Prosim o kontrolu logu

Příspěvekod **jaro3** » 25 kvě 2014 09:47

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files\icsE07E.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Google\Update

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Reklama

tomas_ch · Příspěvekod **tomas_ch** » 25 kvě 2014 13:15

Ahoj,
Po restartu po Combofixu mi ve windows skakalo jedno okno pres druhe s hlaskou PRISTUP ODEPREN.
Restartoval jsem znovu pc a nechal nabehnout v nouzovem rezimu.
Nejdrive to psalo, ze potrebuji administratorske opravneni a po nejake chvili vybehl log.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.5.2014
Čas skenování: 11:41:01
Protokol: malware02.txt
Správce: Ne

Verze: 2.00.2.1012
Databáze malwaru: v2014.03.04.09
Databáze rootkitů: v2014.02.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: Guest

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 163982
Uplynulý čas: 11 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)

(end)

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

ComboFix 14-05-19.01 - SYSTEM 25.05.2014 12:01:03.5.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2038.794 [GMT 2:00]
Spuštěný z: c:\users\Guest\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Guest\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\icsE07E.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdate.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateComRegisterShell64.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.24.7\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.24.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.24.7\goopdate.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_am.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ar.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_bg.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_bn.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ca.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_cs.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_da.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_de.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_el.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_en.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_es.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_et.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fa.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fil.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_fr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_gu.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_hu.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_id.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_is.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_it.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_iw.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ja.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_kn.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ko.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_lt.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_lv.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ml.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_mr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ms.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_nl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_no.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ro.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ru.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sk.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sl.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sv.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_sw.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ta.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_te.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_th.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_tr.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_uk.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_ur.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_vi.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.24.7\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.24.7\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.24.7\psmachine.dll
c:\program files\Google\Update\1.3.24.7\psmachine_64.dll
c:\program files\Google\Update\1.3.24.7\psuser.dll
c:\program files\Google\Update\1.3.24.7\psuser_64.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.7\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.114\35.0.1916.114_chrome_installer.exe
c:\program files\Google\Update\Download\{E4079B37-029A-4FD1-BFED-76AF7530A80F}\GoogleUpdateSetup.exe
c:\program files\Google\Update\GoogleUpdate.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-25 do 2014-05-25 )))))))))))))))))))))))))))))))
.
.
2014-05-25 10:23 . 2014-05-25 10:23 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2014-05-25 10:23 . 2014-05-25 10:23 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2014-05-25 10:23 . 2014-05-25 10:23 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2014-05-25 10:23 . 2014-05-25 10:23 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2014-05-25 10:23 . 2014-05-25 10:23 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2014-05-25 10:23 . 2014-05-25 10:23 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2014-05-25 10:23 . 2014-05-25 10:23 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2014-05-25 10:23 . 2014-05-25 10:23 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2014-05-25 10:23 . 2014-05-25 10:23 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2014-05-25 10:23 . 2014-05-25 10:23 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2014-05-25 10:23 . 2014-05-25 10:23 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2014-05-25 10:23 . 2014-05-25 10:23 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2014-05-25 10:22 . 2014-05-25 10:22 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2014-05-25 10:22 . 2014-05-25 10:22 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2014-05-25 10:22 . 2014-05-25 10:22 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2014-05-25 10:22 . 2014-05-25 10:22 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2014-05-25 10:22 . 2014-05-25 10:22 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2014-05-25 10:09 . 2014-05-25 10:26 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-05-25 10:09 . 2014-05-25 10:09 -------- d-----w- c:\users\vercik\AppData\Local\temp
