[ Príspevkov: 36 ] 1, 2
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1

Ahoj. Včera ráno keď som zapla notebook, tak som spozorovala, že niektoré programy nefungovali tak, ako by mali. Najskôr som chcela spustiť operu, no tá bežala iba na pozadí a v správcoci programov som ju mohla akurát tak vypnúť, ale dostať sa do nej nedalo. Neskôr v ten deň som chcela pracovať vo Worde, avšak ten mi pri zapnutí zamrzol a taktiež som ho mohla akurát tak vypnúť.
Takže som preskenovala počítať Avastom (ktorý sa pri skenovaní spočiatku tiež pár krát zastavil :roll: ) no v konečnom dôsledku mi našiel malware. No keď som ho chcela odstrániť alebo premiestniť do truhly, Avast zamrzol a znovu som ho mohla akurát tak vypnúť :roll: Ani na niekoľko pokusov sa mi to nepodarilo. Vždy to isté.
Tak som trochu googlila a stiahla si program Malwarebytes, lenže po nainštalovaní a spustení taktiež beží iba na pozadí a nedá sa s ním nič robiť. To isté aj v núdzovom režime.
Navyše po pár minútach v nudzovom režime sa mi notebook vypol (ale to môže byť tým, že sa mi už dlhšie prehrieva)
Fakt potrebujem pomoc, lebo teraz tu môžem byť akurát tak na internete a bojím sa, že sa mi celý systém zrúti. Stále som v oblasti vírusov a ich odstraňovania trochu lajk :oops:
edit: zabudla som dodať, že mám Windows 7.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Ahoj
Stiahni si RSIT z http://images.malwareremoval.com/random/RSIT.exe pre 64 bit verzie http://images.malwareremoval.com/random/RSITx64.exe spusť daj continue chvíľu počkaj dokým sa vygeneruje log keď ho vygeneruje nájdeš ho na C:\rsit\log.txt log vlož sem

Skontroluj teploty cez cpeccy http://downloads.zoznam.sk/program/speccy-43 a napíš ich sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 13.01.2013 13:39 | Avast pri pokuse o odstránenie malware zamrzne

Notepad sa mi síce nechcel otvoriť, ale našťastie existuje google docs, takže som to otvorila tam a tu to je

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2013-01-13 13:24:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 75 GB (26%) free of 288 GB
Total RAM: 2813 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:25:12, on 13. 1. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\windows\system32\taskmgr.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\uzivatel\Desktop\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 187.17.173.17:8088
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe
O1 - Hosts: 93.184.79.90 rightmediaptc.com
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: BrotherSoft Extreme - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20China/Images/stg_drm.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20China/Images/armhelper.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe

--
End of file - 12902 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://zoznam.sk"
prefs.js - "extensions.enabledItems" - "{6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.6, {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5, {ee4c73ff-7a1b-4330-acec-45e409118cc1}:3.3.3.2, en-US@dictionaries.addons.mozilla.org:5.0.1, gmailwatcher@sonthakit:1.34, {9e06d377-8c36-46df-9e57-0f6f3f5ee23e}:3.3.3.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {2f17f610-5e97-4fed-828f-9940b7b577a4}:1.6.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.aspx?ctid=CT1700241&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
AskHPRFF.js
binary.manifest
browsercomps.dll
nsIBitCometAgent.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npyaxmpb.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\
en-US@dictionaries.addons.mozilla.org
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{9e06d377-8c36-46df-9e57-0f6f3f5ee23e}
{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\searchplugins\
askcom.xml
conduit.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-05-09 176936]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBrot.dll [2011-03-28 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 288312]
"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-07-23 498744]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-30 1545512]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-14 458844]
"Freecorder FLV Service"=C:\Program Files\Freecorder\FLVSrvc.exe /run []
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
C:\Program Files\Ask.com\Updater\Updater.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files\Google\Drive\googledrivesync.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyBrowserCash]
C:\Program Files\MyBrowserCash Addon\MyBrowserCash.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
C:\Program Files\PDF Complete\pdfsty.exe [2009-06-18 563736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StudentDOG]
C:\Program Files\Student DOG\StudentDOG.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vagex]
C:\Users\uzivatel\Desktop\Maťa\Vagex\Vagex\Vagex.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
C:\PROGRA~1\20DOLL~1\20DOLL~1.EXE [2010-01-28 89088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dizengine.lnk]
C:\PROGRA~1\DIZENG~1\DIZENG~1.EXE []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.VP60"=C:\windows\system32\vp6vfw.dll
"vidc.VP61"=C:\windows\system32\vp6vfw.dll
"VIDC.X264"=x264vfw.dll
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.tscc"=C:\windows\system32\tsccvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - "C:\Program Files\PSPad\PSPAD.EXE" "%1"

======List of files/folders created in the last 1 month======

2013-01-13 13:24:59 ----D---- C:\rsit
2013-01-13 13:24:59 ----D---- C:\Program Files\trend micro
2013-01-13 10:55:48 ----D---- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
2013-01-13 10:55:28 ----A---- C:\windows\system32\drivers\mbamswissarmy.sys
2013-01-13 10:55:27 ----D---- C:\ProgramData\Malwarebytes
2013-01-13 10:55:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-01-13 10:55:22 ----A---- C:\windows\system32\drivers\mbam.sys
2013-01-13 00:16:32 ----A---- C:\windows\ntbtlog.txt
2013-01-09 13:34:11 ----A---- C:\windows\system32\usp10.dll
2013-01-09 13:34:09 ----A---- C:\windows\system32\win32k.sys
2013-01-09 13:34:06 ----A---- C:\windows\system32\win32spl.dll
2013-01-09 13:34:03 ----A---- C:\windows\system32\msxml6.dll
2013-01-09 13:33:52 ----A---- C:\windows\system32\KernelBase.dll
2013-01-09 13:33:47 ----A---- C:\windows\system32\winsrv.dll
2013-01-09 13:33:47 ----A---- C:\windows\system32\kernel32.dll
2013-01-09 13:33:47 ----A---- C:\windows\system32\conhost.exe
2013-01-09 13:33:46 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 13:33:45 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 13:33:45 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 13:33:44 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 13:33:43 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 13:33:42 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 13:33:41 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 13:33:41 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 13:32:42 ----A---- C:\windows\system32\Wpc.dll
2013-01-09 13:32:42 ----A---- C:\windows\system32\gameux.dll
2013-01-09 13:32:14 ----A---- C:\windows\system32\taskhost.exe
2013-01-09 13:32:14 ----A---- C:\windows\system32\ncrypt.dll
2012-12-21 19:21:41 ----A---- C:\windows\system32\atmfd.dll
2012-12-21 19:21:39 ----A---- C:\windows\system32\atmlib.dll
2012-12-20 18:13:37 ----D---- C:\agia3d

======List of files/folders modified in the last 1 month======

2013-01-13 13:25:05 ----D---- C:\windows\Temp
2013-01-13 13:24:59 ----D---- C:\Program Files
2013-01-13 12:53:28 ----D---- C:\windows\system32\config
2013-01-13 12:41:10 ----AD---- C:\ProgramData
2013-01-13 12:41:10 ----A---- C:\ProgramData\HPWALog.txt
2013-01-13 10:57:05 ----D---- C:\windows\system32\drivers
2013-01-13 09:13:25 ----D---- C:\windows\system32\LogFiles
2013-01-13 00:16:32 ----D---- C:\Windows
2013-01-12 23:37:31 ----D---- C:\windows\system32\Tasks
2013-01-12 17:53:16 ----D---- C:\Program Files\ESET
2013-01-12 16:37:46 ----D---- C:\windows\System32
2013-01-12 14:40:04 ----D---- C:\windows\Minidump
2013-01-12 10:11:14 ----D---- C:\Program Files\Mozilla Firefox
2013-01-11 14:55:50 ----D---- C:\windows\Prefetch
2013-01-11 14:53:25 ----D---- C:\Users\uzivatel\AppData\Roaming\uTorrent
2013-01-11 14:44:32 ----D---- C:\windows\Microsoft.NET
2013-01-11 14:44:30 ----RSD---- C:\windows\assembly
2013-01-10 22:00:29 ----SHD---- C:\windows\Installer
2013-01-10 22:00:28 ----SHD---- C:\Config.Msi
2013-01-10 22:00:05 ----A---- C:\windows\system32\PerfStringBackup.INI
2013-01-10 21:59:32 ----D---- C:\windows\inf
2013-01-10 21:46:32 ----SHD---- C:\System Volume Information
2013-01-10 21:41:42 ----D---- C:\windows\winsxs
2013-01-10 12:43:35 ----D---- C:\windows\system32\catroot2
2013-01-10 12:43:35 ----D---- C:\windows\system32\catroot
2013-01-10 12:32:48 ----D---- C:\windows\system32\sk-SK
2013-01-09 22:33:52 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 22:11:00 ----D---- C:\windows\debug
2013-01-09 22:10:47 ----A---- C:\windows\system32\MRT.exe
2013-01-07 10:22:30 ----D---- C:\ProgramData\PDFC
2012-12-27 12:38:19 ----D---- C:\Program Files\Sony Ericsson
2012-12-27 12:37:30 ----D---- C:\Program Files\SpeedFan
2012-12-24 13:59:04 ----D---- C:\Program Files\Google
2012-12-24 13:11:20 ----D---- C:\Users\uzivatel\AppData\Roaming\Adobe
2012-12-20 14:07:30 ----D---- C:\Users\uzivatel\AppData\Roaming\ICQ
2012-12-19 20:39:42 ----D---- C:\Program Files\Opera

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie.sys [2009-05-04 14392]
R0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys [2011-12-23 64512]
R0 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-10-30 691696]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2012-08-21 18544]
R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [2012-10-15 44784]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 58680]
R2 athsgt;athsgt; C:\windows\system32\DRIVERS\athsgt.sys [2010-02-19 164992]
R2 limsgt;limsgt; C:\windows\system32\DRIVERS\limsgt.sys [2010-02-19 12544]
R2 npf;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys [2010-01-27 50704]
R2 VirtualCam;VirtualCamera; C:\windows\system32\DRIVERS\VirtualCam.sys [2004-11-25 192512]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-27 1161664]
R3 ALSysIO;ALSysIO; \??\C:\Users\uzivatel\AppData\Local\Temp\ALSysIO.sys []
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-08-04 4994048]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\windows\system32\DRIVERS\bcmwl6.sys [2010-02-02 2506232]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 MarvinBus;Pinnacle Marvin Bus; C:\windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-07-02 1765168]
R3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0; C:\windows\system32\DRIVERS\stdriver32.sys [2010-11-06 52824]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-30 213680]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 adfs;adfs; C:\windows\system32\drivers\adfs.sys []
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 29472]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 catchme;catchme; \??\C:\Users\uzivatel\AppData\Local\Temp\catchme.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-12-23 15232]
S3 ldisk;ldisk; \??\C:\Users\uzivatel\AppData\Local\Temp\ldisk.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\mbamswissarmy.sys [2013-01-13 40776]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\windows\system32\DRIVERS\mcdbus.sys [2007-09-05 92544]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2010-03-22 47360]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\windows\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\windows\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\windows\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2009-07-14 408576]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe [2009-03-02 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-07-27 14336]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-08-04 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-03-19 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-02-12 345376]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 582944]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2009-07-09 124928]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-06-18 635416]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe [2009-07-14 221266]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-22 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-20 116648]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2012-07-13 2152720]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-01 115168]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-06-05 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Stiahni si AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
ulož ho na plochu Spusť program stlač tlačidlo search
Po skene sa objaví log budeš ho mať na systémovom disku ako AdwCleaner[R?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 13.01.2013 13:53 | Avast pri pokuse o odstránenie malware zamrzne

Log z AdwCleaneru:

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 13:44:01
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : uzivatel - UZIVATEL-PC
# Boot Mode : Normal
# Running from : C:\Users\uzivatel\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\searchplugins\Askcom.xml
File Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\searchplugins\Conduit.xml
File Found : C:\windows\system32\conduitEngine.tmp
Folder Found : C:\Program Files\BrotherSoft_Extreme
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\Softonic-Eng7
Folder Found : C:\Users\uzivatel\AppData\Local\APN
Folder Found : C:\Users\uzivatel\AppData\Local\Conduit
Folder Found : C:\Users\uzivatel\AppData\Local\OpenCandy
Folder Found : C:\Users\uzivatel\AppData\LocalLow\BrotherSoft_Extreme
Folder Found : C:\Users\uzivatel\AppData\LocalLow\Conduit
Folder Found : C:\Users\uzivatel\AppData\LocalLow\PriceGong
Folder Found : C:\Users\uzivatel\AppData\LocalLow\Softonic-Eng7
Folder Found : C:\Users\uzivatel\AppData\Roaming\iWin
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\Conduit
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\ConduitCommon
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\ConduitEngine
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\CT1700241
Folder Found : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{9e06d377-8c36-46df-9e57-0f6f3f5ee23e}
Folder Found : C:\Users\uzivatel\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\BrotherSoft_Extreme
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\Softonic-Eng7
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask&Record
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1630669F-9D0C-4F0B-8AA9-10DE8BEE1755}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1630669F-9D0C-4F0B-8AA9-10DE8BEE1755}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Found : HKLM\Software\BrotherSoft_Extreme
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AEE88B81-C2FB-4733-A826-88CB0A67FB61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C21E753-381F-4430-9E5D-1EFC696EBE88}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{68A9B0ED-9615-4F62-8B2A-3026C0063232}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{135E8A22-65F5-4E62-B58E-BD8C408D40ED}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82378918-9238-4778-BBCD-9BF0CE91D271}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1682641-8520-4523-9F0E-138EEACD6FA1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F11A7852-C098-41E8-ACAC-62B3B69A68CE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AEE88B81-C2FB-4733-A826-88CB0A67FB61}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrotherSoft_Extreme Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic-Eng7 Toolbar
Key Found : HKLM\Software\Softonic-Eng7
Key Found : HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Found : HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource= ... =CT2776682

-\\ Mozilla Firefox v17.0.1 (sk)

