows\SYSNATIVE\Drivers\Axtmvprt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys;c:\windows\SYSNATIVE\Drivers\PortTalk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 MBAMService;MBAMService;c:\malwarebytes' anti-malware\mbamservice.exe;c:\malwarebytes' anti-malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 11:38]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cecb58987f2c5c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11 22:27]
.
2013-12-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11 22:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=16194
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Send To &Bluetooth - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-11-07 21:42; firefox@greygray.biz; c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\firefox@greygray.biz.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{1824FF90-C98E-48A6-838F-E3B6572B0C77} - c:\program files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Better Surf Plus - c:\program files (x86)\BetterSurf\BetterSurfPlus\uninstall.exe
AddRemove-Muerte Mechanica - c:\hry\Muerte Mechanica\Uninst.isu
AddRemove-PC Translator - c:\users\uzivatel\AppData\Local\Temp\UN32.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:92,a3,18,e5,89,b5,d0,9a,47,8c,4c,20,ae,d3,c3,b5,b4,aa,a7,84,dc,c5,44,
25,7b,f4,ed,9c,71,b5,87,39,52,47,41,fd,d0,e6,cb,f1,e6,b9,3f,5c,76,6a,70,ec,\
"??"=hex:19,ba,59,ea,19,57,ef,1e,db,35,28,3a,74,e6,dd,04
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-12-22 22:32:02
ComboFix-quarantined-files.txt 2013-12-22 21:32
ComboFix2.txt 2013-03-07 09:53
.
Před spuštěním: Volných bajtů: 145 729 495 040
Po spuštění: Volných bajtů: 148 105 875 456
.
- - End Of File - - B4AE58419E80C676C186875CBF1AD6C3
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

jeden antivir odinstaluj!

Pak znovu Combofix.

[79user]

já mám zaplý jen ESET, mse je vypnutý ten nepoužívám.

[jaro3]

Tak ho odinstaluj.

[79user]

ComboFix 13-12-21.01 - uzivatel 23.12.2013 10:56:34.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2715 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-23 do 2013-12-23 )))))))))))))))))))))))))))))))
.
.
2014-06-11 15:01 . 2014-06-11 15:01 -------- d-----w- c:\program files\ESET
2013-12-23 10:05 . 2013-12-23 10:05 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-23 10:05 . 2013-12-23 10:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-23 10:05 . 2013-12-23 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-20 09:45 . 2013-12-20 09:45 -------- d-----w- c:\windows\ERUNT
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwhnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwh.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 18944 ----a-w- c:\windows\system32\drivers\zebrmdfl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdmc.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcmnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 21504 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 108544 ----a-w- c:\windows\system32\drivers\zebrbus.sys.bak
2013-12-19 16:29 . 2013-12-20 10:01 95232 ----a-w- c:\windows\system32\drivers\bridge.sys.bak
2013-12-19 16:05 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-18 22:53 . 2013-12-19 15:59 -------- d-----w- C:\AdwCleaner
2013-12-18 22:36 . 2013-12-19 16:05 -------- d-----w- C:\Malwarebytes' Anti-Malware
2013-12-04 01:22 . 2013-12-04 01:22 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-12-04 01:22 . 2013-12-04 01:22 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-12-04 01:22 . 2013-12-04 01:22 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2013-12-04 01:22 . 2013-12-04 01:22 74016 ----a-w- c:\windows\system32\nvapo64v.dll
2013-11-29 16:57 . 2013-11-29 17:10 -------- d-----w- C:\Seznam DVD
2013-11-23 16:59 . 2013-11-23 16:59 -------- d-sh--w- c:\windows\ftpcache
2013-11-23 16:56 . 2013-11-23 16:56 -------- d-----w- c:\program files (x86)\Activision
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-12 17:54 . 2011-08-05 13:31 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 11:38 . 2012-04-26 13:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-12 11:38 . 2011-07-26 18:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 10:21 . 2011-08-06 14:42 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 08:45 . 2013-11-20 16:33 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-10-12 08:45 . 2013-11-20 16:33 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-10-12 08:45 . 2013-11-20 16:33 1364992 ----a-w- c:\windows\system32\urlmon.dll
2013-10-12 08:43 . 2013-11-20 16:33 19269632 ----a-w- c:\windows\system32\mshtml.dll
2013-10-12 08:43 . 2013-11-20 16:33 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-10-12 08:43 . 2013-11-20 16:33 855552 ----a-w- c:\windows\system32\jscript.dll
2013-10-12 08:43 . 2013-11-20 16:33 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-10-12 08:43 . 2013-11-20 16:33 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-10-12 08:43 . 2013-11-20 16:33 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-12 08:43 . 2013-11-20 16:33 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-10-12 08:43 . 2013-11-20 16:33 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-10-12 08:43 . 2013-11-20 16:33 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-12 08:43 . 2013-11-20 16:33 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-10-12 08:43 . 2013-11-20 16:33 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-10-12 07:03 . 2013-11-20 16:33 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-10-12 07:02 . 2013-11-20 16:33 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-12 07:02 . 2013-11-20 16:33 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-10-12 07:02 . 2013-11-20 16:33 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-10-12 06:35 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-12 06:08 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-12 05:44 . 2013-11-20 16:33 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 05:15 . 2013-11-20 16:33 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30 . 2013-11-20 16:26 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-20 16:26 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-20 16:26 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-20 16:26 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-20 16:26 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-20 16:28 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-20 16:28 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-20 16:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-20 16:28 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-20 16:28 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-20 16:28 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-20 16:28 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-20 16:28 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-20 16:28 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-20 16:28 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-20 16:28 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-25 02:26 . 2013-11-20 16:28 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-09-25 02:26 . 2013-11-20 16:28 154560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:23 . 2013-11-20 16:28 28672 ----a-w- c:\windows\system32\sspisrv.dll
2013-09-25 02:23 . 2013-11-20 16:28 135680 ----a-w- c:\windows\system32\sspicli.dll
2013-09-25 02:23 . 2013-11-20 16:28 28160 ----a-w- c:\windows\system32\secur32.dll
2013-09-25 02:22 . 2013-11-20 16:28 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 02:21 . 2013-11-20 16:28 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-09-25 02:21 . 2013-11-20 16:28 1447936 ----a-w- c:\windows\system32\lsasrv.dll
2013-09-25 01:58 . 2013-11-20 16:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-09-25 01:57 . 2013-11-20 16:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-09-25 01:57 . 2013-11-20 16:28 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-25 01:56 . 2013-11-20 16:28 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-09-25 01:03 . 2013-11-20 16:28 30720 ----a-w- c:\windows\system32\lsass.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}]
c:\program files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"supertintin_skype"="c:\program files (x86)\Supertintin for Skype\supertintin_skype.exe" [2011-12-19 976896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ShowBatteryBar"="c:\batterybar\ShowBatteryBar.exe" [2013-04-11 89600]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"BitTorrent DNA"="c:\users\uzivatel\Program Files (x86)\DNA\btdna.exe" [2013-05-06 290112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePDRShortCut"="c:\powerdirector\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 prodrv03;Star Force copy protection driver v3;c:\windows\System32\drivers\prodrv03.sys;c:\windows\SYSNATIVE\drivers\prodrv03.sys [x]
R1 SASDIFSV;SASDIFSV;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys;c:\windows\SYSNATIVE\Drivers\AF9035HB.sys [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys;c:\windows\SYSNATIVE\Drivers\Axtmvprt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys;c:\windows\SYSNATIVE\Drivers\PortTalk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 MBAMService;MBAMService;c:\malwarebytes' anti-malware\mbamservice.exe;c:\malwarebytes' anti-malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 11:38]
.
2013-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cecb58987f2c5c.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11 22:27]
.
2013-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11 22:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=16194
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Send To &Bluetooth - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-11-07 21:42; firefox@greygray.biz; c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\firefox@greygray.biz.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Better Surf Plus - c:\program files (x86)\BetterSurf\BetterSurfPlus\uninstall.exe
AddRemove-Muerte Mechanica - c:\hry\Muerte Mechanica\Uninst.isu
AddRemove-PC Translator - c:\users\uzivatel\AppData\Local\Temp\UN32.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:92,a3,18,e5,89,b5,d0,9a,47,8c,4c,20,ae,d3,c3,b5,b4,aa,a7,84,dc,c5,44,
25,7b,f4,ed,9c,71,b5,87,39,52,47,41,fd,d0,e6,cb,f1,e6,b9,3f,5c,76,6a,70,ec,\
"??"=hex:19,ba,59,ea,19,57,ef,1e,db,35,28,3a,74,e6,dd,04
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-12-23 11:08:32
ComboFix-quarantined-files.txt 2013-12-23 10:08
ComboFix2.txt 2013-12-22 21:32
ComboFix3.txt 2013-03-07 09:53
.
Před spuštěním: Volných bajtů: 149 237 972 992
Po spuštění: Volných bajtů: 148 941 873 152
.
- - End Of File - - A098C2C70C5820C01C6FCA4D7D1B8505
A36C5E4F47E84449FF07ED3517B43A31