2014-05-25 10:09 . 2014-05-25 10:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-05-25 10:09 . 2014-05-25 10:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-24 15:03 . 2014-05-25 09:55 -------- d-----w- c:\users\Guest\AppData\Local\CrashDumps
2014-05-24 10:32 . 2014-05-24 10:32 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-05-24 09:57 . 2014-05-24 09:57 -------- d-----w- c:\windows\ERUNT
2014-05-24 07:39 . 2014-04-30 23:37 8073384 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CBD2AA0-A46D-44F9-A265-662B8EA980F6}\mpengine.dll
2014-05-23 21:38 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-05-23 21:32 . 2014-05-23 21:32 -------- d-----w- c:\users\Guest\AppData\Local\GHISLER
2014-05-23 20:12 . 2014-05-23 20:12 -------- d-----w- c:\users\Guest\AppData\Roaming\GHISLER
2014-05-23 20:12 . 2014-05-23 20:12 -------- d-----w- c:\users\Default\AppData\Roaming\GHISLER
2014-05-22 22:08 . 2014-05-24 09:54 -------- d-----w- C:\AdwCleaner
2014-05-22 21:34 . 2014-05-24 10:59 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-22 21:33 . 2014-05-22 21:33 -------- d-----w- c:\users\Default\AppData\Roaming\AVG
2014-05-22 21:32 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-22 21:32 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-22 21:32 . 2014-05-23 14:57 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2014-05-22 21:20 . 2014-05-22 21:20 -------- d-----w- c:\users\Guest\AppData\Roaming\Malwarebytes
2014-05-22 20:48 . 2014-05-22 20:48 -------- d-----w- c:\users\Guest\AppData\Roaming\SUPERAntiSpyware.com
2014-05-22 20:46 . 2014-05-22 20:46 -------- d-----w- c:\users\Default\AppData\Local\Opera Software
2014-05-22 20:46 . 2014-05-22 20:46 -------- d-----w- c:\users\Default\AppData\Roaming\SUPERAntiSpyware.com
2014-05-22 20:45 . 2014-05-22 20:45 -------- d-----w- c:\users\Default\AppData\Roaming\Opera Software
2014-05-22 20:43 . 2014-05-22 21:21 -------- d-----w- c:\program files\CCleaner
2014-05-22 20:18 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-22 18:53 . 2014-05-22 18:53 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-05-22 12:58 . 2014-05-22 12:58 -------- d-----w- c:\users\Guest\AppData\Local\Google
2014-05-15 05:27 . 2014-05-05 23:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-09 07:49 . 2014-05-09 07:49 -------- d-----w- c:\users\Guest\AppData\Roaming\OpenOffice.org
2014-05-08 19:26 . 2014-05-08 19:26 -------- d-----w- c:\users\Guest\AppData\Roaming\AVG
2014-05-08 19:22 . 2014-05-08 19:22 -------- d-----w- c:\users\Guest\AppData\Local\Opera Software
2014-05-08 19:22 . 2014-05-08 19:22 -------- d-----w- c:\users\Guest\AppData\Roaming\Opera Software
2014-05-08 19:01 . 2014-05-23 14:38 -------- d-----w- c:\users\TEMP
2014-04-25 12:44 . 2014-04-25 16:44 -------- d-----w- c:\users\vercik\AppData\Local\AVG SafeGuard toolbar
2014-04-25 12:44 . 2014-05-08 19:02 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-25 10:19 . 2008-10-28 10:46 45056 ----a-w- c:\windows\system32\acovcnt.exe
2014-05-14 08:50 . 2012-04-08 17:52 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-14 08:50 . 2012-03-10 12:26 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-31 07:35 . 2009-10-02 18:08 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-22 10:15 . 2014-03-22 10:15 55224 ----a-w- c:\windows\system32\drivers\tStLib.sys
2014-03-07 23:12 . 2014-04-22 20:15 1806848 ----a-w- c:\windows\system32\jscript9.dll
2014-03-07 23:02 . 2014-04-22 20:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-07 23:02 . 2014-04-22 20:15 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-03-07 22:57 . 2014-04-22 20:15 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-07 22:56 . 2014-04-22 20:15 421376 ----a-w- c:\windows\system32\vbscript.dll
2013-09-06 19:43 . 2013-09-06 19:43 116224 ----a-w- c:\program files\icsE07E.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 5625624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\ASUSTek\ASUSDVD\PDVDServ.exe" [2008-04-03 87336]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-22 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-22 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-22 133656]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-31 4702208]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-10-28 618496]
"3200 Scan2PC"="c:\windows\twain_32\Samsung\SCX3200\Scan2Pc.exe" [2010-05-18 1989120]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2014-01-06 5625624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-12-13 08:43 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2008-02-22 18:19 62760 ----a-w- c:\program files\ASUSTek\ASUSDVD\Language\Language.exe
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
MbnExt REG_MULTI_SZ MbnExt
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-23 20:59 1091912 ----a-w- c:\program files\Google\Chrome\Application\35.0.1916.114\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 08:50]
.
2014-05-25 c:\windows\Tasks\User_Feed_Synchronization-{308C1B8A-0EFD-474F-8A6B-6F01DD370226}.job
- c:\windows\system32\msfeedssync.exe [2013-02-04 18:00]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://www.google.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-05-25 12:31
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1580)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\helppane.exe
.
**************************************************************************
.
Celkový čas: 2014-05-25 12:37:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-25 10:36
ComboFix2.txt 2014-05-24 19:08
.
Před spuštěním: 989 704 192
Po spuštění: 2 723 237 888
.
- - End Of File - - A815E045BB42E89D23417272F250A6B6
64B1E91C5C6C2157642651010728F90F