File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\prefs.js

Found : user_pref("CT1700241..clientLogIsEnabled", false);
Found : user_pref("CT1700241..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT1700241..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT1700241.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Found : user_pref("CT1700241.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT1700241.AppTrackingLastCheckTime", "Wed Feb 09 2011 18:24:41 GMT+0100");
Found : user_pref("CT1700241.CT1700241", "CT1700241");
Found : user_pref("CT1700241.CurrentServerDate", "13-1-2013");
Found : user_pref("CT1700241.DialogsAlignMode", "LTR");
Found : user_pref("CT1700241.DialogsGetterLastCheckTime", "Sat Jan 12 2013 13:10:02 GMT+0100");
Found : user_pref("CT1700241.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT1700241.EMailNotifierPollDate", "Wed Feb 09 2011 18:24:30 GMT+0100");
Found : user_pref("CT1700241.EnableClickToSearchBox", false);
Found : user_pref("CT1700241.EnableSearchHistory", false);
Found : user_pref("CT1700241.EnableSearchSuggest", false);
Found : user_pref("CT1700241.FeedLastCount128575602170155588", 30);
Found : user_pref("CT1700241.FeedLastCount128947133639557200", 200);
Found : user_pref("CT1700241.FeedPollDate128575602170155588", "Wed Feb 09 2011 18:24:31 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338490", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338491", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338492", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338493", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338494", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338495", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947133640338497", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128947142826587968", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128962738687613351", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedPollDate128962738687613352", "Wed Feb 09 2011 18:24:54 GMT+0100");
Found : user_pref("CT1700241.FeedTTL128947133640338490", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338491", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338492", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338493", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338494", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338495", 40);
Found : user_pref("CT1700241.FeedTTL128947133640338497", 40);
Found : user_pref("CT1700241.FeedTTL128947142826587968", 40);
Found : user_pref("CT1700241.FeedTTL128962738687613351", 40);
Found : user_pref("CT1700241.FeedTTL128962738687613352", 40);
Found : user_pref("CT1700241.FirstServerDate", "9-2-2011");
Found : user_pref("CT1700241.FirstTime", true);
Found : user_pref("CT1700241.FirstTimeFF3", true);
Found : user_pref("CT1700241.FixPageNotFoundErrors", false);
Found : user_pref("CT1700241.GroupingServerCheckInterval", 1440);
Found : user_pref("CT1700241.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT1700241.HasUserGlobalKeys", true);
Found : user_pref("CT1700241.Initialize", true);
Found : user_pref("CT1700241.InitializeCommonPrefs", true);
Found : user_pref("CT1700241.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT1700241.InstallationType", "DirectDownload");
Found : user_pref("CT1700241.InstalledDate", "Wed Feb 09 2011 18:24:32 GMT+0100");
Found : user_pref("CT1700241.InvalidateCache", false);
Found : user_pref("CT1700241.IsGrouping", false);
Found : user_pref("CT1700241.IsMulticommunity", false);
Found : user_pref("CT1700241.IsOpenThankYouPage", true);
Found : user_pref("CT1700241.IsOpenUninstallPage", true);
Found : user_pref("CT1700241.LanguagePackLastCheckTime", "Sat Jan 12 2013 14:31:02 GMT+0100");
Found : user_pref("CT1700241.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT1700241.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT1700241.LastLogin_3.15.1.0", "Sun Jan 13 2013 10:53:47 GMT+0100");
Found : user_pref("CT1700241.LastLogin_3.3.1.13", "Wed Feb 09 2011 18:24:26 GMT+0100");
Found : user_pref("CT1700241.LatestVersion", "3.16.0.3");
Found : user_pref("CT1700241.Locale", "en-us");
Found : user_pref("CT1700241.MCDetectTooltipHeight", "83");
Found : user_pref("CT1700241.MCDetectTooltipShow", false);
Found : user_pref("CT1700241.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT1700241.MCDetectTooltipWidth", "295");
Found : user_pref("CT1700241.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT1700241.RadioIsPodcast", false);
Found : user_pref("CT1700241.RadioLastCheckTime", "Wed Feb 09 2011 18:24:31 GMT+0100");
Found : user_pref("CT1700241.RadioLastUpdateIPServer", "3");
Found : user_pref("CT1700241.RadioLastUpdateServer", "128929877726170000");
Found : user_pref("CT1700241.RadioMediaID", "7669670");
Found : user_pref("CT1700241.RadioMediaType", "Media Player");
Found : user_pref("CT1700241.RadioMenuSelectedID", "EBRadioMenu_CT17002417669670");
Found : user_pref("CT1700241.RadioStationName", "Washington's%20Classical%20Station");
Found : user_pref("CT1700241.RadioStationURL", "hxxp://audio.classical1035.com/stream/win/wgmslive.asx");
Found : user_pref("CT1700241.SearchBackToDefaultEngine", false);
Found : user_pref("CT1700241.SearchFromAddressBarIsInit", true);
Found : user_pref("CT1700241.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT170[...]
Found : user_pref("CT1700241.SearchInNewTabEnabled", true);
Found : user_pref("CT1700241.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT1700241.SearchInNewTabLastCheckTime", "Sat Jan 12 2013 14:31:01 GMT+0100");
Found : user_pref("CT1700241.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT1700241.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT1700241.SearchInNewTabUserEnabled", false);
Found : user_pref("CT1700241.ServiceMapLastCheckTime", "Sat Jan 12 2013 14:31:01 GMT+0100");
Found : user_pref("CT1700241.SettingsLastCheckTime", "Sun Jan 13 2013 10:53:44 GMT+0100");
Found : user_pref("CT1700241.SettingsLastUpdate", "1358060977");
Found : user_pref("CT1700241.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT1700241.ThirdPartyComponentsLastCheck", "Wed Feb 09 2011 18:24:24 GMT+0100");
Found : user_pref("CT1700241.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT1700241.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT1700241.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1700241");
Found : user_pref("CT1700241.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT1700241.UserID", "UN98815296028194072");
Found : user_pref("CT1700241.ValidationData_Toolbar", 2);
Found : user_pref("CT1700241.WeatherNetwork", "");
Found : user_pref("CT1700241.WeatherPollDate", "Wed Feb 09 2011 18:25:30 GMT+0100");
Found : user_pref("CT1700241.WeatherUnit", "C");
Found : user_pref("CT1700241.alertChannelId", "26444");
Found : user_pref("CT1700241.approveUntrustedApps", true);
Found : user_pref("CT1700241.backendstorage._fb_dailyactivity", "31323937323732323737313831");
Found : user_pref("CT1700241.backendstorage._fb_lifetimesent", "54525545");
Found : user_pref("CT1700241.backendstorage.facebook_mode", "32");
Found : user_pref("CT1700241.backendstorage.facebook_user_first_login_date", "30322F31302F32303131");
Found : user_pref("CT1700241.backendstorage.facebook_user_locale", "656E");
Found : user_pref("CT1700241.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Found : user_pref("CT1700241.backendstorage.hxxp://facebook_conduitapps_com/v3_2_1. ... onnect_sen[...]
Found : user_pref("CT1700241.components.1000034", false);
Found : user_pref("CT1700241.components.1000080", false);
Found : user_pref("CT1700241.components.1000082", false);
Found : user_pref("CT1700241.components.1000234", false);
Found : user_pref("CT1700241.components.128575555494999242", false);
Found : user_pref("CT1700241.components.128575602170155588", false);
Found : user_pref("CT1700241.components.128575656286873814", false);
Found : user_pref("CT1700241.components.128576660981719081", false);
Found : user_pref("CT1700241.components.128947133639557200", false);
Found : user_pref("CT1700241.components.129411438079669451", false);
Found : user_pref("CT1700241.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT1700241.globalFirstTimeInfoLastCheckTime", "Wed Feb 09 2011 18:24:26 GMT+0100");
Found : user_pref("CT1700241.homepageProtectorEnableByLogin", true);
Found : user_pref("CT1700241.initDone", true);
Found : user_pref("CT1700241.isAppTrackingManagerOn", true);
Found : user_pref("CT1700241.myStuffEnabled", true);
Found : user_pref("CT1700241.myStuffPublihserMinWidth", 400);
Found : user_pref("CT1700241.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT1700241.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT1700241.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT1700241.revertSettingsEnabled", true);
Found : user_pref("CT1700241.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT1700241.searchProtectorEnableByLogin", true);
Found : user_pref("CT1700241.testingCtid", "");
Found : user_pref("CT1700241.toolbarAppMetaDataLastCheckTime", "Sat Jan 12 2013 14:31:03 GMT+0100");
Found : user_pref("CT1700241.toolbarContextMenuLastCheckTime", "Wed Feb 09 2011 18:24:32 GMT+0100");
Found : user_pref("CT1700241.usageEnabled", false);
Found : user_pref("CT1700241.usagesFlag", 2);
Found : user_pref("CT2586036.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2586036.CT1292343.CommunityChanged", true);
Found : user_pref("CT2586036.CT1529850.CommunityChanged", true);
Found : user_pref("CT2586036.CT1587097.CommunityChanged", true);
Found : user_pref("CT2586036.CT1678857.CommunityChanged", true);
Found : user_pref("CT2586036.CT1700241.CommunityChanged", true);
Found : user_pref("CT2586036.CT1789364.CommunityChanged", true);
Found : user_pref("CT2586036.CT2151295.CommunityChanged", true);
Found : user_pref("CT2586036.CT2204547.CommunityChanged", true);
Found : user_pref("CT2586036.CT2428314.CommunityChanged", true);
Found : user_pref("CT2586036.CT2475029.CommunityChanged", true);
Found : user_pref("CT2586036.CT2595006.CommunityChanged", true);
Found : user_pref("CT2586036.CT723959.CommunityChanged", true);
Found : user_pref("CT2586036.CTID", "CT2586036");
Found : user_pref("CT2586036.Chat.Meebo.ServerLastCheckTime", "");
Found : user_pref("CT2586036.Chat.Meebo.ServerLastResponseTime", "Tue Jun 29 2010 19:57:50 GMT+0200");
Found : user_pref("CT2586036.Chat.Meebo.rooms.2030of7a78203f", 51);
Found : user_pref("CT2586036.Chat.Meebo.rooms.30plus683ec0a3", 43);
Found : user_pref("CT2586036.Chat.Meebo.rooms.entertainment3d98c8ee", 0);
Found : user_pref("CT2586036.Chat.Meebo.rooms.grayowllivesherecommunitychat45acb2e0", 0);
Found : user_pref("CT2586036.Chat.Meebo.rooms.healthed7eb5ea", 1);
Found : user_pref("CT2586036.Chat.Meebo.rooms.musicpca565a36", 9);
Found : user_pref("CT2586036.Chat.Meebo.rooms.newstu0548025d", 3);
Found : user_pref("CT2586036.Chat.Meebo.rooms.recreation2b6006ec", 0);
Found : user_pref("CT2586036.Chat.Meebo.rooms.spirituality9440382e", 2);
Found : user_pref("CT2586036.Chat.Meebo.rooms.sports84029aeb", 3);
Found : user_pref("CT2586036.Chat.Meebo.rooms.technology9fc01102", 0);
Found : user_pref("CT2586036.Chat.Meebo.rooms.teenagers60fc8fbc", 80);
Found : user_pref("CT2586036.Chat.Meebo.rooms.travel0e02ee8e", 1);
Found : user_pref("CT2586036.Chat.Meebo.rooms.videogames58dc7b74", 6);
Found : user_pref("CT2586036.Chat.ServerLastCheckTime", "Tue Jun 29 2010 19:57:47 GMT+0200");
Found : user_pref("CT2586036.CommunitiesChangesLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Found : user_pref("CT2586036.CommunityChanged", true);
Found : user_pref("CT2586036.CurrentServerDate", "29-6-2010");
Found : user_pref("CT2586036.DialogsAlignMode", "LTR");
Found : user_pref("CT2586036.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT2586036.EMailNotifierPollDate", "Tue Jun 29 2010 19:57:47 GMT+0200");
Found : user_pref("CT2586036.FirstServerDate", "29-6-2010");
Found : user_pref("CT2586036.FirstTime", true);
Found : user_pref("CT2586036.FirstTimeFF3", true);
Found : user_pref("CT2586036.FirstTimeSettingsDone", true);
Found : user_pref("CT2586036.FixPageNotFoundErrors", true);
Found : user_pref("CT2586036.GroupingLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Found : user_pref("CT2586036.GroupingLastErrorCode", "");
Found : user_pref("CT2586036.GroupingLastResponse", true);
Found : user_pref("CT2586036.GroupingLastServerUpdateTime", "129223127145630000");
Found : user_pref("CT2586036.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2586036.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2586036.Initialize", true);
Found : user_pref("CT2586036.InitializeCommonPrefs", true);
Found : user_pref("CT2586036.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2586036.InstalledDate", "Tue Jun 29 2010 19:57:51 GMT+0200");
Found : user_pref("CT2586036.InvalidateCache", false);
Found : user_pref("CT2586036.IsGrouping", true);
Found : user_pref("CT2586036.IsMulticommunity", false);
Found : user_pref("CT2586036.IsOpenThankYouPage", true);
Found : user_pref("CT2586036.IsOpenUninstallPage", true);
Found : user_pref("CT2586036.LanguagePackLastCheckTime", "Tue Jun 29 2010 19:57:51 GMT+0200");
Found : user_pref("CT2586036.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2586036.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2586036.LastLogin_2.7.1.3", "Tue Jun 29 2010 19:58:05 GMT+0200");
Found : user_pref("CT2586036.LatestVersion", "2.1.0.18");
Found : user_pref("CT2586036.Locale", "en");
Found : user_pref("CT2586036.LoginCache", 4);
Found : user_pref("CT2586036.MCDetectTooltipHeight", "83");
Found : user_pref("CT2586036.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2586036.MCDetectTooltipWidth", "295");
Found : user_pref("CT2586036.RadioIsPodcast", false);
Found : user_pref("CT2586036.RadioLastCheckTime", "Tue Jun 29 2010 19:57:50 GMT+0200");
Found : user_pref("CT2586036.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2586036.RadioLastUpdateServer", "129148966076870000");
Found : user_pref("CT2586036.RadioMediaID", "20365487");
Found : user_pref("CT2586036.RadioMediaType", "Media Player");
Found : user_pref("CT2586036.RadioMenuSelectedID", "EBRadioMenu_CT258603620365487");
Found : user_pref("CT2586036.RadioStationName", "Classic%20Rock");
Found : user_pref("CT2586036.RadioStationURL", "hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb");
Found : user_pref("CT2586036.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2586036.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2586036.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT258[...]
Found : user_pref("CT2586036.SearchInNewTabEnabled", true);
Found : user_pref("CT2586036.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2586036.SearchInNewTabLastCheckTime", "Tue Jun 29 2010 19:58:07 GMT+0200");
Found : user_pref("CT2586036.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2586036.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2586036.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2586036.SettingsLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Found : user_pref("CT2586036.SettingsLastUpdate", "1277831914");
Found : user_pref("CT2586036.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2586036.ThirdPartyComponentsLastCheck", "Tue Jun 29 2010 19:57:46 GMT+0200");
Found : user_pref("CT2586036.ThirdPartyComponentsLastUpdate", "1277831914");
Found : user_pref("CT2586036.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2586036.Uninstall", true);
Found : user_pref("CT2586036.UserID", "UN71820706080862816");
Found : user_pref("CT2586036.WeatherNetwork", "");
Found : user_pref("CT2586036.WeatherPollDate", "Tue Jun 29 2010 19:57:47 GMT+0200");
Found : user_pref("CT2586036.WeatherUnit", "C");
Found : user_pref("CT2586036.backendstorage.dob_login_status", "4C4F474745445F4F4646");
Found : user_pref("CT2586036.backendstorage.hxxp://cmg1_conduit-widgets_com/miniqua ... ium_closed",[...]
Found : user_pref("CT2586036.clientLogIsEnabled", true);
Found : user_pref("CT2586036.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2586036.myStuffEnabled", true);
Found : user_pref("CT2586036.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2586036.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2586036.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2586036.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2586036.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2589491.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2589491.CTID", "CT2589491");
Found : user_pref("CT2589491.CurrentServerDate", "15-7-2010");
Found : user_pref("CT2589491.DialogsAlignMode", "LTR");
Found : user_pref("CT2589491.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT2589491.FirstServerDate", "29-6-2010");
Found : user_pref("CT2589491.FirstTime", true);
Found : user_pref("CT2589491.FirstTimeFF3", true);
Found : user_pref("CT2589491.FirstTimeSettingsDone", true);
Found : user_pref("CT2589491.FixPageNotFoundErrors", true);
Found : user_pref("CT2589491.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2589491.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2589491.Initialize", true);
Found : user_pref("CT2589491.InitializeCommonPrefs", true);
Found : user_pref("CT2589491.InstallationAndCookieDataSentCount", 2);
Found : user_pref("CT2589491.InstalledDate", "Tue Jun 29 2010 19:09:25 GMT+0200");
Found : user_pref("CT2589491.IsGrouping", false);
Found : user_pref("CT2589491.IsMulticommunity", false);
Found : user_pref("CT2589491.IsOpenThankYouPage", true);
Found : user_pref("CT2589491.IsOpenUninstallPage", true);
Found : user_pref("CT2589491.LanguagePackLastCheckTime", "Thu Jul 15 2010 21:38:46 GMT+0200");
Found : user_pref("CT2589491.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2589491.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2589491.LastLogin_2.7.1.3", "Thu Jul 15 2010 21:38:46 GMT+0200");
Found : user_pref("CT2589491.LatestVersion", "2.1.0.18");
Found : user_pref("CT2589491.Locale", "en");
Found : user_pref("CT2589491.LoginCache", 4);
Found : user_pref("CT2589491.MCDetectTooltipHeight", "83");
Found : user_pref("CT2589491.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2589491.MCDetectTooltipWidth", "295");
Found : user_pref("CT2589491.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2589491.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2589491.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT258[...]
Found : user_pref("CT2589491.SearchInNewTabEnabled", true);
Found : user_pref("CT2589491.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2589491.SearchInNewTabLastCheckTime", "Thu Jul 15 2010 21:38:45 GMT+0200");
Found : user_pref("CT2589491.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2589491.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2589491.SearchInNewTabUserEnabled", false);
Found : user_pref("CT2589491.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2589491.SettingsLastCheckTime", "Thu Jul 15 2010 21:38:45 GMT+0200");
Found : user_pref("CT2589491.SettingsLastUpdate", "1275954615");
Found : user_pref("CT2589491.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2589491.ThirdPartyComponentsLastCheck", "Tue Jun 29 2010 19:09:19 GMT+0200");
Found : user_pref("CT2589491.ThirdPartyComponentsLastUpdate", "1275954615");
Found : user_pref("CT2589491.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2589491.UserID", "UN81202832430230556");
Found : user_pref("CT2589491.ValidationData_Toolbar", 2);
Found : user_pref("CT2589491.alertChannelId", "982308");
Found : user_pref("CT2589491.clientLogIsEnabled", false);
Found : user_pref("CT2589491.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2589491.components.1000034", false);
Found : user_pref("CT2589491.components.1000082", false);
Found : user_pref("CT2589491.components.1000234", false);
Found : user_pref("CT2589491.myStuffEnabled", true);
Found : user_pref("CT2589491.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2589491.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2589491.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2589491.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2589491.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT1060933");
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT1700241[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT3072253[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid ... fid=795587", "\"0\""[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid ... fid=905414", "\"0\""[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/SK", "\"0\"");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/26444/25926/SK", "\"0\"");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/SK", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1060933", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1700241", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2405280", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2776682", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT3072253", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... ?ver=3.3.1[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... ?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... g?ver=3.12[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... g?ver=3.15[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT1700241",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2776682",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT3072253",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... ut=1/11/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-service ... 280&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-service ... 682&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1060933[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1700241[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/equaliz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/minimiz[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/play.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/stop.gi[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/vol.gif[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... alizer_dea[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nimize.gif"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... t/play.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... t/stop.gif", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nt/vol.gif", "\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"67e[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us", "\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/11348282.xml", "\"dbcc9918016efce4339[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"2f27386a199c6aa24a8[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16409683.xml", "\"82cedff212729206cb2[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"7c26209c309d21dbadd[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"92119f5a8bf1c9f47d6[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2557521.xml", "\"def5ee1b40ed4ce03126[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"77c44579a88303983e95[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"72b978de50b3d148cb8e5[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"013d264de73a8204604e7[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/813286.xml", "\"b093a5339686127c72735[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Found : user_pref("CommunityToolbar.EngineOwner", "");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Found : user_pref("CommunityToolbar.IsEngineShown", false);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\uzivatel\\AppData\\Roaming\\Mozilla[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.freecause.com/search?fr=fr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2589491,CT2586036,ConduitEngine,CT1700241");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2589491,CT2586036,CT1700241");
Found : user_pref("CommunityToolbar.ToolbarsList4", "");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:04:55 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertEnabled", false);
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 09 2011 18:24:34 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Apr 25 2011 15:18:51 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "402785d9-5dc0-4384-8d2a-96ca84a4734e");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Nov 07 2010 09:15:27 GMT+0100");
Found : user_pref("CommunityToolbar.globalUserId", "22e7145b-53b4-4234-a609-877f17be73e1");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 19 2012 16:25:3[...]
Found : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 19 2012 16:25:25 GMT+0200");
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "2319e89e-a429-47e1-8290-b5b74980e429");
Found : user_pref("CommunityToolbar.originalHomepage", "hxxp://zoznam.sk");
Found : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Found : user_pref("CommunityToolbar.twitter.user_11348282.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Found : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100"[...]
Found : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100"[...]
Found : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Found : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Found : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Apr 25 2011 18:44:49 GMT+0200");
Found : user_pref("ConduitEngine.FirstServerDate", "02/09/2011 20");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.HideEngineAfterRestart", false);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Wed Feb 09 2011 18:24:28 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Found : user_pref("ConduitEngine.LastLogin_3.3.1.13", "Wed Feb 09 2011 18:24:26 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Apr 25 2011 18:44:52 GMT+0200");
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Apr 25 2011 18:44:48 GMT+0200");
Found : user_pref("ConduitEngine.Uninstall", true);
Found : user_pref("ConduitEngine.UserID", "UN58456737066152990");
Found : user_pref("ConduitEngine.counterAppsAdded", 1);
Found : user_pref("ConduitEngine.engineLocale", "sk");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Apr 25 2011 18:44:48 GMT+0200");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 1);
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.defaultthis.engineName", "Softonic-Eng7 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir[...]
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("gm-notifier.ui.counter.showInbox", true);
Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1700241&q=");
Found : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