[79user]

..tak se objevil další zádrhel, na netu když projíždím stránky, a pak se chci o jednu vrátit zpět, tak se mi pořád zobrazuje ta aktuální. A někdy když klepnu na šipku zpět ,několikrát za sebou, tak se vrátím o stranu zpět. Krom přehřívání, mi notebook popsané věci nedělal. Čím víc dělám, dle instrukcí, tím víc problému se objevuje.

[jaro3]

Jaký prohlížeč? FF?

Odinstaluj:
Mixi.DJ Search
Greygray

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCahe::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cecb58987f2c5c.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Seznam.cz
c:\program files (x86)\Google\Update

Driver::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-

Firefox::
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\
FF - prefs.js: browser.search.selectedEngine - Mixi.DJ Search
FF - ExtSQL: 2013-11-07 21:42; firefox@greygray.biz; c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\firefox@greygray.biz.xpi

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[79user]

to co jsem měl ručně smazat (Odinstaluj: Mixi.DJ Search,Greygray) se mi nepovedlo najít, ani přes průzkumníka, nevím co tím bylo myšleno, to jsem nepochopil. Jinak mám firefix, explorer mi přestal jednou fungovat, tak jsem přešel FF. To s tím krokem zpět, blbne jen na některých webovkách.
logy
ComboFix 13-12-21.01 - uzivatel 24.12.2013 11:30:45.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.2785 [GMT 1:00]
Spuštěný z: c:\users\uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\uzivatel\Desktop\CFScript.txt.txt
AV: ESET Smart Security 6.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 6.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore1cecb58987f2c5c.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.22.3\goopdate.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.22.3\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.22.3\psmachine.dll
c:\program files (x86)\Google\Update\1.3.22.3\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Seznam.cz
c:\program files (x86)\Seznam.cz\distribution\install\com.microsoft.msdn.msvcr100-10.0.40219.325-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.autoupdate-1.0.8-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.chromelisticka-1.5.3-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.ielisticka3-3.0.57-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxcub-3.0.57-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libszndesktop-2.0.18-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.lightspeed-1210-12.10.6-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.pp-1.0.2-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.szndesktop-2.0.18-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.szninstall-1.1.9-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\cz.seznam.software.sznsetup-1.1.18-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\packages.inf
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-base-1.0.0-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-fflisticka-2.5.13-win32.zip
c:\program files (x86)\Seznam.cz\distribution\install\szn-software-listicka-3.0.0-win32.zip
c:\program files (x86)\Seznam.cz\distribution\partner.conf
c:\program files (x86)\Seznam.cz\distribution\sources.inf
c:\program files (x86)\Seznam.cz\distribution\szninstall.exe
c:\program files (x86)\Seznam.cz\distribution\sznsetup.exe
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\firefox@greygray.biz.xpi
c:\windows\Tasks\GoogleUpdateTaskMachineCore1cecb58987f2c5c.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-11-24 do 2013-12-24 )))))))))))))))))))))))))))))))
.
.
2014-06-11 15:01 . 2014-06-11 15:01 -------- d-----w- c:\program files\ESET
2013-12-24 10:40 . 2013-12-24 10:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-24 10:40 . 2013-12-24 10:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-12-24 10:40 . 2013-12-24 10:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-23 14:08 . 2013-12-23 16:08 -------- d-----w- c:\users\uzivatel\AppData\Roaming\CENZURA
2013-12-23 14:07 . 2013-12-23 14:12 -------- d-----w- C:\YTD
2013-12-20 09:45 . 2013-12-20 09:45 -------- d-----w- c:\windows\ERUNT
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwhnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 15360 ----a-w- c:\windows\system32\drivers\zebrwh.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 18944 ----a-w- c:\windows\system32\drivers\zebrmdfl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdmc.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 145408 ----a-w- c:\windows\system32\drivers\zebrmdm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcmnt.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 14848 ----a-w- c:\windows\system32\drivers\zebrcm.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 21504 ----a-w- c:\windows\system32\drivers\ws2ifsl.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys.bak
2013-12-19 16:31 . 2013-12-20 10:01 108544 ----a-w- c:\windows\system32\drivers\zebrbus.sys.bak
2013-12-19 16:29 . 2013-12-20 10:01 95232 ----a-w- c:\windows\system32\drivers\bridge.sys.bak
2013-12-19 16:05 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-18 22:53 . 2013-12-19 15:59 -------- d-----w- C:\AdwCleaner
2013-12-18 22:36 . 2013-12-19 16:05 -------- d-----w- C:\Malwarebytes' Anti-Malware
2013-12-04 01:22 . 2013-12-04 01:22 31520 ----a-w- c:\windows\system32\nvhdap64.dll
2013-12-04 01:22 . 2013-12-04 01:22 196384 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2013-12-04 01:22 . 2013-12-04 01:22 1510176 ----a-w- c:\windows\system32\nvhdagenco64.dll
2013-12-04 01:22 . 2013-12-04 01:22 74016 ----a-w- c:\windows\system32\nvapo64v.dll
2013-11-29 16:57 . 2013-11-29 17:10 -------- d-----w- C:\Seznam DVD
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-12 17:54 . 2011-08-05 13:31 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-12 11:38 . 2012-04-26 13:52 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-12 11:38 . 2011-07-26 18:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-19 10:21 . 2011-08-06 14:42 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 08:45 . 2013-11-20 16:33 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2013-10-12 08:45 . 2013-11-20 16:33 2241536 ----a-w- c:\windows\system32\wininet.dll
2013-10-12 08:45 . 2013-11-20 16:33 1364992 ----a-w- c:\windows\system32\urlmon.dll
2013-10-12 08:43 . 2013-11-20 16:33 19269632 ----a-w- c:\windows\system32\mshtml.dll
2013-10-12 08:43 . 2013-11-20 16:33 603136 ----a-w- c:\windows\system32\msfeeds.dll
2013-10-12 08:43 . 2013-11-20 16:33 855552 ----a-w- c:\windows\system32\jscript.dll
2013-10-12 08:43 . 2013-11-20 16:33 3959808 ----a-w- c:\windows\system32\jscript9.dll
2013-10-12 08:43 . 2013-11-20 16:33 53248 ----a-w- c:\windows\system32\jsproxy.dll
2013-10-12 08:43 . 2013-11-20 16:33 526336 ----a-w- c:\windows\system32\ieui.dll
2013-10-12 08:43 . 2013-11-20 16:33 67072 ----a-w- c:\windows\system32\iesetup.dll
2013-10-12 08:43 . 2013-11-20 16:33 39936 ----a-w- c:\windows\system32\iernonce.dll
2013-10-12 08:43 . 2013-11-20 16:33 136704 ----a-w- c:\windows\system32\iesysprep.dll
2013-10-12 08:43 . 2013-11-20 16:33 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-10-12 08:43 . 2013-11-20 16:33 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-10-12 07:03 . 2013-11-20 16:33 1767936 ----a-w- c:\windows\SysWow64\wininet.dll