--------------------------------------------------------------------------------

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-05-25 12:57:30
-----------------------------
12:57:30.884 OS Version: Windows 6.0.6002 Service Pack 2
12:57:30.884 Number of processors: 2 586 0xF0D
12:57:30.899 ComputerName: VERCIK-ASUS UserName: vercik
12:57:32.303 Initialize success
12:57:38.013 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
12:57:38.013 Disk 0 Vendor: Hitachi_ BBCO Size: 152627MB BusType: 3
12:57:38.153 Disk 0 MBR read successfully
12:57:38.169 Disk 0 MBR scan
12:57:38.169 Disk 0 unknown MBR code
12:57:38.169 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 10001 MB offset 63
12:57:38.200 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 20482875
12:57:38.200 Disk 0 Partition - 00 0F Extended LBA 66315 MB offset 176763195
12:57:38.231 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 66315 MB offset 176763258
12:57:38.231 Disk 0 scanning sectors +312576705
12:57:38.481 Disk 0 scanning C:\Windows\system32\drivers
12:57:47.700 Service scanning
12:58:04.049 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
12:58:10.008 Modules scanning
12:58:20.944 Disk 0 trace - called modules:
12:58:20.960
12:58:20.975 Scan finished successfully
13:10:26.094 Disk 0 MBR has been saved successfully to "C:\Users\Guest\Desktop\MBR.dat"
13:10:26.141 The log file has been saved successfully to "C:\Users\Guest\Desktop\aswMBR.txt"

Diky.... :-)

Příspěvekod **Orcus** » 25 kvě 2014 14:07

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy? + nový log z HJT

tomas_ch · Příspěvekod **tomas_ch** » 25 kvě 2014 20:26

Asi se to nekde podelalo u scriptu v Combofixu, protoze nenastala zadna zmena.

Nemohu se nalogovat do uzivatele Vercik, pise to "Sluzbe Sluzba Profil uzivatele se nepodarilo prihlaseni"
Dale po nalogovani jako Guest mi to zacalo psat Program LUpdate MFC Application prestal pracovat.
Pri updatu Malware stale hazi hlasku Runtime Error.

Vkladam log z HJT, za chvili vlozim novy log z Combofixu a vyzkousim znovu vytvorit CFscript.txt.

Moc dekuji za vasi trpelivost

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:56, on 25.5.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Guest\Desktop\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [3200 Scan2PC] "C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe"
O4 - HKUS\S-1-5-21-3024212301-390719609-2198922643-501\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun (User 'Guest')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 5734 bytes

Příspěvekod **Orcus** » 25 kvě 2014 20:44

CF se provedl, není potřeba jej dělat znova.

K přihlášení zkus:
http://support.microsoft.com/kb/947215/cs

tomas_ch · Příspěvekod **tomas_ch** » 25 kvě 2014 21:20

OK, jdu to zkusit.... vkladam log Delfix... probehl podruhe, takze uz skoro nemel co mazat

# DelFix v10.7 - Logfile created 25/05/2014 at 21:17:27
# Updated 27/04/2014 by Xplode
# Username : vercik - VERCIK-ASUS
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)

~ Removing disinfection tools ...

Deleted : \ComboFix.txt
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #2125 [ComboFix created restore point | 05/25/2014 19:16:29]

New restore point created !

########## - EOF - ##########

tomas_ch · Příspěvekod **tomas_ch** » 25 kvě 2014 21:50

uf to bylo o nervy.... :-)

to jsem se strachy zpotil

uz jsem se prihlasil jako VERCIK
jdu pro jistotu pustit jeste Malware
pokud neco najde, mohu jeste poslat log z HJT?

tomas_ch · Příspěvekod **tomas_ch** » 25 kvě 2014 22:43

zdravim,
vypada to dalsi bordel v systemu uzivatele VERCIK,
mam jiz vycisteno CCleanerem,
zasilam log z HJT a Malware

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:40:03, on 25.5.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16545)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\Users\vercik\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\vercik\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [3200 Scan2PC] "C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [UpdateChecker] C:\Users\vercik\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe
O4 - HKCU\..\Run: [uTorrent] C:\Users\vercik\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

--
End of file - 6364 bytes

----------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 25.5.2014
Čas skenování: 22:18:06
Protokol: malware01.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.05.25.06
Databáze rootkitů: v2014.05.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: vercik

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 321167
Uplynulý čas: 18 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 5
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CF0F43AB-9C23-4D7B-8040-201B82844854}, , [9bff9abb205b91a5ec0834305ea459a7],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CF0F43AB-9C23-4D7B-8040-201B82844854}, , [9bff9abb205b91a5ec0834305ea459a7],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [e8b260f5de9d9f97956085dfba48c838],
PUP.Optional.SmileysWeLove.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E4EF8A64-0A30-48F5-B3FE-5FDA978DA775}, , [e8b260f5de9d9f97956085dfba48c838],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, , [940680d5c6b5ed494031b10cbc475aa6],

Hodnoty registru: 1
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3024212301-390719609-2198922643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {257BE10E-E398-436D-8295-C0972E353111}, , [940680d5c6b5ed494031b10cbc475aa6]