-\\ Google Chrome v24.0.1312.52

File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\uzivatel\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [47655 octets] - [13/01/2013 13:44:01]

########## EOF - C:\AdwCleaner[R1].txt - [47716 octets] ##########


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

čo tie teploty
Spusť adwcleaner stlač tlačidlo delete pre odsúhlasenie stlač OK počítač sa reštartuje
log budeš ho mať na systémovom disku ako AdwCleaner[S?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 13.01.2013 14:08 | Avast pri pokuse o odstránenie malware zamrzne

Pozabudla som na tie teploty.
Tu je screen (v tom čase zapnutý firefox a speccy)
Avast pri pokuse o odstránenie malware zamrzne
ono mi to dosť kolíše podľa toho, čo robím na nete, ale som si vedomá toho, že je to dosť vysoké :?
log postnem o chviľku


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 13.01.2013 15:05 | Avast pri pokuse o odstránenie malware zamrzne

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 14:07:31
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : uzivatel - UZIVATEL-PC
# Boot Mode : Normal
# Running from : C:\Users\uzivatel\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla FireFox\Components\AskHPRFF.js
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\searchplugins\Askcom.xml
File Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\searchplugins\Conduit.xml
File Deleted : C:\windows\system32\conduitEngine.tmp
Folder Deleted : C:\Program Files\BrotherSoft_Extreme
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Softonic-Eng7
Folder Deleted : C:\Users\uzivatel\AppData\Local\APN
Folder Deleted : C:\Users\uzivatel\AppData\Local\Conduit
Folder Deleted : C:\Users\uzivatel\AppData\Local\OpenCandy
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\BrotherSoft_Extreme
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\uzivatel\AppData\LocalLow\Softonic-Eng7
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\iWin
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\Conduit
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\ConduitCommon
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\ConduitEngine
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\CT1700241
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{9e06d377-8c36-46df-9e57-0f6f3f5ee23e}
Folder Deleted : C:\Users\uzivatel\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\BrotherSoft_Extreme
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Softonic-Eng7
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1630669F-9D0C-4F0B-8AA9-10DE8BEE1755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1630669F-9D0C-4F0B-8AA9-10DE8BEE1755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKLM\Software\BrotherSoft_Extreme
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AEE88B81-C2FB-4733-A826-88CB0A67FB61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C21E753-381F-4430-9E5D-1EFC696EBE88}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2405280
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2776682
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68A9B0ED-9615-4F62-8B2A-3026C0063232}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{135E8A22-65F5-4E62-B58E-BD8C408D40ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82378918-9238-4778-BBCD-9BF0CE91D271}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1682641-8520-4523-9F0E-138EEACD6FA1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F11A7852-C098-41E8-ACAC-62B3B69A68CE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51A86BB3-6602-4C85-92A5-130EE4864F13}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9A2E5850-2E77-472F-A78A-49783FBE93FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AEE88B81-C2FB-4733-A826-88CB0A67FB61}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrotherSoft_Extreme Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic-Eng7 Toolbar
Key Deleted : HKLM\Software\Softonic-Eng7
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{51A86BB3-6602-4C85-92A5-130EE4864F13}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{51A86BB3-6602-4C85-92A5-130EE4864F13}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7601.17514

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource= ... =CT2776682 --> hxxp://www.google.com

-\\ Mozilla Firefox v17.0.1 (sk)

File : C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\prefs.js

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\user.js ... Deleted !