2013-10-12 07:02 . 2013-11-20 16:33 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-10-12 07:02 . 2013-11-20 16:33 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-10-12 07:02 . 2013-11-20 16:33 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-10-12 06:35 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-10-12 06:08 . 2013-11-20 16:33 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-10-12 05:44 . 2013-11-20 16:33 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-10-12 05:15 . 2013-11-20 16:33 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-10-12 02:30 . 2013-11-20 16:26 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-20 16:26 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-20 16:26 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-20 16:26 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-20 16:26 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-20 16:28 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-20 16:28 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-20 16:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-20 16:28 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-20 16:28 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-20 16:28 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-20 16:28 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-20 16:28 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-20 16:28 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-20 16:28 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-09-28 01:09 . 2013-11-20 16:28 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1824FF90-C98E-48A6-838F-E3B6572B0C77}]
c:\program files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll [BU]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"supertintin_skype"="c:\program files (x86)\Supertintin for Skype\supertintin_skype.exe" [2011-12-19 976896]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ShowBatteryBar"="c:\batterybar\ShowBatteryBar.exe" [2013-04-11 89600]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"BitTorrent DNA"="c:\users\uzivatel\Program Files (x86)\DNA\btdna.exe" [2013-05-06 290112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdatePDRShortCut"="c:\powerdirector\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R1 prodrv03;Star Force copy protection driver v3;c:\windows\System32\drivers\prodrv03.sys;c:\windows\SYSNATIVE\drivers\prodrv03.sys [x]
R1 SASDIFSV;SASDIFSV;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS;c:\users\uzivatel\AppData\Local\Temp\HBCD\SuperAntiSpyware\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AF9035HB;AF9035 Hybrid Device;c:\windows\system32\Drivers\AF9035HB.sys;c:\windows\SYSNATIVE\Drivers\AF9035HB.sys [x]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\DRIVERS\Axtmvflt.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvflt.sys [x]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\DRIVERS\Axtmvmdm.sys;c:\windows\SYSNATIVE\DRIVERS\Axtmvmdm.sys [x]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\Drivers\Axtmvprt.sys;c:\windows\SYSNATIVE\Drivers\Axtmvprt.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 PortTalk;PortTalk;c:\windows\system32\Drivers\PortTalk.sys;c:\windows\SYSNATIVE\Drivers\PortTalk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 MBAMService;MBAMService;c:\malwarebytes' anti-malware\mbamservice.exe;c:\malwarebytes' anti-malware\mbamservice.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-12-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-26 11:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 6330568]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/?clid=16194
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: Send To &Bluetooth - c:\program files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-11-07 21:42; firefox@greygray.biz; c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\firefox@greygray.biz.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Better Surf Plus - c:\program files (x86)\BetterSurf\BetterSurfPlus\uninstall.exe
AddRemove-Muerte Mechanica - c:\hry\Muerte Mechanica\Uninst.isu
AddRemove-PC Translator - c:\users\uzivatel\AppData\Local\Temp\UN32.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-963054103-3989184425-2780294557-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:92,a3,18,e5,89,b5,d0,9a,47,8c,4c,20,ae,d3,c3,b5,b4,aa,a7,84,dc,c5,44,
25,7b,f4,ed,9c,71,b5,87,39,52,47,41,fd,d0,e6,cb,f1,e6,b9,3f,5c,76,6a,70,ec,\
"??"=hex:19,ba,59,ea,19,57,ef,1e,db,35,28,3a,74,e6,dd,04
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\malwarebytes' anti-malware\mbamscheduler.exe
c:\malwarebytes' anti-malware\mbamgui.exe
.
**************************************************************************
.
Celkový čas: 2013-12-24 11:47:32 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-12-24 10:47
ComboFix2.txt 2013-12-23 10:08
ComboFix3.txt 2013-12-22 21:32
ComboFix4.txt 2013-03-07 09:53
.
Před spuštěním: Volných bajtů: 144 794 116 096
Po spuštění: Volných bajtů: 144 147 189 760
.
- - End Of File - - 25254999D9D241F721EB374434E7B439
A36C5E4F47E84449FF07ED3517B43A31
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-24 11:52:38
-----------------------------
11:52:38.476 OS Version: Windows x64 6.1.7601 Service Pack 1
11:52:38.476 Number of processors: 2 586 0x170A
11:52:38.476 ComputerName: UZIVATEL-PC UserName: uzivatel
11:52:39.474 Initialize success
11:52:52.415 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:52:52.415 Disk 0 Vendor: TOSHIBA_MK5061GSYN MH000C Size: 476940MB BusType: 11
11:52:52.415 Disk 0 MBR read successfully
11:52:52.415 Disk 0 MBR scan
11:52:52.430 Disk 0 Windows 7 default MBR code
11:52:52.430 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:52:52.446 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
11:52:52.462 Disk 0 scanning C:\Windows\system32\drivers
11:53:17.702 Service scanning
11:53:31.056 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
11:53:35.658 Modules scanning
11:53:35.658 Disk 0 trace - called modules:
11:53:35.705 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa8003ca42c0]<<spfc.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
11:53:35.705 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d01730]
11:53:36.220 3 CLASSPNP.SYS[fffff880013c343f] -> nt!IofCallDriver -> [0xfffffa8004b95520]
11:53:36.220 5 ACPI.sys[fffff8800103a7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b91680]
11:53:36.235 \Driver\atapi[0xfffffa8004b24410] -> IRP_MJ_CREATE -> 0xfffffa8003ca42c0
11:53:36.251 Scan finished successfully
11:53:55.064 Disk 0 MBR has been saved successfully to "C:\Users\uzivatel\Desktop\MBR.dat"
11:53:55.096 The log file has been saved successfully to "C:\Users\uzivatel\Desktop\aswMBR.txt"
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:57:37, on 24.12.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16736)
Boot mode: Normal

Running processes:
C:\Users\uzivatel\Program Files (x86)\DNA\btdna.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Users\uzivatel\Desktop\avi\connan barbar\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BetterSrf - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll (file missing)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\PowerDirector\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKCU\..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe /start_context sys_auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\uzivatel\Program Files (x86)\DNA\btdna.exe"
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Casino Classic - {8D8DBF41-B1E3-4603-916D-279CF0C746C0} - C:\Microgaming\Casino\casinoclassic\casinogame.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\bin\btwdins.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10533 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BetterSrf - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[79user]

tak při tom hjt jsem to fixnul, ale první dva tam zůstaly-
R0 - HKLM\Software\Micro....
R0 - HKLM\Software\Micros....
a ostatní zmizely..........(nový sken).
O2 - BHO: BetterSrf - {1824FF90-C98E-48A6-838F-E3B6572B0C....
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48....
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540......