Data registru: 0
(No malicious items detected)

Složky: 3
PUP.Optional.OpenCandy, C:\Users\vercik\AppData\Roaming\OpenCandy, , [81195df87efd88ae4345c5b1927057a9],
PUP.Optional.OpenCandy, C:\Users\vercik\AppData\Roaming\OpenCandy\18D408DD8BDB422598E7CB97D0EC2DC7, , [81195df87efd88ae4345c5b1927057a9],
PUP.Optional.OpenCandy, C:\Users\vercik\AppData\Roaming\OpenCandy\B801BA154A384949804DE49060E6BDDA, , [81195df87efd88ae4345c5b1927057a9],

Soubory: 2
PUP.Optional.OpenCandy, C:\Users\vercik\AppData\Roaming\OpenCandy\18D408DD8BDB422598E7CB97D0EC2DC7\SmileysWeLove_SetupS_cdn.exe, , [81195df87efd88ae4345c5b1927057a9],
PUP.Optional.OpenCandy, C:\Users\vercik\AppData\Roaming\OpenCandy\B801BA154A384949804DE49060E6BDDA\avg_tuht_stf_cs_2014_206_CZ.exe, , [81195df87efd88ae4345c5b1927057a9],

Fyzické sektory: 0
(No malicious items detected)

(end)

Příspěvekod **jaro3** » 26 kvě 2014 09:38

. spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing

Ta hláška:
http://answers.microsoft.com/en-us/wind ... d54c025076

Ještě tam něco zůstalo , co CF nesmazual.

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

tomas_ch · Příspěvekod **tomas_ch** » 26 kvě 2014 20:38

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.5.2014
Čas skenování: 18:33:03
Protokol: malware02.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.05.26.02
Databáze rootkitů: v2014.05.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: vercik

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 310846
Uplynulý čas: 16 min, 42 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)

(end)

tomas_ch · Příspěvekod **tomas_ch** » 26 kvě 2014 20:38

OTL logfile created on: 26.5.2014 19:22:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vercik\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,29% Memory free
4,22 Gb Paging File | 3,19 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 1,75 Gb Free Space | 2,34% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 9,19 Gb Free Space | 14,20% Space Free | Partition Type: NTFS

Computer Name: VERCIK-ASUS | User Name: vercik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\vercik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATK Hotkey\HControl.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
PRC - C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (ScanSoft, Inc.)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)

========== Modules (No Company Name) ==========

MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
MOD - C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe ()
MOD - C:\Windows\twain_32\Samsung\SCX3200\SSOle.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
MOD - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll ()
MOD - C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll ()

========== Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MbnExt) -- C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll (Gemfor s.r.o.)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Windows\TEMP\catchme.sys File not found
DRV - (avtrl1qu) -- File not found
DRV - (agcdrpjw) -- File not found
DRV - (MBAMWebAccessControl) -- C:\Windows\System32\drivers\mwac.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (tStLib) -- C:\Windows\System32\drivers\tStLib.sys (StdLib)
DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.)
DRV - (huawei_cdcacm) -- C:\Windows\System32\drivers\ew_jucdcacm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_enumerator) -- C:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_cdcecm) -- C:\Windows\System32\drivers\ew_jucdcecm.sys (Huawei Technologies Co., Ltd.)
DRV - (huawei_ext_ctrl) -- C:\Windows\System32\drivers\ew_juextctrl.sys (Huawei Technologies Co., Ltd.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (ew_hwusbdev) -- C:\Windows\System32\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (ew_usbenumfilter) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys (Huawei Technologies Co., Ltd.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (Axtmvmdm) -- C:\Windows\System32\drivers\Axtmvmdm.sys (Axesstel)
DRV - (Axtmvprt) -- C:\Windows\System32\drivers\Axtmvprt.sys (Axesstel)
DRV - (Axtmvflt) -- C:\Windows\System32\drivers\Axtmvflt.sys (Axesstel)
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{2A344854-4CEB-4DE3-9C6E-ABFB37E88AF7}: "URL" = http://www.dealio.com/products.html?kwd={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_en
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg.com/search?cid={37A647D9-0D3F-4C2F-827B-F1978EFAE766}&mid=ef705b5de6a684e96336a17dc4b08107-3018e51038fbf652ca94ae00af6f8a3bb278f46b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 14:44:09&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://my.myplaycity.com/results.php?category=web&s={searchTerms}
IE - HKCU\..\SearchScopes\{AB55450C-0ED7-45FB-B2B7-CFA5685A5F7C}: "URL" = http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{C135B757-70DD-4914-AFB2-04552ADFE8BF}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=D4829FDF-6C49-4441-9574-F64D98F2E080&apn_sauid=BCEDAD85-4798-4043-82C8-1A33DCEDBF89
IE - HKCU\..\SearchScopes\{DA85FDDC-70ED-47BA-9B6F-3C66843BB95F}: "URL" = http://search.yahoo.com/search?ei=utf-8 ... e=vdio2&p={searchTerms}
IE - HKCU\..\SearchScopes\F73D2945B9A34CB8808EC3F6D06D328C: "URL" = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_5
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.02 13:13:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2010.01.16 17:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions
[2010.01.16 17:27:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2014.02.03 22:28:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions
[2014.01.30 20:23:36 | 000,490,422 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2012.02.21 22:47:13 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2014.01.17 17:47:08 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.09.24 20:05:50 | 000,002,273 | ---- | M] () -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\searchplugins\bingp.xml
[2013.12.14 23:37:01 | 000,001,997 | ---- | M] () -- C:\Users\vercik\AppData\Roaming\Mozilla\Firefox\Profiles\6p1umv83.default\searchplugins\myplaycity.xml
[2013.12.20 17:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.12.20 17:43:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014.02.08 12:38:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.12.20 17:43:57 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.18 16:28:14 | 000,186,584 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll

========== Chrome ==========

CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = http://mysearch.avg.com/search?cid={37A647D9-0D3F-4C2F-827B-F1978EFAE766}&mid=ef705b5de6a684e96336a17dc4b08107-3018e51038fbf652ca94ae00af6f8a3bb278f46b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 14:44:09&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = http://toolbar.avg.com/acp?q={searchTerms}&o=1,
CHR - homepage: http://mysearch.avg.com?cid={37A647D9-0D3F-4C2F-827B-F1978EFAE766}&mid=ef705b5de6a684e96336a17dc4b08107-3018e51038fbf652ca94ae00af6f8a3bb278f46b&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-04-25 14:44:09&v=18.0.5.292&pid=safeguard&sg=&sap=hp
CHR - plugin: Error reading preferences file
CHR - Extension: PenÄ›Ĺľenka Google = C:\Users\vercik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2014.05.25 12:31:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [3200 Scan2PC] C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [T-Mobile CManager] C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3175F673-D5C2-4BC8-961B-5064F0E91BD8}: DhcpNameServer = 93.153.117.33 93.153.117.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{361F0B07-6DA7-49D9-B073-475EA1937563}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3AB100BA-5E77-41EE-B674-8620B63962A7}: DhcpNameServer = 93.153.117.33 93.153.117.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{487927D1-C621-458D-8214-4CCF60632D37}: DhcpNameServer = 93.153.117.1 93.153.117.33
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\vercik\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\vercik\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014.05.26 19:03:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\vercik\Desktop\OTL.exe
[2014.05.26 18:54:43 | 000,000,000 | ---D | C] -- C:\Users\vercik\Desktop\backups
[2014.05.25 22:54:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.05.25 22:51:46 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Local\CrashDumps
[2014.05.25 22:43:47 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\vercik\Desktop\TFC.exe
[2014.05.25 22:43:40 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\vercik\Desktop\ATF-Cleaner.exe
[2014.05.25 22:39:14 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\vercik\Desktop\HiJackThis.exe
[2014.05.25 21:43:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.05.25 20:57:13 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.05.25 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\vercik\AppData\Local\temp
[2014.05.24 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014.05.23 23:38:41 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\System32\sqlite3.dll
[2014.05.23 00:01:02 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014.05.22 23:34:00 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.05.22 23:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014.05.22 23:32:49 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014.05.22 23:32:49 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014.05.22 23:32:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014.05.22 22:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2014.05.22 22:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.05.22 22:43:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.05.22 22:18:35 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014.05.22 20:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2014.05.15 07:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.05.15 07:27:41 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.05.26 19:24:00 | 000,000,484 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{308C1B8A-0EFD-474F-8A6B-6F01DD370226}.job
[2014.05.26 19:04:04 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014.05.26 19:03:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\vercik\Desktop\OTL.exe
[2014.05.26 18:58:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2014.05.26 18:57:39 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2014.05.26 18:57:21 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014.05.26 18:57:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014.05.26 18:57:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.05.26 18:57:12 | 2138,300,416 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.26 18:50:23 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.25 22:54:14 | 001,326,389 | ---- | M] () -- C:\Users\vercik\Desktop\adwcleaner_3.210.exe
[2014.05.25 22:43:49 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\vercik\Desktop\TFC.exe
[2014.05.25 22:43:41 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\vercik\Desktop\ATF-Cleaner.exe
[2014.05.25 22:39:18 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\vercik\Desktop\HiJackThis.exe
[2014.05.25 22:16:03 | 000,000,806 | ---- | M] () -- C:\Users\vercik\Desktop\µTorrent.lnk
[2014.05.25 12:31:44 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014.05.24 12:36:20 | 003,972,608 | ---- | M] () -- C:\Users\vercik\Desktop\RogueKiller (1).exe
[2014.05.23 23:04:45 | 000,001,979 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.05.23 22:57:03 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2014.05.23 16:57:45 | 000,000,907 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.05.22 23:22:02 | 000,000,812 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.05.22 22:47:26 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014.05.14 10:50:32 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014.05.14 10:50:32 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014.05.12 07:26:04 | 000,051,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014.05.12 07:25:58 | 000,074,456 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014.05.12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014.05.11 17:18:56 | 000,658,694 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2014.05.11 17:18:56 | 000,639,374 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014.05.11 17:18:56 | 000,142,748 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2014.05.11 17:18:56 | 000,124,748 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014.05.08 21:02:26 | 000,042,784 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2014.05.06 01:14:12 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014.05.04 10:30:08 | 000,166,912 | ---- | M] () -- C:\Users\vercik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.05.25 22:54:10 | 001,326,389 | ---- | C] () -- C:\Users\vercik\Desktop\adwcleaner_3.210.exe
[2014.05.25 22:16:03 | 000,000,806 | ---- | C] () -- C:\Users\vercik\Desktop\µTorrent.lnk
[2014.05.25 12:55:02 | 2138,300,416 | -HS- | C] () -- C:\hiberfil.sys
[2014.05.24 12:36:19 | 003,972,608 | ---- | C] () -- C:\Users\vercik\Desktop\RogueKiller (1).exe
[2014.05.22 22:47:26 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2014.05.22 22:43:59 | 000,000,812 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.05.22 22:18:37 | 000,000,907 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.27 20:44:12 | 000,040,960 | ---- | C] () -- C:\Windows\System32\psfind.dll
[2012.01.02 13:00:34 | 000,000,218 | ---- | C] () -- C:\Users\vercik\.recently-used.xbel
[2010.11.03 17:12:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.11.24 13:01:25 | 000,166,912 | ---- | C] () -- C:\Users\vercik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.31 05:05:26 | 000,000,670 | ---- | C] () -- C:\Program Files\formats.dat