Deleted : user_pref("CT1700241..clientLogIsEnabled", false);
Deleted : user_pref("CT1700241..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT1700241..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT1700241.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT1700241.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT1700241.AppTrackingLastCheckTime", "Wed Feb 09 2011 18:24:41 GMT+0100");
Deleted : user_pref("CT1700241.CT1700241", "CT1700241");
Deleted : user_pref("CT1700241.CurrentServerDate", "13-1-2013");
Deleted : user_pref("CT1700241.DialogsAlignMode", "LTR");
Deleted : user_pref("CT1700241.DialogsGetterLastCheckTime", "Sat Jan 12 2013 13:10:02 GMT+0100");
Deleted : user_pref("CT1700241.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT1700241.EMailNotifierPollDate", "Wed Feb 09 2011 18:24:30 GMT+0100");
Deleted : user_pref("CT1700241.EnableClickToSearchBox", false);
Deleted : user_pref("CT1700241.EnableSearchHistory", false);
Deleted : user_pref("CT1700241.EnableSearchSuggest", false);
Deleted : user_pref("CT1700241.FeedLastCount128575602170155588", 30);
Deleted : user_pref("CT1700241.FeedLastCount128947133639557200", 200);
Deleted : user_pref("CT1700241.FeedPollDate128575602170155588", "Wed Feb 09 2011 18:24:31 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338490", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338491", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338492", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338493", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338494", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338495", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947133640338497", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128947142826587968", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128962738687613351", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedPollDate128962738687613352", "Wed Feb 09 2011 18:24:54 GMT+0100");
Deleted : user_pref("CT1700241.FeedTTL128947133640338490", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338491", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338492", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338493", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338494", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338495", 40);
Deleted : user_pref("CT1700241.FeedTTL128947133640338497", 40);
Deleted : user_pref("CT1700241.FeedTTL128947142826587968", 40);
Deleted : user_pref("CT1700241.FeedTTL128962738687613351", 40);
Deleted : user_pref("CT1700241.FeedTTL128962738687613352", 40);
Deleted : user_pref("CT1700241.FirstServerDate", "9-2-2011");
Deleted : user_pref("CT1700241.FirstTime", true);
Deleted : user_pref("CT1700241.FirstTimeFF3", true);
Deleted : user_pref("CT1700241.FixPageNotFoundErrors", false);
Deleted : user_pref("CT1700241.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT1700241.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT1700241.HasUserGlobalKeys", true);
Deleted : user_pref("CT1700241.Initialize", true);
Deleted : user_pref("CT1700241.InitializeCommonPrefs", true);
Deleted : user_pref("CT1700241.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT1700241.InstallationType", "DirectDownload");
Deleted : user_pref("CT1700241.InstalledDate", "Wed Feb 09 2011 18:24:32 GMT+0100");
Deleted : user_pref("CT1700241.InvalidateCache", false);
Deleted : user_pref("CT1700241.IsGrouping", false);
Deleted : user_pref("CT1700241.IsMulticommunity", false);
Deleted : user_pref("CT1700241.IsOpenThankYouPage", true);
Deleted : user_pref("CT1700241.IsOpenUninstallPage", true);
Deleted : user_pref("CT1700241.LanguagePackLastCheckTime", "Sat Jan 12 2013 14:31:02 GMT+0100");
Deleted : user_pref("CT1700241.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT1700241.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT1700241.LastLogin_3.15.1.0", "Sun Jan 13 2013 10:53:47 GMT+0100");
Deleted : user_pref("CT1700241.LastLogin_3.3.1.13", "Wed Feb 09 2011 18:24:26 GMT+0100");
Deleted : user_pref("CT1700241.LatestVersion", "3.16.0.3");
Deleted : user_pref("CT1700241.Locale", "en-us");
Deleted : user_pref("CT1700241.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT1700241.MCDetectTooltipShow", false);
Deleted : user_pref("CT1700241.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT1700241.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT1700241.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT1700241.RadioIsPodcast", false);
Deleted : user_pref("CT1700241.RadioLastCheckTime", "Wed Feb 09 2011 18:24:31 GMT+0100");
Deleted : user_pref("CT1700241.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT1700241.RadioLastUpdateServer", "128929877726170000");
Deleted : user_pref("CT1700241.RadioMediaID", "7669670");
Deleted : user_pref("CT1700241.RadioMediaType", "Media Player");
Deleted : user_pref("CT1700241.RadioMenuSelectedID", "EBRadioMenu_CT17002417669670");
Deleted : user_pref("CT1700241.RadioStationName", "Washington's%20Classical%20Station");
Deleted : user_pref("CT1700241.RadioStationURL", "hxxp://audio.classical1035.com/stream/win/wgmslive.asx");
Deleted : user_pref("CT1700241.SearchBackToDefaultEngine", false);
Deleted : user_pref("CT1700241.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT1700241.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT170[...]
Deleted : user_pref("CT1700241.SearchInNewTabEnabled", true);
Deleted : user_pref("CT1700241.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT1700241.SearchInNewTabLastCheckTime", "Sat Jan 12 2013 14:31:01 GMT+0100");
Deleted : user_pref("CT1700241.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT1700241.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT1700241.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT1700241.ServiceMapLastCheckTime", "Sat Jan 12 2013 14:31:01 GMT+0100");
Deleted : user_pref("CT1700241.SettingsLastCheckTime", "Sun Jan 13 2013 10:53:44 GMT+0100");
Deleted : user_pref("CT1700241.SettingsLastUpdate", "1358060977");
Deleted : user_pref("CT1700241.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT1700241.ThirdPartyComponentsLastCheck", "Wed Feb 09 2011 18:24:24 GMT+0100");
Deleted : user_pref("CT1700241.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT1700241.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT1700241.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1700241");
Deleted : user_pref("CT1700241.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT1700241.UserID", "UN98815296028194072");
Deleted : user_pref("CT1700241.ValidationData_Toolbar", 2);
Deleted : user_pref("CT1700241.WeatherNetwork", "");
Deleted : user_pref("CT1700241.WeatherPollDate", "Wed Feb 09 2011 18:25:30 GMT+0100");
Deleted : user_pref("CT1700241.WeatherUnit", "C");
Deleted : user_pref("CT1700241.alertChannelId", "26444");
Deleted : user_pref("CT1700241.approveUntrustedApps", true);
Deleted : user_pref("CT1700241.backendstorage._fb_dailyactivity", "31323937323732323737313831");
Deleted : user_pref("CT1700241.backendstorage._fb_lifetimesent", "54525545");
Deleted : user_pref("CT1700241.backendstorage.facebook_mode", "32");
Deleted : user_pref("CT1700241.backendstorage.facebook_user_first_login_date", "30322F31302F32303131");
Deleted : user_pref("CT1700241.backendstorage.facebook_user_locale", "656E");
Deleted : user_pref("CT1700241.backendstorage.facebook_user_survey_visit", "4E4F545F56495349544544");
Deleted : user_pref("CT1700241.backendstorage.hxxp://facebook_conduitapps_com/v3_2_1. ... onnect_sen[...]
Deleted : user_pref("CT1700241.components.1000034", false);
Deleted : user_pref("CT1700241.components.1000080", false);
Deleted : user_pref("CT1700241.components.1000082", false);
Deleted : user_pref("CT1700241.components.1000234", false);
Deleted : user_pref("CT1700241.components.128575555494999242", false);
Deleted : user_pref("CT1700241.components.128575602170155588", false);
Deleted : user_pref("CT1700241.components.128575656286873814", false);
Deleted : user_pref("CT1700241.components.128576660981719081", false);
Deleted : user_pref("CT1700241.components.128947133639557200", false);
Deleted : user_pref("CT1700241.components.129411438079669451", false);
Deleted : user_pref("CT1700241.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT1700241.globalFirstTimeInfoLastCheckTime", "Wed Feb 09 2011 18:24:26 GMT+0100");
Deleted : user_pref("CT1700241.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT1700241.initDone", true);
Deleted : user_pref("CT1700241.isAppTrackingManagerOn", true);
Deleted : user_pref("CT1700241.myStuffEnabled", true);
Deleted : user_pref("CT1700241.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT1700241.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT1700241.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT1700241.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT1700241.revertSettingsEnabled", true);
Deleted : user_pref("CT1700241.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT1700241.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT1700241.testingCtid", "");
Deleted : user_pref("CT1700241.toolbarAppMetaDataLastCheckTime", "Sat Jan 12 2013 14:31:03 GMT+0100");
Deleted : user_pref("CT1700241.toolbarContextMenuLastCheckTime", "Wed Feb 09 2011 18:24:32 GMT+0100");
Deleted : user_pref("CT1700241.usageEnabled", false);
Deleted : user_pref("CT1700241.usagesFlag", 2);
Deleted : user_pref("CT2586036.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2586036.CT1292343.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT1529850.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT1587097.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT1678857.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT1700241.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT1789364.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT2151295.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT2204547.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT2428314.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT2475029.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT2595006.CommunityChanged", true);
Deleted : user_pref("CT2586036.CT723959.CommunityChanged", true);
Deleted : user_pref("CT2586036.CTID", "CT2586036");
Deleted : user_pref("CT2586036.Chat.Meebo.ServerLastCheckTime", "");
Deleted : user_pref("CT2586036.Chat.Meebo.ServerLastResponseTime", "Tue Jun 29 2010 19:57:50 GMT+0200");
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.2030of7a78203f", 51);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.30plus683ec0a3", 43);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.entertainment3d98c8ee", 0);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.grayowllivesherecommunitychat45acb2e0", 0);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.healthed7eb5ea", 1);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.musicpca565a36", 9);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.newstu0548025d", 3);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.recreation2b6006ec", 0);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.spirituality9440382e", 2);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.sports84029aeb", 3);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.technology9fc01102", 0);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.teenagers60fc8fbc", 80);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.travel0e02ee8e", 1);
Deleted : user_pref("CT2586036.Chat.Meebo.rooms.videogames58dc7b74", 6);
Deleted : user_pref("CT2586036.Chat.ServerLastCheckTime", "Tue Jun 29 2010 19:57:47 GMT+0200");
Deleted : user_pref("CT2586036.CommunitiesChangesLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Deleted : user_pref("CT2586036.CommunityChanged", true);
Deleted : user_pref("CT2586036.CurrentServerDate", "29-6-2010");
Deleted : user_pref("CT2586036.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2586036.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2586036.EMailNotifierPollDate", "Tue Jun 29 2010 19:57:47 GMT+0200");
Deleted : user_pref("CT2586036.FirstServerDate", "29-6-2010");
Deleted : user_pref("CT2586036.FirstTime", true);
Deleted : user_pref("CT2586036.FirstTimeFF3", true);
Deleted : user_pref("CT2586036.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2586036.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2586036.GroupingLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Deleted : user_pref("CT2586036.GroupingLastErrorCode", "");
Deleted : user_pref("CT2586036.GroupingLastResponse", true);
Deleted : user_pref("CT2586036.GroupingLastServerUpdateTime", "129223127145630000");
Deleted : user_pref("CT2586036.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2586036.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2586036.Initialize", true);
Deleted : user_pref("CT2586036.InitializeCommonPrefs", true);
Deleted : user_pref("CT2586036.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT2586036.InstalledDate", "Tue Jun 29 2010 19:57:51 GMT+0200");
Deleted : user_pref("CT2586036.InvalidateCache", false);
Deleted : user_pref("CT2586036.IsGrouping", true);
Deleted : user_pref("CT2586036.IsMulticommunity", false);
Deleted : user_pref("CT2586036.IsOpenThankYouPage", true);
Deleted : user_pref("CT2586036.IsOpenUninstallPage", true);
Deleted : user_pref("CT2586036.LanguagePackLastCheckTime", "Tue Jun 29 2010 19:57:51 GMT+0200");
Deleted : user_pref("CT2586036.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2586036.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2586036.LastLogin_2.7.1.3", "Tue Jun 29 2010 19:58:05 GMT+0200");
Deleted : user_pref("CT2586036.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2586036.Locale", "en");
Deleted : user_pref("CT2586036.LoginCache", 4);
Deleted : user_pref("CT2586036.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2586036.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2586036.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2586036.RadioIsPodcast", false);
Deleted : user_pref("CT2586036.RadioLastCheckTime", "Tue Jun 29 2010 19:57:50 GMT+0200");
Deleted : user_pref("CT2586036.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2586036.RadioLastUpdateServer", "129148966076870000");
Deleted : user_pref("CT2586036.RadioMediaID", "20365487");
Deleted : user_pref("CT2586036.RadioMediaType", "Media Player");
Deleted : user_pref("CT2586036.RadioMenuSelectedID", "EBRadioMenu_CT258603620365487");
Deleted : user_pref("CT2586036.RadioStationName", "Classic%20Rock");
Deleted : user_pref("CT2586036.RadioStationURL", "hxxp://www.gotradio.com/player/launch.asp?id=22&cr=lb");
Deleted : user_pref("CT2586036.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2586036.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2586036.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT258[...]
Deleted : user_pref("CT2586036.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2586036.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2586036.SearchInNewTabLastCheckTime", "Tue Jun 29 2010 19:58:07 GMT+0200");
Deleted : user_pref("CT2586036.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2586036.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2586036.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2586036.SettingsLastCheckTime", "Tue Jun 29 2010 19:57:46 GMT+0200");
Deleted : user_pref("CT2586036.SettingsLastUpdate", "1277831914");
Deleted : user_pref("CT2586036.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2586036.ThirdPartyComponentsLastCheck", "Tue Jun 29 2010 19:57:46 GMT+0200");
Deleted : user_pref("CT2586036.ThirdPartyComponentsLastUpdate", "1277831914");
Deleted : user_pref("CT2586036.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2586036.Uninstall", true);
Deleted : user_pref("CT2586036.UserID", "UN71820706080862816");
Deleted : user_pref("CT2586036.WeatherNetwork", "");
Deleted : user_pref("CT2586036.WeatherPollDate", "Tue Jun 29 2010 19:57:47 GMT+0200");
Deleted : user_pref("CT2586036.WeatherUnit", "C");
Deleted : user_pref("CT2586036.backendstorage.dob_login_status", "4C4F474745445F4F4646");
Deleted : user_pref("CT2586036.backendstorage.hxxp://cmg1_conduit-widgets_com/miniqua ... ium_closed",[...]
Deleted : user_pref("CT2586036.clientLogIsEnabled", true);
Deleted : user_pref("CT2586036.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2586036.myStuffEnabled", true);
Deleted : user_pref("CT2586036.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2586036.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2586036.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2586036.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2586036.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2589491.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2589491.CTID", "CT2589491");
Deleted : user_pref("CT2589491.CurrentServerDate", "15-7-2010");
Deleted : user_pref("CT2589491.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2589491.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2589491.FirstServerDate", "29-6-2010");
Deleted : user_pref("CT2589491.FirstTime", true);
Deleted : user_pref("CT2589491.FirstTimeFF3", true);
Deleted : user_pref("CT2589491.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2589491.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2589491.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2589491.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2589491.Initialize", true);
Deleted : user_pref("CT2589491.InitializeCommonPrefs", true);
Deleted : user_pref("CT2589491.InstallationAndCookieDataSentCount", 2);
Deleted : user_pref("CT2589491.InstalledDate", "Tue Jun 29 2010 19:09:25 GMT+0200");
Deleted : user_pref("CT2589491.IsGrouping", false);
Deleted : user_pref("CT2589491.IsMulticommunity", false);
Deleted : user_pref("CT2589491.IsOpenThankYouPage", true);
Deleted : user_pref("CT2589491.IsOpenUninstallPage", true);
Deleted : user_pref("CT2589491.LanguagePackLastCheckTime", "Thu Jul 15 2010 21:38:46 GMT+0200");
Deleted : user_pref("CT2589491.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2589491.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2589491.LastLogin_2.7.1.3", "Thu Jul 15 2010 21:38:46 GMT+0200");
Deleted : user_pref("CT2589491.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2589491.Locale", "en");
Deleted : user_pref("CT2589491.LoginCache", 4);
Deleted : user_pref("CT2589491.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2589491.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2589491.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2589491.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2589491.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2589491.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT258[...]
Deleted : user_pref("CT2589491.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2589491.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2589491.SearchInNewTabLastCheckTime", "Thu Jul 15 2010 21:38:45 GMT+0200");
Deleted : user_pref("CT2589491.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2589491.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2589491.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT2589491.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2589491.SettingsLastCheckTime", "Thu Jul 15 2010 21:38:45 GMT+0200");
Deleted : user_pref("CT2589491.SettingsLastUpdate", "1275954615");
Deleted : user_pref("CT2589491.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2589491.ThirdPartyComponentsLastCheck", "Tue Jun 29 2010 19:09:19 GMT+0200");
Deleted : user_pref("CT2589491.ThirdPartyComponentsLastUpdate", "1275954615");
Deleted : user_pref("CT2589491.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2589491.UserID", "UN81202832430230556");
Deleted : user_pref("CT2589491.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2589491.alertChannelId", "982308");
Deleted : user_pref("CT2589491.clientLogIsEnabled", false);
Deleted : user_pref("CT2589491.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2589491.components.1000034", false);
Deleted : user_pref("CT2589491.components.1000082", false);
Deleted : user_pref("CT2589491.components.1000234", false);
Deleted : user_pref("CT2589491.myStuffEnabled", true);
Deleted : user_pref("CT2589491.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2589491.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2589491.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2589491.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2589491.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT1060933");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT1700241[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit. ... /CT3072253[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid ... fid=795587", "\"0\""[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid ... fid=905414", "\"0\""[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/15651/15317/SK", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/26444/25926/SK", "\"0\"");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root ... /905414/SK", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1060933", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT1700241", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2405280", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT2776682", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-ser ... =CT3072253", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... tenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... erApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... redApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-serv ... lbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-ser ... rt/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... ?ver=3.3.1[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-se ... ?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... g?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... g?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-s ... kg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT1700241",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT2776682",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/ ... =CT3072253",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... r=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services ... ut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-service ... 280&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-service ... 682&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1060933[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit. ... /CT1700241[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/equaliz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/minimiz[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/play.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/stop.gi[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... er/vol.gif[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... alizer_dea[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nimize.gif"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... t/play.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... t/stop.gif", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/R ... nt/vol.gif", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... ?locale=en", "\"67e[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-serv ... cale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/11348282.xml", "\"dbcc9918016efce4339[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/14293310.xml", "\"2f27386a199c6aa24a8[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16409683.xml", "\"82cedff212729206cb2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/19554706.xml", "\"7c26209c309d21dbadd[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/20536157.xml", "\"92119f5a8bf1c9f47d6[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2557521.xml", "\"def5ee1b40ed4ce03126[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/2883841.xml", "\"77c44579a88303983e95[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/428333.xml", "\"72b978de50b3d148cb8e5[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/807095.xml", "\"013d264de73a8204604e7[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/813286.xml", "\"b093a5339686127c72735[...]
Deleted : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.IsEngineShown", false);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\uzivatel\\AppData\\Roaming\\Mozilla[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.8");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.freecause.com/search?fr=fr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2589491,CT2586036,ConduitEngine,CT1700241");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2589491,CT2586036,CT1700241");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri Apr 22 2011 20:04:55 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 09 2011 18:24:34 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Apr 25 2011 15:18:51 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "402785d9-5dc0-4384-8d2a-96ca84a4734e");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun Nov 07 2010 09:15:27 GMT+0100");
Deleted : user_pref("CommunityToolbar.globalUserId", "22e7145b-53b4-4234-a609-877f17be73e1");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT3072253");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 19 2012 16:25:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 19 2012 16:25:25 GMT+0200");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "2319e89e-a429-47e1-8290-b5b74980e429");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://zoznam.sk");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Deleted : user_pref("CommunityToolbar.twitter.user_11348282.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_20536157.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100[...]
Deleted : user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_2883841.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100"[...]
Deleted : user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Deleted : user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Wed Feb 09 2011 18:24:33 GMT+0100")[...]
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Apr 25 2011 18:44:49 GMT+0200");
Deleted : user_pref("ConduitEngine.FirstServerDate", "02/09/2011 20");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", false);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Wed Feb 09 2011 18:24:28 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.1.13", "Wed Feb 09 2011 18:24:26 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Mon Apr 25 2011 18:44:52 GMT+0200");
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Apr 25 2011 18:44:48 GMT+0200");
Deleted : user_pref("ConduitEngine.Uninstall", true);
Deleted : user_pref("ConduitEngine.UserID", "UN58456737066152990");
Deleted : user_pref("ConduitEngine.counterAppsAdded", 1);
Deleted : user_pref("ConduitEngine.engineLocale", "sk");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Apr 25 2011 18:44:52 GMT+0200");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Apr 25 2011 18:44:48 GMT+0200");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("ConduitEngine.usagesFlag", 1);
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.defaultthis.engineName", "Softonic-Eng7 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir[...]
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("gm-notifier.ui.counter.showInbox", true);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1700241&q=");
Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");

-\\ Google Chrome v24.0.1312.52

File : C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.12.1707.0

File : C:\Users\uzivatel\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [47786 octets] - [13/01/2013 13:44:01]
AdwCleaner[R2].txt - [47847 octets] - [13/01/2013 13:46:37]
AdwCleaner[S1].txt - [48423 octets] - [13/01/2013 14:07:31]

########## EOF - C:\AdwCleaner[S1].txt - [48484 octets] ##########


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

vyčisti notebook od prachu máš nejakú podložku ?