OTL logfile created on: 25.12.2013 15:33:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 63,56% Memory free
7,93 Gb Paging File | 6,47 Gb Available in Paging File | 81,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 134,55 Gb Free Space | 28,90% Space Free | Partition Type: NTFS

Computer Name: UZIVATEL-PC | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\uzivatel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe (IDT, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe (Andrea Electronics Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AF9035HB) -- C:\Windows\SysNative\drivers\AF9035HB.sys (ITE Technologies )
DRV:64bit: - (zebrmdmc) -- C:\Windows\SysNative\drivers\zebrmdmc.sys (MCCI)
DRV:64bit: - (zebrbus) -- C:\Windows\SysNative\drivers\zebrbus.sys (MCCI)
DRV:64bit: - (zebrmdfl) -- C:\Windows\SysNative\drivers\zebrmdfl.sys (MCCI Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (zebrmdm) -- C:\Windows\SysNative\drivers\zebrmdm.sys (MCCI)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (Huawei) -- C:\Windows\SysNative\drivers\ewdcsc.sys (Huawei Tech. Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (Btcsrusb) -- C:\Windows\SysNative\drivers\btcusb.sys (IVT Corporation.)
DRV:64bit: - (Axtmvflt) -- C:\Windows\SysNative\drivers\Axtmvflt.sys (Axesstel)
DRV:64bit: - (Axtmvprt) -- C:\Windows\SysNative\drivers\Axtmvprt.sys (Axesstel)
DRV:64bit: - (Axtmvmdm) -- C:\Windows\SysNative\drivers\Axtmvmdm.sys (Axesstel)
DRV - (lirsgt) -- C:\Windows\SysWOW64\drivers\lirsgt.sys ()
DRV - (prodrv03) -- C:\Windows\SysWOW64\drivers\prodrv03.sys (Protection Technology Co.)
DRV - (MBAMProtector) -- C:\Windows\SysWOW64\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (BTSERIAL) -- C:\Windows\SysWOW64\drivers\btserial.sys (Broadcom Corporation.)
DRV - (BTSLBCSP) -- C:\Windows\SysWOW64\drivers\btslbcsp.sys (Broadcom Corporation.)
DRV - (PortTalk) -- C:\Windows\SysWOW64\drivers\PortTalk.sys (Beyond Logic http://www.beyondlogic.org)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194RY
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{8C71FFA9-E847-452D-8913-B6BC7860DBB6}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{98F12919-A137-4ECB-943A-0972DD09BA67}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{A22F95ED-7856-41A5-8679-62564F66C926}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{C2540F39-51FF-490A-A118-8C6FC6908B42}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{C867F5E4-CF6B-436B-94F2-FE054E1D50A0}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{E2A2AEE5-4C78-4B77-8BFB-CC43D244B393}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{F2E73712-1732-416A-8FEB-E91D2A933223}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_16194
IE - HKCU\..\SearchScopes\{FFEA6BD1-6B9A-4EAF-AA67-73FF82F58A8E}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_16194
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Mixi.DJ Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program1\PDF-Tools 4\PDF-XChange PDF Viewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program1\PDF-Tools 4\PDF-XChange PDF Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\uzivatel\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program1\PDF-Tools 4\PDF-XChange PDF Viewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2014.06.11 16:01:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@bettersurfplus.com: C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014.06.11 16:01:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\uzivatel\Program Files (x86)\DNA [2013.05.06 13:48:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013.03.16 14:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Extensions
[2013.12.24 11:39:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions
[2013.05.06 14:04:33 | 000,151,038 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\12xkoi2g.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013.12.20 12:11:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.12.20 12:11:28 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========


O1 HOSTS File: ([2013.12.24 11:42:05 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Better Surf Plus) - {1824FF90-C98E-48A6-838F-E3B6572B0C77} - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ie\BetterSrf.dll File not found
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll ()
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\uzivatel\Program Files (x86)\DNA\btdna.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ShowBatteryBar] C:\BatteryBar\ShowBatteryBar.exe ()
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [supertintin_skype] C:\Program Files (x86)\Supertintin for Skype\supertintin_skype.exe (Imtiger Software Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm File not found
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1CD30E72-3F25-4A84-B474-7DBC37E65845}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FFA559A-32E7-4E09-A63F-96AD904F3A72}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.06.11 16:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014.06.11 16:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014.06.11 16:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013.12.25 14:51:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.12.25 14:51:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.12.25 14:18:06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2013.12.24 11:40:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.12.23 15:08:37 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Roaming\CENZURA
[2013.12.23 15:07:37 | 000,000,000 | ---D | C] -- C:\YTD
[2013.12.23 15:07:10 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\Nová složka (3)
[2013.12.22 23:21:32 | 000,000,000 | R--D | C] -- C:\Users\uzivatel\Desktop\2012-04-14.13.33.15-Prima LOVE-127
[2013.12.22 23:01:24 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\aa
[2013.12.21 20:07:49 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\čeká
[2013.12.20 12:11:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.12.20 10:45:22 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.12.19 17:31:02 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwhnt.sys.bak
[2013.12.19 17:31:02 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwh.sys.bak
[2013.12.19 17:31:01 | 000,145,408 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdmc.sys.bak
[2013.12.19 17:31:01 | 000,145,408 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdm.sys.bak
[2013.12.19 17:31:01 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrmdfl.sys.bak
[2013.12.19 17:31:01 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcmnt.sys.bak
[2013.12.19 17:31:01 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcm.sys.bak
[2013.12.19 17:31:00 | 000,108,544 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrbus.sys.bak
[2013.12.19 17:30:59 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013.12.19 17:30:58 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013.12.19 17:30:57 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013.12.19 17:30:55 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013.12.19 17:30:54 | 000,009,216 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys.bak
[2013.12.19 17:30:54 | 000,009,216 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys.bak
[2013.12.19 17:30:53 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013.12.19 17:30:53 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys.bak
[2013.12.19 17:30:53 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013.12.19 17:30:52 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013.12.19 17:30:51 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013.12.19 17:30:51 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013.12.19 17:30:50 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013.12.19 17:30:49 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013.12.19 17:30:48 | 000,396,848 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013.12.19 17:30:48 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013.12.19 17:30:47 | 000,505,344 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys.bak
[2013.12.19 17:30:47 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013.12.19 17:30:47 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013.12.19 17:30:47 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013.12.19 17:30:45 | 000,834,544 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2013.12.19 17:30:45 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013.12.19 17:30:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013.12.19 17:30:43 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013.12.19 17:30:42 | 000,187,392 | ---- | C] (Realtek Corporation ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2013.12.19 17:30:41 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013.12.19 17:30:41 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013.12.19 17:30:40 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013.12.19 17:30:36 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013.12.19 17:30:36 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013.12.19 17:30:30 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2013.12.19 17:30:28 | 000,134,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2013.12.19 17:30:28 | 000,035,344 | ---- | C] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2013.12.19 17:30:27 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013.12.19 17:30:20 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013.12.19 17:30:20 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013.12.19 17:30:19 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013.12.19 17:30:17 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013.12.19 17:30:14 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013.12.19 17:30:14 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013.12.19 17:30:14 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013.12.19 17:30:11 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013.12.19 17:30:11 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013.12.19 17:30:10 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2013.12.19 17:30:10 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013.12.19 17:30:09 | 000,243,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys.bak
[2013.12.19 17:30:08 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys.bak
[2013.12.19 17:30:08 | 000,114,304 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys.bak
[2013.12.19 17:30:07 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013.12.19 17:30:07 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys.bak
[2013.12.19 17:30:06 | 000,213,416 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys.bak
[2013.12.19 17:30:06 | 000,190,232 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfw.sys.bak
[2013.12.19 17:30:06 | 000,150,616 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys.bak
[2013.12.19 17:30:06 | 000,059,440 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2013.12.19 17:30:06 | 000,058,416 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\epfwwfp.sys.bak
[2013.12.19 17:30:05 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013.12.19 17:30:05 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013.12.19 17:30:05 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013.12.19 17:30:05 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013.12.19 17:30:04 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013.12.19 17:30:04 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013.12.19 17:30:04 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013.12.19 17:30:03 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013.12.19 17:30:02 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013.12.19 17:30:01 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013.12.19 17:30:01 | 000,027,136 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys.bak
[2013.12.19 17:30:01 | 000,019,968 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys.bak
[2013.12.19 17:30:00 | 000,044,688 | ---- | C] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys.bak
[2013.12.19 17:29:58 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013.12.19 17:29:58 | 000,054,272 | ---- | C] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvmdm.sys.bak
[2013.12.19 17:29:58 | 000,052,224 | ---- | C] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvprt.sys.bak
[2013.12.19 17:29:58 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013.12.19 17:29:58 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BdaSup.sys.bak
[2013.12.19 17:29:57 | 000,006,144 | ---- | C] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvflt.sys.bak
[2013.12.19 17:29:56 | 003,678,720 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013.12.19 17:29:56 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013.12.19 17:29:55 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013.12.19 17:29:55 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013.12.19 17:29:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013.12.19 17:29:53 | 000,907,904 | ---- | C] (ITE Technologies ) -- C:\Windows\SysNative\drivers\AF9035HB.sys.bak
[2013.12.19 17:29:52 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013.12.19 17:05:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.12.19 17:05:24 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.12.18 23:53:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.18 23:36:13 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2013.12.04 02:22:50 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013.12.04 02:22:50 | 000,196,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.12.04 02:22:50 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.12.04 02:22:34 | 000,074,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapo64v.dll
[2013.11.29 17:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seznam DVD
[2013.11.29 17:57:22 | 000,000,000 | ---D | C] -- C:\Seznam DVD
[2013.11.25 21:38:29 | 000,000,000 | R--D | C] -- C:\Users\uzivatel\Desktop\ALIDVR