========== ZeroAccess Check ==========

[2006.11.02 14:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 15:26:04 | 011,587,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.12.27 13:32:46 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Ashampoo
[2012.02.29 22:41:54 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Audacity
[2014.02.03 22:33:55 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\AVG
[2013.09.10 20:04:54 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\BSplayer
[2008.11.24 12:43:38 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\BSplayer Pro
[2009.01.09 21:44:51 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Canon
[2011.06.11 16:01:03 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools
[2013.03.09 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools Lite
[2011.06.11 16:01:03 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DAEMON Tools Pro
[2014.02.22 15:01:07 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\DivoGames
[2012.01.02 12:29:53 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\enchant
[2013.09.07 08:27:46 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\ESET
[2012.03.31 16:10:27 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Flood Light Games
[2013.12.16 06:34:50 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\GHISLER
[2012.01.02 12:48:30 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\gtk-2.0
[2010.02.24 18:24:23 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\OpenOffice.org
[2014.02.03 22:32:46 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Opera Software
[2014.02.03 22:27:31 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\rmi
[2013.01.19 12:05:24 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Rovio
[2012.01.14 21:47:06 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\runic games
[2008.12.27 14:08:43 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\ScanSoft
[2013.03.09 20:05:43 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Seznam.cz
[2014.02.03 22:29:25 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\SmileysWeLove
[2013.04.03 11:58:39 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\T-Mobile
[2013.02.22 17:20:55 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\TuneUp Software
[2014.05.25 22:53:06 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\uTorrent
[2012.09.29 21:08:39 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\Wilkanoid 2 Free
[2013.12.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\XnView
[2013.12.14 23:41:29 | 000,000,000 | ---D | M] -- C:\Users\vercik\AppData\Roaming\YoudaGames

========== Purity Check ==========

< End of report >

tomas_ch · Příspěvekod **tomas_ch** » 26 kvě 2014 20:39

OTL Extras logfile created on: 26.5.2014 19:22:15 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\vercik\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,99 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,29% Memory free
4,22 Gb Paging File | 3,19 Gb Available in Paging File | 75,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 1,75 Gb Free Space | 2,34% Space Free | Partition Type: NTFS
Drive D: | 64,76 Gb Total Space | 9,19 Gb Free Space | 14,20% Space Free | Partition Type: NTFS