Stiahni si RKill z http://download.bleepingcomputer.com/grinler/rkill.com
ulož ho na plochu Spusť Rkill
program ukonči všetky procesi teda aj malware
Na ploche sa vytvori rkill.txt vlož ho sem
Teraz nerestartuj PC
Aplikuj hneď combofix


Stihni si combofix z http://download.bleepingcomputer.com/sUBs/ComboFix.exe ulož ho na plochu
Vypni všetky rezidentne štity antiviru a antyspyware
Pre WIN XP spuštaj pod amdinistratorom
Pre WIN Vista a WIN 7 klikny na combofix pravym tlačidlom daj spustiť ako spravca
Hneď po zapnuty okno z licečnimi podmienkami stlač tlačidlo ano
Keď ty combofix ponukne inštalovať konzolu pre zotavenie odshuhlas inštalaciu tlačidlom ANO
Behom scanu nechaj combofix pracovať nerob nič na PC
Scan môže trvať cca 10 min všetko zaleži od toho v akom stave je PC može sa to predlžiť o dvojnasobok
Po dokončeni skenovanie combofix reštartuje PC a zobrazi sa log budeš ho máť na C:\ComboFix.txt vlož ho sem
Može sa stať že system nenabehne v tom pripade použi poslednu znamu konfiguraciu http://support.microsoft.com/kb/307852/sk


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 13.01.2013 18:05 | Avast pri pokuse o odstránenie malware zamrzne

Čistenie od prachu doma z času na čas praktizujeme, ale nikdy som nejaký závratný rozdiel nespozorovala. Chladiacu podložku mám (aj keď iba takú lacnejšiu) a tá už trochu rozdiel robí, ale ako vidíš, nič extra to nie je. :roll:
Trvalo to teda dosť dlho, ale tu sú oba logy

rkill:

��R k i l l 2 . 4 . 5 b y L a w r e n c e A b r a m s ( G r i n l e r )

h t t p : / / w w w . b l e e p i n g c o m p u t e r . c o m /

C o p y r i g h t 2 0 0 8 - 2 0 1 3 B l e e p i n g C o m p u t e r . c o m

M o r e I n f o r m a t i o n a b o u t R k i l l c a n b e f o u n d a t t h i s l i n k :

h t t p : / / w w w . b l e e p i n g c o m p u t e r . c o m / f o r u m s / t o p i c 3 0 8 3 6 4 . h t m l



P r o g r a m s t a r t e d a t : 0 1 / 1 3 / 2 0 1 3 0 3 : 1 9 : 0 6 P M i n x 8 6 m o d e .

W i n d o w s V e r s i o n : W i n d o w s 7 H o m e P r e m i u m S e r v i c e P a c k 1



C h e c k i n g f o r W i n d o w s s e r v i c e s t o s t o p :



* N o m a l w a r e s e r v i c e s f o u n d t o s t o p .



C h e c k i n g f o r p r o c e s s e s t o t e r m i n a t e :



* C : \ U s e r s \ u z i v a t e l \ A p p D a t a \ R o a m i n g \ M o z i l l a \ F i r e f o x \ P r o f i l e s \ 4 p i 6 6 b v 2 . d e f a u l t \ e x t e n s i o n s \ { E 1 7 3 B 7 4 9 - D B 5 B - 4 f d 2 - B A 0 E - 9 4 E C E A 0 C A 5 5 B } \ c o m p o n e n t s \ a f o m . e x e ( P I D : 2 7 5 6 ) [ U P - H E U R ]



1 p r o c c e s s t e r m i n a t e d !



C h e c k i n g R e g i s t r y f o r m a l w a r e r e l a t e d s e t t i n g s :



* N o i s s u e s f o u n d i n t h e R e g i s t r y .



R e s e t t i n g . E X E , . C O M , & . B A T a s s o c i a t i o n s i n t h e W i n d o w s R e g i s t r y .



P e r f o r m i n g m i s c e l l a n e o u s c h e c k s :



* N o i s s u e s f o u n d .



C h e c k i n g W i n d o w s S e r v i c e I n t e g r i t y :



* N o i s s u e s f o u n d .



S e a r c h i n g f o r M i s s i n g D i g i t a l S i g n a t u r e s :



* N o i s s u e s f o u n d .



C h e c k i n g H O S T S F i l e :



* H O S T S f i l e e n t r i e s f o u n d :



1 2 7 . 0 . 0 . 1 l o c a l h o s t

9 3 . 1 8 4 . 7 9 . 9 0 r i g h t m e d i a p t c . c o m



P r o g r a m f i n i s h e d a t : 0 1 / 1 3 / 2 0 1 3 0 3 : 1 9 : 4 1 P M

E x e c u t i o n t i m e : 0 h o u r s ( s ) , 0 m i n u t e ( s ) , a n d 3 5 s e c o n d s ( s )

combofix:

ComboFix 13-01-13.01 - uzivatel . 01. 2013 16:10:03.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2813.1883 [GMT 1:00]
Running from: c:\users\uzivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\safesurf
c:\program files\safesurf\auth.txt
c:\program files\safesurf\block.txt
c:\program files\safesurf\f\2\components\aboutRights.js
c:\program files\safesurf\f\2\components\aboutRobots.js
c:\program files\safesurf\f\2\components\accessibility-msaa.xpt
c:\program files\safesurf\f\2\components\accessibility.xpt
c:\program files\safesurf\f\2\components\alerts.xpt
c:\program files\safesurf\f\2\components\appshell.xpt
c:\program files\safesurf\f\2\components\appstartup.xpt
c:\program files\safesurf\f\2\components\autocomplete.xpt
c:\program files\safesurf\f\2\components\autoconfig.xpt
c:\program files\safesurf\f\2\components\browser.xpt
c:\program files\safesurf\f\2\components\browserdirprovider.dll
c:\program files\safesurf\f\2\components\brwsrcmp.dll
c:\program files\safesurf\f\2\components\caps.xpt
c:\program files\safesurf\f\2\components\commandhandler.xpt
c:\program files\safesurf\f\2\components\commandlines.xpt
c:\program files\safesurf\f\2\components\composer.xpt
c:\program files\safesurf\f\2\components\compreg.dat
c:\program files\safesurf\f\2\components\content_base.xpt
c:\program files\safesurf\f\2\components\content_html.xpt
c:\program files\safesurf\f\2\components\content_htmldoc.xpt
c:\program files\safesurf\f\2\components\content_xmldoc.xpt
c:\program files\safesurf\f\2\components\content_xslt.xpt
c:\program files\safesurf\f\2\components\content_xtf.xpt
c:\program files\safesurf\f\2\components\contentprefs.xpt
c:\program files\safesurf\f\2\components\cookie.xpt
c:\program files\safesurf\f\2\components\directory.xpt
c:\program files\safesurf\f\2\components\docshell_base.xpt
c:\program files\safesurf\f\2\components\dom.xpt
c:\program files\safesurf\f\2\components\dom_base.xpt
c:\program files\safesurf\f\2\components\dom_canvas.xpt
c:\program files\safesurf\f\2\components\dom_core.xpt
c:\program files\safesurf\f\2\components\dom_css.xpt
c:\program files\safesurf\f\2\components\dom_events.xpt
c:\program files\safesurf\f\2\components\dom_html.xpt
c:\program files\safesurf\f\2\components\dom_json.xpt
c:\program files\safesurf\f\2\components\dom_loadsave.xpt
c:\program files\safesurf\f\2\components\dom_offline.xpt
c:\program files\safesurf\f\2\components\dom_range.xpt
c:\program files\safesurf\f\2\components\dom_sidebar.xpt
c:\program files\safesurf\f\2\components\dom_storage.xpt
c:\program files\safesurf\f\2\components\dom_stylesheets.xpt
c:\program files\safesurf\f\2\components\dom_svg.xpt
c:\program files\safesurf\f\2\components\dom_traversal.xpt
c:\program files\safesurf\f\2\components\dom_views.xpt
c:\program files\safesurf\f\2\components\dom_xbl.xpt
c:\program files\safesurf\f\2\components\dom_xpath.xpt
c:\program files\safesurf\f\2\components\dom_xul.xpt
c:\program files\safesurf\f\2\components\downloads.xpt
c:\program files\safesurf\f\2\components\editor.xpt
c:\program files\safesurf\f\2\components\embed_base.xpt
c:\program files\safesurf\f\2\components\extensions.xpt
c:\program files\safesurf\f\2\components\exthandler.xpt
c:\program files\safesurf\f\2\components\exthelper.xpt
c:\program files\safesurf\f\2\components\fastfind.xpt
c:\program files\safesurf\f\2\components\FeedConverter.js
c:\program files\safesurf\f\2\components\FeedProcessor.js
c:\program files\safesurf\f\2\components\feeds.xpt
c:\program files\safesurf\f\2\components\FeedWriter.js
c:\program files\safesurf\f\2\components\find.xpt
c:\program files\safesurf\f\2\components\fuelApplication.js
c:\program files\safesurf\f\2\components\gfx.xpt
c:\program files\safesurf\f\2\components\htmlparser.xpt
c:\program files\safesurf\f\2\components\chardet.xpt
c:\program files\safesurf\f\2\components\chrome.xpt
c:\program files\safesurf\f\2\components\imgicon.xpt
c:\program files\safesurf\f\2\components\imglib2.xpt
c:\program files\safesurf\f\2\components\inspector.xpt
c:\program files\safesurf\f\2\components\intl.xpt
c:\program files\safesurf\f\2\components\jar.xpt
c:\program files\safesurf\f\2\components\jsconsole-clhandler.js
c:\program files\safesurf\f\2\components\jsdservice.xpt
c:\program files\safesurf\f\2\components\layout_base.xpt
c:\program files\safesurf\f\2\components\layout_printing.xpt
c:\program files\safesurf\f\2\components\layout_xul.xpt
c:\program files\safesurf\f\2\components\layout_xul_tree.xpt
c:\program files\safesurf\f\2\components\locale.xpt
c:\program files\safesurf\f\2\components\loginmgr.xpt
c:\program files\safesurf\f\2\components\lwbrk.xpt
c:\program files\safesurf\f\2\components\mimetype.xpt
c:\program files\safesurf\f\2\components\mozbrwsr.xpt
c:\program files\safesurf\f\2\components\mozfind.xpt
c:\program files\safesurf\f\2\components\necko.xpt
c:\program files\safesurf\f\2\components\necko_about.xpt
c:\program files\safesurf\f\2\components\necko_cache.xpt
c:\program files\safesurf\f\2\components\necko_cookie.xpt
c:\program files\safesurf\f\2\components\necko_dns.xpt
c:\program files\safesurf\f\2\components\necko_file.xpt
c:\program files\safesurf\f\2\components\necko_ftp.xpt
c:\program files\safesurf\f\2\components\necko_http.xpt
c:\program files\safesurf\f\2\components\necko_res.xpt
c:\program files\safesurf\f\2\components\necko_socket.xpt
c:\program files\safesurf\f\2\components\necko_strconv.xpt
c:\program files\safesurf\f\2\components\necko_viewsource.xpt
c:\program files\safesurf\f\2\components\nsAddonRepository.js
c:\program files\safesurf\f\2\components\nsBadCertHandler.js
c:\program files\safesurf\f\2\components\nsBlocklistService.js
c:\program files\safesurf\f\2\components\nsBrowserContentHandler.js
c:\program files\safesurf\f\2\components\nsBrowserGlue.js
c:\program files\safesurf\f\2\components\nsContentDispatchChooser.js
c:\program files\safesurf\f\2\components\nsContentPrefService.js
c:\program files\safesurf\f\2\components\nsDefaultCLH.js
c:\program files\safesurf\f\2\components\nsDictionary.js
c:\program files\safesurf\f\2\components\nsDownloadManagerUI.js
c:\program files\safesurf\f\2\components\nsExtensionManager.js
c:\program files\safesurf\f\2\components\nsHandlerService.js
c:\program files\safesurf\f\2\components\nsHelperAppDlg.js
c:\program files\safesurf\f\2\components\nsLivemarkService.js
c:\program files\safesurf\f\2\components\nsLoginInfo.js
c:\program files\safesurf\f\2\components\nsLoginManager.js
c:\program files\safesurf\f\2\components\nsLoginManagerPrompter.js
c:\program files\safesurf\f\2\components\nsMicrosummaryService.js
c:\program files\safesurf\f\2\components\nsPlacesTransactionsService.js
c:\program files\safesurf\f\2\components\nsPostUpdateWin.js
c:\program files\safesurf\f\2\components\nsProgressDialog.js
c:\program files\safesurf\f\2\components\nsProxyAutoConfig.js
c:\program files\safesurf\f\2\components\nsRequestService.js
c:\program files\safesurf\f\2\components\nsResetPref.js
c:\program files\safesurf\f\2\components\nsSafebrowsingApplication.js
c:\program files\safesurf\f\2\components\nsSearchService.js
c:\program files\safesurf\f\2\components\nsSearchSuggestions.js
c:\program files\safesurf\f\2\components\nsSessionStartup.js
c:\program files\safesurf\f\2\components\nsSessionStore.js
c:\program files\safesurf\f\2\components\nsSetDefaultBrowser.js
c:\program files\safesurf\f\2\components\nsSidebar.js
c:\program files\safesurf\f\2\components\nsTaggingService.js
c:\program files\safesurf\f\2\components\nsTryToClose.js
c:\program files\safesurf\f\2\components\nsUpdateService.js
c:\program files\safesurf\f\2\components\nsUrlClassifierLib.js
c:\program files\safesurf\f\2\components\nsUrlClassifierListManager.js
c:\program files\safesurf\f\2\components\nsURLFormatter.js
c:\program files\safesurf\f\2\components\nsWebHandlerApp.js
c:\program files\safesurf\f\2\components\nsXmlRpcClient.js
c:\program files\safesurf\f\2\components\nsXULAppInstall.js
c:\program files\safesurf\f\2\components\oji.xpt
c:\program files\safesurf\f\2\components\parentalcontrols.xpt
c:\program files\safesurf\f\2\components\pipboot.xpt
c:\program files\safesurf\f\2\components\pipnss.xpt
c:\program files\safesurf\f\2\components\pippki.xpt
c:\program files\safesurf\f\2\components\places.xpt
c:\program files\safesurf\f\2\components\plugin.xpt
c:\program files\safesurf\f\2\components\pluginGlue.js
c:\program files\safesurf\f\2\components\pref.xpt
c:\program files\safesurf\f\2\components\prefetch.xpt
c:\program files\safesurf\f\2\components\profile.xpt
c:\program files\safesurf\f\2\components\proxyObject.xpt
c:\program files\safesurf\f\2\components\rdf.xpt
c:\program files\safesurf\f\2\components\satchel.xpt
c:\program files\safesurf\f\2\components\saxparser.xpt
c:\program files\safesurf\f\2\components\shistory.xpt
c:\program files\safesurf\f\2\components\spellchecker.xpt
c:\program files\safesurf\f\2\components\storage-Legacy.js
c:\program files\safesurf\f\2\components\storage.xpt
c:\program files\safesurf\f\2\components\toolkitprofile.xpt
c:\program files\safesurf\f\2\components\txEXSLTRegExFunctions.js
c:\program files\safesurf\f\2\components\txmgr.xpt
c:\program files\safesurf\f\2\components\txtsvc.xpt
c:\program files\safesurf\f\2\components\uconv.xpt
c:\program files\safesurf\f\2\components\unicharutil.xpt
c:\program files\safesurf\f\2\components\update.xpt
c:\program files\safesurf\f\2\components\uriloader.xpt
c:\program files\safesurf\f\2\components\urlformatter.xpt
c:\program files\safesurf\f\2\components\webBrowser_core.xpt
c:\program files\safesurf\f\2\components\webbrowserpersist.xpt
c:\program files\safesurf\f\2\components\WebContentConverter.js
c:\program files\safesurf\f\2\components\webshell_idls.xpt
c:\program files\safesurf\f\2\components\widget.xpt
c:\program files\safesurf\f\2\components\windowds.xpt
c:\program files\safesurf\f\2\components\windowwatcher.xpt
c:\program files\safesurf\f\2\components\xml-rpc.xpt
c:\program files\safesurf\f\2\components\xpcom_base.xpt
c:\program files\safesurf\f\2\components\xpcom_components.xpt
c:\program files\safesurf\f\2\components\xpcom_ds.xpt
c:\program files\safesurf\f\2\components\xpcom_io.xpt
c:\program files\safesurf\f\2\components\xpcom_system.xpt
c:\program files\safesurf\f\2\components\xpcom_thread.xpt
c:\program files\safesurf\f\2\components\xpcom_xpti.xpt
c:\program files\safesurf\f\2\components\xpconnect.xpt
c:\program files\safesurf\f\2\components\xpinstall.xpt
c:\program files\safesurf\f\2\components\xpti.dat
c:\program files\safesurf\f\2\components\xulapp.xpt
c:\program files\safesurf\f\2\components\xulapp_setup.xpt
c:\program files\safesurf\f\2\components\xuldoc.xpt
c:\program files\safesurf\f\2\components\xultmpl.xpt
c:\program files\safesurf\f\2\components\zipwriter.xpt
c:\program files\safesurf\f\2\defaults\autoconfig\platform.js
c:\program files\safesurf\f\2\defaults\autoconfig\prefcalls.js
c:\program files\safesurf\f\2\defaults\pref\firefox-branding.js
c:\program files\safesurf\f\2\defaults\pref\firefox-l10n.js
c:\program files\safesurf\f\2\defaults\pref\firefox.js
c:\program files\safesurf\f\2\defaults\pref\channel-prefs.js
c:\program files\safesurf\f\2\defaults\pref\reporter.js
c:\program files\safesurf\f\2\defaults\pref\xulrunner.js
c:\program files\safesurf\f\2\defaults\profile\bookmarks.html
c:\program files\safesurf\f\2\defaults\profile\cookies.sqlite
c:\program files\safesurf\f\2\defaults\profile\chrome\userContent-example.css
c:\program files\safesurf\f\2\defaults\profile\chrome\userChrome-example.css
c:\program files\safesurf\f\2\defaults\profile\localstore.rdf
c:\program files\safesurf\f\2\defaults\profile\mimeTypes.rdf
c:\program files\safesurf\f\2\defaults\profile\permissions.sqlite
c:\program files\safesurf\f\2\defaults\profile\places.sqlite-journal
c:\program files\safesurf\f\2\defaults\profile\places.sqlite
c:\program files\safesurf\f\2\defaults\profile\prefs.js
c:\program files\safesurf\f\2\defaults\profile\US\chrome\userContent-example.css
c:\program files\safesurf\f\2\defaults\profile\US\chrome\userChrome-example.css
c:\program files\safesurf\f\2\defaults\profile\US\localstore.rdf
c:\program files\safesurf\f\2\freebl3.dll
c:\program files\safesurf\f\2\freebl3.chk
c:\program files\safesurf\f\2\greprefs\all.js
c:\program files\safesurf\f\2\greprefs\security-prefs.js
c:\program files\safesurf\f\2\greprefs\xpinstall.js
c:\program files\safesurf\f\2\chrome\classic.jar
c:\program files\safesurf\f\2\chrome\classic.manifest
c:\program files\safesurf\f\2\chrome\comm.jar
c:\program files\safesurf\f\2\chrome\comm.manifest
c:\program files\safesurf\f\2\chrome\en-US.jar
c:\program files\safesurf\f\2\chrome\en-US.manifest
c:\program files\safesurf\f\2\chrome\geckofx.jar
c:\program files\safesurf\f\2\chrome\geckofx.manifest
c:\program files\safesurf\f\2\chrome\pippki.jar
c:\program files\safesurf\f\2\chrome\pippki.manifest
c:\program files\safesurf\f\2\chrome\toolkit.jar
c:\program files\safesurf\f\2\chrome\toolkit.manifest
c:\program files\safesurf\f\2\js3250.dll
c:\program files\safesurf\f\2\modules\debug.js
c:\program files\safesurf\f\2\modules\distribution.js
c:\program files\safesurf\f\2\modules\DownloadUtils.jsm
c:\program files\safesurf\f\2\modules\ISO8601DateUtils.jsm
c:\program files\safesurf\f\2\modules\JSON.jsm
c:\program files\safesurf\f\2\modules\Microformats.js
c:\program files\safesurf\f\2\modules\PluralForm.jsm
c:\program files\safesurf\f\2\modules\utils.js
c:\program files\safesurf\f\2\modules\XPCOMUtils.jsm
c:\program files\safesurf\f\2\mozcrt19.dll
c:\program files\safesurf\f\2\nspr4.dll
c:\program files\safesurf\f\2\nss3.dll
c:\program files\safesurf\f\2\nssckbi.dll
c:\program files\safesurf\f\2\nssdbm3.dll
c:\program files\safesurf\f\2\nssutil3.dll
c:\program files\safesurf\f\2\plc4.dll
c:\program files\safesurf\f\2\plds4.dll
c:\program files\safesurf\f\2\plugins\flashplayer.xpt
c:\program files\safesurf\f\2\plugins\npnul32.dll
c:\program files\safesurf\f\2\plugins\NPSWF32.dll
c:\program files\safesurf\f\2\res\arrow.gif
c:\program files\safesurf\f\2\res\arrowd.gif
c:\program files\safesurf\f\2\res\broken-image.gif
c:\program files\safesurf\f\2\res\contenteditable.css
c:\program files\safesurf\f\2\res\designmode.css
c:\program files\safesurf\f\2\res\dtd\mathml.dtd
c:\program files\safesurf\f\2\res\dtd\xhtml11.dtd
c:\program files\safesurf\f\2\res\EditorOverride.css
c:\program files\safesurf\f\2\res\entityTables\html40Latin1.properties
c:\program files\safesurf\f\2\res\entityTables\html40Special.properties
c:\program files\safesurf\f\2\res\entityTables\html40Symbols.properties
c:\program files\safesurf\f\2\res\entityTables\htmlEntityVersions.properties
c:\program files\safesurf\f\2\res\entityTables\mathml20.properties
c:\program files\safesurf\f\2\res\entityTables\transliterate.properties
c:\program files\safesurf\f\2\res\fonts\mathfont.properties
c:\program files\safesurf\f\2\res\fonts\mathfontStandardSymbolsL.properties
c:\program files\safesurf\f\2\res\fonts\mathfontSTIXNonUnicode.properties
c:\program files\safesurf\f\2\res\fonts\mathfontSTIXSize1.properties
c:\program files\safesurf\f\2\res\fonts\mathfontSymbol.properties
c:\program files\safesurf\f\2\res\fonts\mathfontUnicode.properties
c:\program files\safesurf\f\2\res\forms.css
c:\program files\safesurf\f\2\res\grabber.gif
c:\program files\safesurf\f\2\res\hiddenWindow.html
c:\program files\safesurf\f\2\res\html.css
c:\program files\safesurf\f\2\res\html\folder.png
c:\program files\safesurf\f\2\res\html\Thumbs.db
c:\program files\safesurf\f\2\res\charsetalias.properties
c:\program files\safesurf\f\2\res\charsetData.properties
c:\program files\safesurf\f\2\res\langGroups.properties
c:\program files\safesurf\f\2\res\language.properties
c:\program files\safesurf\f\2\res\loading-image.gif
c:\program files\safesurf\f\2\res\mathml.css
c:\program files\safesurf\f\2\res\quirk.css
c:\program files\safesurf\f\2\res\svg.css
c:\program files\safesurf\f\2\res\table-add-column-after-active.gif
c:\program files\safesurf\f\2\res\table-add-column-after-hover.gif
c:\program files\safesurf\f\2\res\table-add-column-after.gif
c:\program files\safesurf\f\2\res\table-add-column-before-active.gif
c:\program files\safesurf\f\2\res\table-add-column-before-hover.gif
c:\program files\safesurf\f\2\res\table-add-column-before.gif
c:\program files\safesurf\f\2\res\table-add-row-after-active.gif
c:\program files\safesurf\f\2\res\table-add-row-after-hover.gif
c:\program files\safesurf\f\2\res\table-add-row-after.gif
c:\program files\safesurf\f\2\res\table-add-row-before-active.gif
c:\program files\safesurf\f\2\res\table-add-row-before-hover.gif
c:\program files\safesurf\f\2\res\table-add-row-before.gif
c:\program files\safesurf\f\2\res\table-remove-column-active.gif
c:\program files\safesurf\f\2\res\table-remove-column-hover.gif
c:\program files\safesurf\f\2\res\table-remove-column.gif
c:\program files\safesurf\f\2\res\table-remove-row-active.gif
c:\program files\safesurf\f\2\res\table-remove-row-hover.gif
c:\program files\safesurf\f\2\res\table-remove-row.gif
c:\program files\safesurf\f\2\res\Thumbs.db
c:\program files\safesurf\f\2\res\ua.css
c:\program files\safesurf\f\2\res\viewsource.css
c:\program files\safesurf\f\2\res\wincharset.properties
c:\program files\safesurf\f\2\smime3.dll
c:\program files\safesurf\f\2\softokn3.dll
c:\program files\safesurf\f\2\softokn3.chk
c:\program files\safesurf\f\2\sqlite3.dll
c:\program files\safesurf\f\2\ssl3.dll
c:\program files\safesurf\f\2\xpcom.dll
c:\program files\safesurf\f\2\xul.dll
c:\program files\safesurf\f\sfa.txt
c:\program files\safesurf\SafeSurf ABUSE README.txt
c:\programdata\BF6A9EAD06.sys
c:\users\uzivatel\Documents\MOO55A9.tmp
c:\users\uzivatel\Documents\MOO87C2.tmp
c:\users\uzivatel\Documents\MOO8D27.tmp
c:\users\uzivatel\Documents\MOOA312.tmp
c:\users\uzivatel\Documents\MOODFB5.tmp
c:\users\uzivatel\Documents\MOOE052.tmp
c:\users\uzivatel\Documents\MOOEBC.tmp
c:\users\uzivatel\Documents\MOOFE0E.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\UA000079.DLL
.
---- Previous Run -------
.
c:\users\uzivatel\AppData\Roaming\inst.exe
c:\users\uzivatel\DesktopCtw7Nu_save2pc.exe
c:\windows\system32\detoured.dll
c:\windows\system32\systeminfo3.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Files Created from 2012-12-13 to 2013-01-13 )))))))))))))))))))))))))))))))
.
.
2013-01-13 15:40 . 2013-01-13 15:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-13 12:41 . 2013-01-13 12:41 -------- d-----w- c:\program files\Speccy
2013-01-13 12:24 . 2013-01-13 12:25 -------- d-----w- C:\rsit
2013-01-13 12:24 . 2013-01-13 12:25 -------- d-----w- c:\program files\trend micro
2013-01-13 12:24 . 2013-01-13 15:55 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{941A2BDC-A217-4B88-9D59-77D49DDA1431}\offreg.dll
2013-01-13 09:56 . 2013-01-13 09:56 -------- d-----w- c:\users\uzivatel\AppData\Local\Programs
2013-01-13 09:55 . 2013-01-13 09:55 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2013-01-13 09:55 . 2013-01-13 11:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-13 09:55 . 2013-01-13 09:55 -------- d-----w- c:\programdata\Malwarebytes
2013-01-13 09:55 . 2013-01-13 09:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-13 09:55 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-12 13:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{941A2BDC-A217-4B88-9D59-77D49DDA1431}\mpengine.dll
2013-01-09 12:34 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 12:34 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 12:34 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 12:34 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 12:32 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-21 18:21 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:21 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 17:13 . 2012-12-20 17:13 -------- d-----w- C:\agia3d
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 11:52 . 2012-12-12 14:04 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 14:04 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 14:05 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-30 22:51 . 2011-11-01 10:59 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-11-01 10:59 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-11-01 10:59 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-11-01 10:59 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-11-01 10:59 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-11-01 10:58 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-11-01 10:58 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-27 06:26 . 2012-12-12 14:04 981504 ----a-w- c:\windows\system32\wininet.dll
2012-10-16 07:39 . 2012-11-28 09:16 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-15 16:59 . 2012-05-15 17:15 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2007-11-06 23:19 . 2010-11-28 10:28 568832 ----a-w- c:\program files\opera\program\plugins\msvcp90.dll
2007-11-06 23:19 . 2010-11-28 10:28 655872 ----a-w- c:\program files\opera\program\plugins\msvcr90.dll
2012-12-01 16:37 . 2012-12-01 16:36 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-30 1545512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-13 458844]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
backup=c:\windows\pss\20Dollars2Surf.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dizengine.lnk]
path=c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dizengine.lnk
backup=c:\windows\pss\dizengine.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 09:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-05-16 08:27 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-09 16:00 135664 ----atw- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
2009-06-18 16:07 563736 ----a-w- c:\program files\PDF Complete\pdfsty.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 09:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 cpuz135;cpuz135;c:\users\uzivatel\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 ldisk;ldisk;c:\users\uzivatel\AppData\Local\Temp\ldisk.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Slu�ba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [x]
S2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [x]
S3 ALSysIO;ALSysIO;c:\users\uzivatel\AppData\Local\Temp\ALSysIO.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-02 05:25]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-02 05:25]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001Core.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 16:00]
.
2013-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001UA.job
- c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe [2010-02-09 16:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyServer = 187.17.173.17:8088
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://zoznam.sk
FF - prefs.js: network.proxy.http - 83.157.174.237
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
------- File Associations -------
.
txtfile="c:\program files\PSPad\PSPAD.EXE" "%1"
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-Freecorder FLV Service - c:\program files\Freecorder\FLVSrvc.exe
HKLM-Run-UnlockerAssistant - c:\program files\Unlocker\UnlockerAssistant.exe
MSConfigStartUp-GoogleDriveSync - c:\program files\Google\Drive\googledrivesync.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-MyBrowserCash - c:\program files\MyBrowserCash Addon\MyBrowserCash.exe
MSConfigStartUp-StudentDOG - c:\program files\Student DOG\StudentDOG.exe
MSConfigStartUp-Vagex - c:\users\uzivatel\Desktop\Ma�a\Vagex\Vagex\Vagex.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-Active WebCam - c:\program files\Active WebCam\PY_UNINSTAL.EXE SOFTWARE\PySoft\Act_WebCam
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Image Grabber II - c:\users\uzivatel\Desktop\Dominika\Image Grabber II\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-337455947-473087927-4221467448-1001\Software\SecuROM\License information*]
"datasecu"=hex:db,ac,41,35,ab,8e,ab,13,7b,20,8d,1d,d7,08,16,a8,ca,0e,c4,8b,7a,
27,19,86,a0,91,1a,de,17,7c,b9,5f,94,99,e8,f1,07,fa,61,d9,7a,38,ee,53,27,d6,\
"rkeysecu"=hex:1b,cc,7a,9e,57,ac,5f,a3,73,1d,fe,2f,cb,5b,b1,0c
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1564)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\WerFault.exe
.
**************************************************************************
.
Completion time: 2013-01-13 17:43:19 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-13 16:43
.
Pre-Run: 79�455�563�776 bytes free
Post-Run: 79�047�401�472 bytes free
.
- - End Of File - - 217038B5947EB24C62622C91AC55A6E9