========== Files - Modified Within 30 Days ==========

[2013.12.25 15:38:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.25 14:29:56 | 000,196,626 | ---- | M] () -- C:\Users\uzivatel\Desktop\bb.jpg
[2013.12.25 14:18:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2013.12.25 14:17:21 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.25 14:17:21 | 000,015,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[79user]

pokračování
[2013.12.25 14:16:58 | 000,061,289 | ---- | M] () -- C:\Users\uzivatel\Desktop\854.png
[2013.12.25 14:15:02 | 031,086,100 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.12.25 14:15:02 | 011,604,288 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.25 14:15:02 | 010,960,590 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.12.25 14:15:02 | 010,635,456 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.25 14:15:01 | 000,005,198 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.25 14:09:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.25 14:09:29 | 3195,211,776 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.24 11:42:05 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.12.23 15:07:37 | 000,000,548 | ---- | M] () -- C:\Users\uzivatel\Desktop\YTD.lnk
[2013.12.23 10:51:26 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.12.20 11:01:57 | 000,145,408 | ---- | M] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdmc.sys.bak
[2013.12.20 11:01:57 | 000,145,408 | ---- | M] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdm.sys.bak
[2013.12.20 11:01:57 | 000,018,944 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrmdfl.sys.bak
[2013.12.20 11:01:57 | 000,015,360 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwhnt.sys.bak
[2013.12.20 11:01:57 | 000,015,360 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwh.sys.bak
[2013.12.20 11:01:56 | 000,108,544 | ---- | M] (MCCI) -- C:\Windows\SysNative\drivers\zebrbus.sys.bak
[2013.12.20 11:01:56 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2013.12.20 11:01:56 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcmnt.sys.bak
[2013.12.20 11:01:56 | 000,014,848 | ---- | M] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcm.sys.bak
[2013.12.20 11:01:55 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2013.12.20 11:01:55 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2013.12.20 11:01:53 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2013.12.20 11:01:52 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbser.sys.bak
[2013.12.20 11:01:52 | 000,009,216 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys.bak
[2013.12.20 11:01:52 | 000,009,216 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys.bak
[2013.12.20 11:01:51 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2013.12.20 11:01:51 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2013.12.20 11:01:50 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2013.12.20 11:01:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2013.12.20 11:01:50 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2013.12.20 11:01:49 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2013.12.20 11:01:48 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2013.12.20 11:01:47 | 000,505,344 | ---- | M] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys.bak
[2013.12.20 11:01:47 | 000,396,848 | ---- | M] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys.bak
[2013.12.20 11:01:47 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2013.12.20 11:01:47 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2013.12.20 11:01:47 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2013.12.20 11:01:46 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys.bak
[2013.12.20 11:01:46 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2013.12.20 11:01:45 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2013.12.20 11:01:45 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2013.12.20 11:01:44 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2013.12.20 11:01:43 | 000,187,392 | ---- | M] (Realtek Corporation ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2013.12.20 11:01:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2013.12.20 11:01:43 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2013.12.20 11:01:43 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2013.12.20 11:01:40 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2013.12.20 11:01:39 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2013.12.20 11:01:35 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys.bak
[2013.12.20 11:01:34 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2013.12.20 11:01:34 | 000,134,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys.bak
[2013.12.20 11:01:34 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) -- C:\Windows\SysNative\drivers\npf.sys.bak
[2013.12.20 11:01:28 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2013.12.20 11:01:28 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2013.12.20 11:01:28 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2013.12.20 11:01:27 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys.bak
[2013.12.20 11:01:26 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2013.12.20 11:01:24 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2013.12.20 11:01:24 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2013.12.20 11:01:24 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2013.12.20 11:01:23 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2013.12.20 11:01:23 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2013.12.20 11:01:23 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2013.12.20 11:01:22 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2013.12.20 11:01:21 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2013.12.20 11:01:21 | 000,243,200 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys.bak
[2013.12.20 11:01:21 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys.bak
[2013.12.20 11:01:21 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys.bak
[2013.12.20 11:01:21 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys.bak
[2013.12.20 11:01:20 | 000,190,232 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfw.sys.bak
[2013.12.20 11:01:20 | 000,059,440 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2013.12.20 11:01:20 | 000,058,416 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\epfwwfp.sys.bak
[2013.12.20 11:01:19 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2013.12.20 11:01:19 | 000,213,416 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\eamonm.sys.bak
[2013.12.20 11:01:19 | 000,150,616 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\ehdrv.sys.bak
[2013.12.20 11:01:19 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2013.12.20 11:01:19 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2013.12.20 11:01:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2013.12.20 11:01:18 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2013.12.20 11:01:18 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2013.12.20 11:01:18 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2013.12.20 11:01:17 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2013.12.20 11:01:16 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2013.12.20 11:01:16 | 000,027,136 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys.bak
[2013.12.20 11:01:16 | 000,019,968 | ---- | M] (Nokia) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys.bak
[2013.12.20 11:01:15 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2013.12.20 11:01:14 | 000,044,688 | ---- | M] (IVT Corporation.) -- C:\Windows\SysNative\drivers\btcusb.sys.bak
[2013.12.20 11:01:13 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2013.12.20 11:01:13 | 000,052,224 | ---- | M] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvprt.sys.bak
[2013.12.20 11:01:13 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2013.12.20 11:01:13 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BdaSup.sys.bak
[2013.12.20 11:01:12 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys.bak
[2013.12.20 11:01:12 | 000,054,272 | ---- | M] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvmdm.sys.bak
[2013.12.20 11:01:12 | 000,006,144 | ---- | M] (Axesstel) -- C:\Windows\SysNative\drivers\Axtmvflt.sys.bak
[2013.12.20 11:01:11 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2013.12.20 11:01:11 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2013.12.20 11:01:10 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2013.12.20 11:01:10 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2013.12.20 11:01:10 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2013.12.20 11:01:09 | 000,907,904 | ---- | M] (ITE Technologies ) -- C:\Windows\SysNative\drivers\AF9035HB.sys.bak
[2013.12.20 11:01:08 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2013.12.16 14:32:29 | 000,044,882 | ---- | M] () -- C:\Users\uzivatel\Desktop\karvina.jar
[2013.12.12 20:19:24 | 001,787,730 | ---- | M] () -- C:\Users\uzivatel\Desktop\benzina.png
[2013.12.12 12:38:57 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.12 12:38:57 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.09 14:59:51 | 000,045,061 | ---- | M] () -- C:\Users\uzivatel\Desktop\uzly.jpg
[2013.12.04 02:22:50 | 001,510,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2013.12.04 02:22:50 | 000,196,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2013.12.04 02:22:50 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2013.12.04 02:22:34 | 000,074,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapo64v.dll
[2013.12.02 21:46:40 | 000,020,330 | ---- | M] () -- C:\Users\uzivatel\Desktop\Nový Textový dokument OpenDocument.odt
[2013.11.29 17:57:32 | 000,000,601 | ---- | M] () -- C:\Users\uzivatel\Desktop\Seznam DVD 2011.lnk