Computer Name: VERCIK-ASUS | User Name: vercik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22989149-DAE5-4833-B664-AA4D37A86017}" = rport=445 | protocol=6 | dir=out | app=system |
"{2993968E-2103-450A-A288-36E1C8799812}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E8EA8E7-BFED-4CE3-A313-D8F99B19ACFA}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2F287498-5A6C-41EF-9627-046A02F62E20}" = lport=2869 | protocol=6 | dir=in | app=system |
"{43B44748-6AD5-44E5-9DF2-D7D618CA75C1}" = lport=138 | protocol=17 | dir=in | app=system |
"{6134AA3D-9CC7-4FDB-8FF3-D615A0A14567}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{71A2A7BC-2F14-4E64-9F21-6DBF424485C4}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7EE75DDA-F2D0-4C7E-AFEA-67D0B20A7215}" = rport=137 | protocol=17 | dir=out | app=system |
"{81B92D5D-1A8B-4A9D-A70C-370A5C0E424A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{850DB717-6B5E-413B-A31E-C9BE6009A669}" = lport=445 | protocol=6 | dir=in | app=system |
"{85AE008C-FBC4-42D9-82CE-93F73F86B100}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8E2AD2D2-246C-4E2E-9FF9-63B9FDDB4BEA}" = rport=139 | protocol=6 | dir=out | app=system |
"{AAABBD73-9EBC-41FC-94FF-205D94FFDB5B}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C1AB88AC-0771-46FC-8BE8-952D61D04D08}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{D2F67B81-F890-4BA1-8F62-AFB907DF84EA}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D86C367D-6559-48A2-9328-D38E22BD94FC}" = lport=139 | protocol=6 | dir=in | app=system |
"{D8EE5DA3-214E-4233-8AEB-4F59D7282852}" = lport=137 | protocol=17 | dir=in | app=system |
"{DD724C08-84F1-4CF1-A0EE-3A872D007985}" = rport=138 | protocol=17 | dir=out | app=system |
"{EF2166B0-E8C8-4176-958B-EE12F86E6D2A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1794FF7B-43E9-4B0D-BA16-F39CB4ED45A1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1D5DF060-228D-4704-BF26-12FC63B0F70F}" = protocol=6 | dir=in | app=c:\users\vercik\appdata\roaming\utorrent\utorrent.exe |
"{413606C3-7BD9-499C-9682-81C95FD5946B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{45CE9B2F-A700-41F1-B5C3-48A6735C982E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{55A31357-A377-4DC0-86D3-9EA7478FAE0B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{56002FE9-2441-4F76-8BAF-4E9089FB9856}" = protocol=17 | dir=in | app=c:\users\vercik\appdata\roaming\utorrent\utorrent.exe |
"{621F5FEB-11BF-4190-8339-EF0F4DED60E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66F33307-BF65-4AD9-A857-7A284371C742}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{7969F53B-9AFC-4EF0-9ACD-014785CCB207}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |
"{85BA2696-D707-4866-9436-98CEB6F6D0A1}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{9A1B2D7A-0EDB-4C71-A801-82B62CEE2BA4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AF838753-DFBF-4D23-9A67-8A686F9789A2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B44444D6-22DB-417A-8B8E-24D94F626E9B}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{BB86C38A-E92F-486D-85E3-1BF31F5E45E5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C053EFDD-5548-450C-8A82-19434769E584}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{D36D2B51-BB04-4C54-AFA4-04978AA4221F}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DA38EEFF-EA73-48D6-BE58-BAE0A64C06A0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EF9D71E5-F46D-4FEE-A75C-9ADE7E5A7E33}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe |
"{F8941B31-6AFC-43B9-8427-728334B9E725}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe |
"{F9494824-37D1-4078-84D2-C4A6B3B7006F}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Pomocník pro přihlášení ke službě Windows Live ID
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP160" = Canon MP160
"{123F4E9B-80E6-3A84-BDD4-3CB3AC59ABF0}" = Microsoft .NET Framework 4.5.1 (CSY)
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = ASUSDVD
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{F86B508B-F1A2-4841-B906-CDDA3A548A2A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{4754EB3B-ED3D-4095-A2FD-684A3058A4FF}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROHYBRIDR_{DB0C1C5A-7998-4B95-8BD5-ACACD18B0B53}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{0E2DB3D7-94EA-4B12-A9C1-D3C52BDE07D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_PROHYBRIDR_{58D10C7E-20DE-47F0-BAFA-37A870A625F9}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{C618587E-CCC5-46B5-88C3-2E7C1195B3C7}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8382BA92-20E3-47B6-971B-F673F0492D4E}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1E4213E-06AD-4C58-8315-92F11531D960}" = SweetIM for Messenger 2.6
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BF6CF460-40C3-49BA-800A-4B934B6498B1}" = Scan Assistant
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C1E693A4-B1D5-4DCD-B68D-2087835B7184}" = ScanSoft OmniPage SE 4.0
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C82D8932-EB28-4da6-9582-33D515D46F04}" = Huawei Drivers
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AcroPDF_is1" = AcroPDF 6.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Audacity_is1" = Audacity 1.2.2
"BShooter4_is1" = Bubble Shooter v4.01
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Farm Frenzy Pizza Party1.0" = Farm Frenzy Pizza Party
"Free Easy Burner_is1" = Free Easy Burner V 3.8
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (odstranit)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{E2B8BC2B-DA7A-423C-9E3E-DC68835099E6}" = Axesstel Manager
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Corporate)
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.2.1012
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP Navigator 3.0" = Canon MP Navigator 3.0
"Opera 21.0.1432.67" = Opera Stable 21.0.1432.67
"Polda II_is1" = Polda II
"Polda III_is1" = Polda III
"Polda IV_is1" = Polda IV
"PROHYBRIDR" = 2007 Microsoft Office system
"Registrace uživatele zařízení Canon MP160" = Registrace uživatele zařízení Canon MP160
"Samsung SCX-3200 Series" = Samsung SCX-3200 Series
"SMSERIAL" = Motorola SM56 Data Fax Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd" = Total Commander (Remove or Repair)
"U:fonův průvodce připojením1.0 (WinXP/LGE LSP40)" = U:fonův průvodce připojením
"VorbisCodec" = Ogg Vorbis ACM Codec
"WinGTK-2_is1" = GTK+ 2.8.18-1 runtime environment
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"XnView_is1" = XnView 1.95.4
"Youda Fairy_is1" = Youda Fairy
"Zoo Empire_is1" = Zoo Empire 1.21