========== Files Created - No Company Name ==========

[2013.12.25 14:29:55 | 000,196,626 | ---- | C] () -- C:\Users\uzivatel\Desktop\bb.jpg
[2013.12.25 14:16:58 | 000,061,289 | ---- | C] () -- C:\Users\uzivatel\Desktop\854.png
[2013.12.23 15:07:37 | 000,000,560 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD.lnk
[2013.12.23 15:07:37 | 000,000,548 | ---- | C] () -- C:\Users\uzivatel\Desktop\YTD.lnk
[2013.12.19 17:30:18 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys.bak
[2013.12.19 17:29:57 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys.bak
[2013.12.16 14:32:28 | 000,044,882 | ---- | C] () -- C:\Users\uzivatel\Desktop\karvina.jar
[2013.12.12 20:19:23 | 001,787,730 | ---- | C] () -- C:\Users\uzivatel\Desktop\benzina.png
[2013.12.09 14:59:50 | 000,045,061 | ---- | C] () -- C:\Users\uzivatel\Desktop\uzly.jpg
[2013.12.02 21:16:15 | 000,020,330 | ---- | C] () -- C:\Users\uzivatel\Desktop\Nový Textový dokument OpenDocument.odt
[2013.11.29 17:57:32 | 000,000,601 | ---- | C] () -- C:\Users\uzivatel\Desktop\Seznam DVD 2011.lnk
[2013.03.07 10:44:29 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.03.07 10:44:29 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.03.07 10:44:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.03.07 10:44:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.03.07 10:44:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.01.18 15:22:07 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2012.12.05 18:14:09 | 000,163,103 | ---- | C] () -- C:\Windows\Go Trabi Go - Probierversion Uninstaller.exe
[2012.06.23 12:23:10 | 000,007,616 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\resmon.resmoncfg
[2012.06.17 17:12:11 | 000,000,428 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2012.04.15 16:47:02 | 001,495,982 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.30 10:43:19 | 000,000,960 | -H-- | C] () -- C:\Users\uzivatel\AppData\Local\SRDownloader.nast
[2011.12.08 16:39:30 | 000,007,680 | -H-- | C] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========

[2013.10.01 20:20:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\.minecraft
[2013.08.09 12:13:34 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\.technic
[2013.08.09 11:10:46 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\.techniclauncher
[2012.02.06 17:12:40 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Aegisub
[2013.09.14 11:24:48 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\BatteryBar
[2013.03.05 12:38:29 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\BitTorrent
[2011.12.21 15:27:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Canon
[2013.12.25 15:18:01 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
[2013.12.25 14:50:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DNA
[2011.07.27 11:40:27 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ESET
[2013.04.09 14:14:01 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Hard Disk Sentinel
[2012.12.21 18:45:44 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Hunspell
[2012.08.21 09:43:01 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Jasc
[2012.08.24 10:38:43 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Jpeg Resampler
[2012.08.30 22:19:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\LangSoft
[2013.02.20 23:17:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\logs
[2012.02.29 14:24:14 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nokia
[2012.02.29 14:21:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PC Suite
[2012.02.29 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PotPlayerMini
[2011.11.14 19:09:09 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ScanSoft
[2013.12.20 10:40:29 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Seznam.cz
[2012.01.20 14:34:04 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Sytexis Software
[2012.01.31 17:19:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Telefónica Móviles
[2012.08.31 18:51:17 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ulozto File Manager
[2012.09.19 17:33:00 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\WildTangent
[2013.06.26 10:18:56 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Windows Live Writer
[2012.11.07 15:10:01 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\XRay Engine
[2013.12.23 17:08:45 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\CENZURA

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
OTL Extras logfile created on: 25.12.2013 15:33:59 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16736)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,97 Gb Total Physical Memory | 2,52 Gb Available Physical Memory | 63,56% Memory free
7,93 Gb Paging File | 6,47 Gb Available in Paging File | 81,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 134,55 Gb Free Space | 28,90% Space Free | Partition Type: NTFS

Computer Name: UZIVATEL-PC | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiSpywareOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\BitTorrent\bittorrent.exe" = C:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
"C:\BitTorrent\bittorrent.exe" = C:\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{195746FD-2660-42B2-92BF-DD4B51F7FC31}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F8A8148-8385-4ED6-A73E-C5DB2080F7E2}" = lport=139 | protocol=6 | dir=in | app=system |
"{37CD4E16-39D7-4EC2-88F9-49F78736660F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4A1A6838-9E71-4F6D-ACF7-50C3338DDDF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{543DAA15-76D9-4406-AB00-35D931890876}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5D230AE8-D643-4521-9CC7-A66E8C0E08CB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{69B5788E-6573-4E8F-BC11-599CC19CD1ED}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{69F6A8A8-B284-41F4-8A0E-E731B215DC42}" = lport=445 | protocol=6 | dir=in | app=system |
"{6C81C724-859A-4859-92AF-77A2A6175948}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7EA2726C-FD8D-4DD8-B24D-9C4B3FB9091C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{808B9B76-5230-4086-A296-0169396B2C56}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83199D89-BDE9-4D7A-ADE7-3A69B68B8A45}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8CE5BFCE-571A-4C66-853F-504360D26BB9}" = lport=137 | protocol=17 | dir=in | app=system |
"{90A084B7-D162-4E72-8758-4AB86BF039DB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{945EB1F3-118A-45F7-8C44-F079B117AC64}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A0732419-BED0-440D-ADA7-73DC69D4C4C1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ADB9C614-8198-4C98-B793-4B8E4A83BA64}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1B12CA3-83B4-4BF0-8EE1-326B4393044D}" = rport=138 | protocol=17 | dir=out | app=system |
"{B996F5F6-DFD9-4611-AB94-107A4A5AC6FD}" = rport=139 | protocol=6 | dir=out | app=system |
"{B9AC8BFD-7E8F-4724-9781-E888466BDFE4}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C035E333-CE55-4BB9-B680-591E111520C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CBE3F8FA-FDC1-4C55-802A-509ED9768D3C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CEE5666C-1F68-4019-8CE5-ADCC731A72A8}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D01B7FB9-2A26-4426-BB1B-6E4226C8918C}" = rport=137 | protocol=17 | dir=out | app=system |
"{D7F33F91-F22A-4493-A329-42D3F8127632}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D8574A29-5F9C-4168-8186-23264A8F6274}" = rport=445 | protocol=6 | dir=out | app=system |
"{ED0BDC0A-DE3E-4290-A525-89ADC1F8F36B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF142B34-8108-40A9-AA73-9F7BDDFA77A5}" = lport=138 | protocol=17 | dir=in | app=system |
"{F5CEEDF8-388D-4034-9DEA-E0D7A9468509}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6B28738-C8E0-48A5-BC8B-F003F1F1F118}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F7B025F7-8EE6-4E56-970E-E2959F43B2C3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0305FD2F-F437-4992-A242-45052F3A2A24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15C8BBD6-3F3D-4353-AA8E-39085C9A8D3D}" = dir=in | app=c:\powerdirector\powerdirector\pdr.exe |
"{29A8EEEA-8862-410C-8BF1-A0DDFB09BF36}" = protocol=6 | dir=in | app=c:\hry\rayman origins\gu.exe |
"{301867F7-FF28-4499-82CD-22B662860E8A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{353BB2BE-EB0E-49F2-9E71-409EAF9E5937}" = protocol=17 | dir=in | app=c:\rally\dirt 3\dirt3_game.exe |
"{404A82B2-C0E0-4CE8-99B1-27517E8AB9C2}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{420BEC8F-A7B6-47A1-9195-076B8022A44B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47E5E920-CC3D-4431-BF49-711AC3E6A4B7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4940EA9A-C4E1-4C02-8051-42111E973BB3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CAF8124-1B4C-4344-91BD-4CB06E1F2FD7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55CA0E5E-9C01-4A1C-BF13-2A9AD67C1468}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{6E54E11F-3B5A-481D-9C3A-150E44565132}" = protocol=17 | dir=in | app=c:\hry\rayman origins\rayman origins.exe |
"{7A185BFA-60A9-4203-9C29-4679D268C35C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7DB363F5-8B98-45F5-8323-6274EA5E11A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85B68BDB-7B14-4D83-AFB8-2326EFF91B7A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8E05FC76-7894-42A1-93F3-2A8CFA87FFFD}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{983A5CEE-5B6E-4C19-AD8A-B09D5CC18140}" = protocol=6 | dir=in | app=c:\hry\rayman origins\rayman origins.exe |
"{A16A6117-B79E-4AC6-B841-78B4976446CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B1BFF3E5-B610-47EA-85E4-90471C4C14B7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B210D095-5F6E-4769-87CC-7D23F51535D6}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{BAA5B927-DFE6-45F4-B431-57479F0168B3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDC0FB17-B04F-4957-8E05-143C4B6F9897}" = protocol=6 | dir=in | app=c:\rally\dirt 3\dirt3_game.exe |
"{BF2E1F29-6E7C-4342-8FF7-D4C438C88FD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C3F518E5-57AD-4EE8-8751-127EFB72651A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C58703C9-87FC-44C8-92E8-8734A14225A1}" = protocol=17 | dir=in | app=c:\hry\rayman origins\gu.exe |
"{C5FAEC9F-DD05-4BD1-9B4A-457702460ABD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D64FE725-ED0F-4FC6-ABB1-271251437BA7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7D5E745-A453-4E36-95F2-B5E6257A8952}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA5FFB6B-DE03-4943-9F78-F1078084D609}" = protocol=6 | dir=out | app=system |
"{E11E4573-5A19-473E-B31C-0D67A0883900}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1A29088-C5D4-4839-8C19-628183759B30}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E7AAE1AC-ADD8-49D2-B95D-7E9B54D88B9F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EE419C51-1B86-463D-BCB7-D2121A9BEB36}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F7F7E62A-AED4-4427-A4AE-02657F3E3B66}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{FA2F3FC4-CA96-4BB2-9DFD-97F08C54063C}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"TCP Query User{14BB60C6-10AE-4C49-9BC4-B92515F17CD9}C:\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\atube catcher 2.0\yct.exe |
"TCP Query User{1AFD3614-D4E3-4D91-8F9B-12E331E59BB4}C:\atube catcher 2.0\yct.exe" = protocol=6 | dir=in | app=c:\atube catcher 2.0\yct.exe |
"TCP Query User{24CEB206-5D81-4CE7-AC7E-2D9B111AB5DC}C:\program files\cpuid\hwmonitorpro\hwmonitorpro.exe" = protocol=6 | dir=in | app=c:\program files\cpuid\hwmonitorpro\hwmonitorpro.exe |
"TCP Query User{29FCAE0A-99E5-4965-8173-C08CF2D8DE57}C:\hry\rayman origins\rayman origins.exe" = protocol=6 | dir=in | app=c:\hry\rayman origins\rayman origins.exe |
"TCP Query User{3F6BA01B-497D-4A77-95F8-AFF1F44D7404}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{5E65BE0F-005E-4C7A-A617-A1E24652FA68}C:\users\uzivatel\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\uzivatel\program files (x86)\dna\btdna.exe |
"TCP Query User{67525F03-2C73-43F8-863D-2C3D0976DA8A}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{7C88FA03-6552-454C-B559-EAD0CB150FD0}C:\casino\paradisecasino\casino.exe" = protocol=6 | dir=in | app=c:\casino\paradisecasino\casino.exe |