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Popajar, inc UpdateChecker" = UpdateChecker
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25.5.2014 16:15:30 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 25.5.2014 16:49:40 | Computer Name = vercik-ASUS | Source = Windows Search Service | ID = 3024
Description =

Error - 25.5.2014 16:49:46 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 25.5.2014 16:51:37 | Computer Name = vercik-ASUS | Source = Application Error | ID = 1000
Description = Chybující aplikace LUpdate.exe, verze 1.0.0.8, časové razítko 0x4cc94ccd,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0xf68, čas spuštění aplikace 0x01cf785b1db5f131.

Error - 26.5.2014 12:26:59 | Computer Name = vercik-ASUS | Source = Application Error | ID = 1000
Description = Chybující aplikace LUpdate.exe, verze 1.0.0.8, časové razítko 0x4cc94ccd,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0x828, čas spuštění aplikace 0x01cf78ff50455aac.

Error - 26.5.2014 12:27:34 | Computer Name = vercik-ASUS | Source = Application Error | ID = 1000
Description = Chybující aplikace LUpdate.exe, verze 1.0.0.8, časové razítko 0x4cc94ccd,
chybující modul ntdll.dll, verze 6.0.6002.18881, časové razítko 0x51da3e27, kód
výjimky 0xc0000005, posun chyby 0x00065c4b, ID procesu 0x828, čas spuštění aplikace
0x01cf78ff50455aac.

Error - 26.5.2014 12:27:48 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 26.5.2014 12:58:48 | Computer Name = vercik-ASUS | Source = WinMgmt | ID = 10
Description =

Error - 26.5.2014 12:59:38 | Computer Name = vercik-ASUS | Source = Application Error | ID = 1000
Description = Chybující aplikace LUpdate.exe, verze 1.0.0.8, časové razítko 0x4cc94ccd,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0x6e4, čas spuštění aplikace 0x01cf7903df7ddb9f.

Error - 26.5.2014 12:59:49 | Computer Name = vercik-ASUS | Source = Application Error | ID = 1000
Description = Chybující aplikace LUpdate.exe, verze 1.0.0.8, časové razítko 0x4cc94ccd,
chybující modul ntdll.dll, verze 6.0.6002.18881, časové razítko 0x51da3e27, kód
výjimky 0xc0000005, posun chyby 0x00065c4b, ID procesu 0x6e4, čas spuštění aplikace
0x01cf7903df7ddb9f.

[ OSession Events ]
Error - 30.1.2011 7:32:52 | Computer Name = vercik-ASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 30
seconds with 0 seconds of active time. This session ended with a crash.

Error - 9.3.2012 16:01:40 | Computer Name = vercik-ASUS | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 25.5.2014 16:49:45 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 25.5.2014 16:58:57 | Computer Name = vercik-ASUS | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error - 26.5.2014 12:26:03 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 26.5.2014 12:26:14 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 26.5.2014 12:29:20 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 26.5.2014 12:55:24 | Computer Name = vercik-ASUS | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 26.5.2014 12:57:04 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 26.5.2014 12:57:15 | Computer Name = vercik-ASUS | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 26.5.2014 12:59:47 | Computer Name = vercik-ASUS | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 26.5.2014 13:02:27 | Computer Name = vercik-ASUS | Source = DCOM | ID = 10010
Description =

< End of report >

Prosim o kontrolu logu Vyřešeno

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Kdo je online