"TCP Query User{A92141B6-136D-4972-8120-E2260159BEF7}C:\hry\crynosaurs tech demo - v1.0\bin64\launcher.exe" = protocol=6 | dir=in | app=c:\hry\crynosaurs tech demo - v1.0\bin64\launcher.exe |
"TCP Query User{C012165E-19CC-4330-80FF-841754760129}C:\casino\paradisecasino\casino.exe" = protocol=6 | dir=in | app=c:\casino\paradisecasino\casino.exe |
"TCP Query User{CF3D72DD-B1C7-440C-A478-CF20053D5516}C:\hry\crynosaurs tech demo - v1.0\bin32\launcher.exe" = protocol=6 | dir=in | app=c:\hry\crynosaurs tech demo - v1.0\bin32\launcher.exe |
"TCP Query User{F9903535-2842-4698-B7C0-A81FE6DC2D13}C:\hry\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\hry\tmnationsforever\tmforever.exe |
"UDP Query User{04A5C7F9-5D6A-40CC-9CFA-C1C45D755A52}C:\casino\paradisecasino\casino.exe" = protocol=17 | dir=in | app=c:\casino\paradisecasino\casino.exe |
"UDP Query User{155D2BEB-02A9-4B84-829C-09AAC39F009E}C:\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\atube catcher 2.0\yct.exe |
"UDP Query User{1C7FEF62-11F8-4D26-B6D9-05E5107D9947}C:\hry\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\hry\tmnationsforever\tmforever.exe |
"UDP Query User{41CE5C69-C5A6-4C1A-A9BF-88D40DEA14D5}C:\hry\crynosaurs tech demo - v1.0\bin64\launcher.exe" = protocol=17 | dir=in | app=c:\hry\crynosaurs tech demo - v1.0\bin64\launcher.exe |
"UDP Query User{6E494492-5B16-43D0-9EAC-FD7878B7600A}C:\users\uzivatel\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\uzivatel\program files (x86)\dna\btdna.exe |
"UDP Query User{A1768E2B-8BD6-4455-A7F1-722AD283C0B4}C:\atube catcher 2.0\yct.exe" = protocol=17 | dir=in | app=c:\atube catcher 2.0\yct.exe |
"UDP Query User{AEDE24BB-6DFB-40A2-8EFE-804C33266A0A}C:\program files\cpuid\hwmonitorpro\hwmonitorpro.exe" = protocol=17 | dir=in | app=c:\program files\cpuid\hwmonitorpro\hwmonitorpro.exe |
"UDP Query User{B46D890F-1FED-43FD-A76D-574256EC36AF}C:\casino\paradisecasino\casino.exe" = protocol=17 | dir=in | app=c:\casino\paradisecasino\casino.exe |
"UDP Query User{D2DAE2CC-11B3-4B21-B77D-C8F98972B732}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{D9E14033-335C-4CB9-8A98-643F3257A54C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{E00BC52A-711C-4C40-A837-672D80B2E231}C:\hry\crynosaurs tech demo - v1.0\bin32\launcher.exe" = protocol=17 | dir=in | app=c:\hry\crynosaurs tech demo - v1.0\bin32\launcher.exe |
"UDP Query User{F97BD6A5-4A3B-40A7-A3D4-AB970B1E7FB5}C:\hry\rayman origins\rayman origins.exe" = protocol=17 | dir=in | app=c:\hry\rayman origins\rayman origins.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{14EC807A-F88E-4FCF-8013-CB909F930E88}_is1" = PDF-Tools 4
"{17CA32D1-73BD-4990-B8F6-369D8D34B05D}" = Microsoft Antimalware Service CS-CZ Language Pack
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{983073CD-FAAF-4907-AA07-037DBA73B8EE}" = ESET Smart Security
"{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1" = PDF-Viewer
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client CS-CZ Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"BatteryBar" = BatteryBar (remove only)
"CCleaner" = CCleaner
"CPUID HWMonitorPro_is1" = CPUID HWMonitor Pro 1.16
"GreyGray" = GreyGray 2013.11.07.204235
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{10C59A72-032F-4dc5-AF77-EB0E1F26875E}" = Strategy 3 - The Dark Legions - Shareware
"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
"{1ABDE5A0-2F9C-4B33-8A53-B12377CF8643}" = 4x4 Hummer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1" = Aegisub 2.1.8
"{26A24AE4-039D-4CA4-87B4-2F83216029F0}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = WIDCOMM Bluetooth Software
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"{44487407-D72E-4A5D-A0A5-5037ED03DD40}" = Démo Fort Boyard - le jeu
"{47957648-B46A-4211-85E1-01A15B6A1B45}" = Ace of Spades
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA68A73-DB9C-439D-9481-981C82BD008B}" = Nokia Connectivity Cable Driver
"{519556CC-4382-4B35-80F5-DD8E9460EEAC}" = OpenOffice.org 2.3
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52C32940-C538-40CF-8DE9-B91090F49938}" = Infovox Desktop 2.2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58005385-C433-4B89-BFA5-484A7C315C55}_is1" = Vypalovač CD / DVD / Blu-ray / HD-DVD 1.25
"{5F4B3597-5E5B-4495-AC1F-9ABF21BEC2FC}" = DartsDemo
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{60C7709B-2EC1-4E45-A53C-B51034847B06}_is1" = ABC Edice PC her - Alpine Skiing & Ski Jumping
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8190420D-F4BA-4744-8940-A466F81AF89C}_is1" = Ulož.to File Manager verze 1.5
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}" = Nero BurnLite 10
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}" = Nero BurnLite 10
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BBB42DC1-C85B-412D-A97D-4FA5B150EED7}" = Alien Arena 2007
"{BE2B3379-FAE0-4D2D-91DA-9DE9A527F092}" = World Racing Hockenheim Demo
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C45EB9E5-7165-4FB0-8C31-77FC4743362F}" = Manual CanoScan LiDE 25
"{C4CD208D-E3A2-488B-A4F4-FD8DE3DADD25}_is1" = BMW M3 Challenge
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = CanoScan Toolbox Ver4.9
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DDABECD7-C579-4477-8B5F-B817AF54B2DC}" = Moorhuhn Kart 2 XS
"{DE491AB9-1D47-4FED-A8F5-4D4325B2EB4B}" = Rayman Origins
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{FB6AE173-CBB2-40AE-8DB1-3321B281BD76}" = Hidden & Dangerous Deluxe
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Alchemy Mahjong" = Alchemy Mahjong
"aTube Catcher" = aTube Catcher
"AVI Joiner_is1" = AVI Joiner version 1.0
"Better Surf Plus" = Better Surf Plus
"Booty Duty" = Booty Duty
"CamStudio" = CamStudio
"CoD 2 čeština_is1" = CoD 2 čeština
"DebugMode Wink" = DebugMode Wink
"FastStone Capture" = FastStone Capture 7.2
"FormatFactory" = FormatFactory 2.60
"GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}" = DiRT 3
"GIF Animator" = Microsoft GIF Animator
"Go Trabi Go - Probierversion" = Go Trabi Go - Probierversion
"HandyUpdater" = Handy Updater
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"Incoming" = Incoming
"Indeo® Software" = Indeo® Software
"InstallShield_{BE2B3379-FAE0-4D2D-91DA-9DE9A527F092}" = World Racing Hockenheim Demo
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"JpegResampler2010_is1" = Jpeg Resampler Vs 6+
"KartingRace_is1" = KartingRace v1.02
"Light Driver" = Light Driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Mihov Image Resizer" = Mihov Image Resizer (remove only)
"MiniGolfPro_is1" = Mini Golf Pro
"MOTORM4X" = MOTORM4X
"Mozilla Firefox 26.0 (x86 cs)" = Mozilla Firefox 26.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Muerte Mechanica" = Muerte Mechanica
"O2CZ" = O2
"OpenAL" = OpenAL
"PC Translator" = PC Translator
"PokerStars" = PokerStars
"PotPlayer" = Daum PotPlayer 1.5.28025
"RaceRoom The Game 2_is1" = RaceRoom The Game 2
"Seznam DVD 2011_is1" = Seznam DVD 2011
"Share Rapid Poker_is1" = Share Rapid Poker 1.8
"Share Search Tool_is1" = Share Search Tool
"Sunshine Acres" = Sunshine Acres
"Superbike Racers_is1" = Superbike Racers
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.8
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 1.1.11
"VRally3 Demo_is1" = VRally3 Demo
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Winter Extreme Racers_is1" = Winter Extreme Racers
"WinZip" = WinZip
"World Racing 2 Spec" = World Racing 2 Spec