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Keď nemáš combofix tak ho presuň na plochu
Spusť poznámkový blok
skopíruj script do poznámkového bloku

killall::

registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"GrooveMonitor"=-
"googletalk"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-


[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^20Dollars2Surf.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^uzivatel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dizengine.lnk]

file::
c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dizengine.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001UA.job
collect::
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
dds::
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www

regnull::
[HKEY_USERS\S-1-5-21-337455947-473087927-4221467448-1001\Software\SecuROM\License information*]
reglock::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]


clearjavacache::
reboot::

Ulož vytvorený TXT súbor ako CFScript
Pretiahni cfscript cez combofix aplikuje sa script
Po aplikovaný scriptu a možnom reštarte pc vlož log sem

Stiahni si tdsskiller http://support.kaspersky.com/downloads/ ... killer.exe na plochu
Spusť daj scan
C:\TDSSKiller.2.8.15.0._datum_log.txt , vlož sem celý log


Poznáš tento proxy server ? 187.17.173.17:8088


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 14.01.2013 16:49 | Avast pri pokuse o odstránenie malware zamrzne

O proxy serveroch nič neviem :?

log z combofixu:


ComboFix 13-01-13.01 - uzivatel . 01. 2013 15:13:26.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.2813.1862 [GMT 1:00]
Running from: c:\users\uzivatel\Desktop\ComboFix.exe
Command switches used :: c:\users\uzivatel\Desktop\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk"
"c:\users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dizengine.lnk"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001UA.job"
.
file zipped: c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\uzivatel\AppData\Roaming\inst.exe
c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}\components\afom.exe
c:\users\uzivatel\AppData\Roaming\vso_ts_preview.xml
c:\users\uzivatel\uidsave.dat
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\result.txt
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-337455947-473087927-4221467448-1001UA.job
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-12-14 to 2013-01-14 )))))))))))))))))))))))))))))))
.
.
2013-01-14 14:36 . 2013-01-14 14:39 -------- d-----w- c:\users\uzivatel\AppData\Local\temp
2013-01-14 14:36 . 2013-01-14 14:36 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-01-14 14:36 . 2013-01-14 14:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-14 12:33 . 2013-01-14 12:33 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{941A2BDC-A217-4B88-9D59-77D49DDA1431}\offreg.dll
2013-01-13 12:41 . 2013-01-13 12:41 -------- d-----w- c:\program files\Speccy
2013-01-13 12:24 . 2013-01-13 12:25 -------- d-----w- C:\rsit
2013-01-13 12:24 . 2013-01-13 12:25 -------- d-----w- c:\program files\trend micro
2013-01-13 09:56 . 2013-01-13 09:56 -------- d-----w- c:\users\uzivatel\AppData\Local\Programs
2013-01-13 09:55 . 2013-01-13 09:55 -------- d-----w- c:\users\uzivatel\AppData\Roaming\Malwarebytes
2013-01-13 09:55 . 2013-01-13 11:34 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-01-13 09:55 . 2013-01-13 09:55 -------- d-----w- c:\programdata\Malwarebytes
2013-01-13 09:55 . 2013-01-13 09:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-13 09:55 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-12 13:03 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{941A2BDC-A217-4B88-9D59-77D49DDA1431}\mpengine.dll
2013-01-09 12:34 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 12:34 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 12:34 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 12:34 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 12:32 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-21 18:21 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 18:21 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 17:13 . 2012-12-20 17:13 -------- d-----w- C:\agia3d
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-12 11:52 . 2012-12-12 14:04 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 14:04 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11 . 2012-12-12 14:05 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-30 22:51 . 2011-11-01 10:59 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-11-01 10:59 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-11-01 10:59 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-11-01 10:59 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2011-11-01 10:59 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-11-01 10:58 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2011-11-01 10:58 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-27 06:26 . 2012-12-12 14:04 981504 ----a-w- c:\windows\system32\wininet.dll
2007-11-06 23:19 . 2010-11-28 10:28 568832 ----a-w- c:\program files\opera\program\plugins\msvcp90.dll
2007-11-06 23:19 . 2010-11-28 10:28 655872 ----a-w- c:\program files\opera\program\plugins\msvcr90.dll
2012-12-01 16:37 . 2012-12-01 16:36 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 288312]
"WirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-30 1545512]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-08-04 98304]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-13 458844]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 CFcatchme;CFcatchme;c:\users\uzivatel\AppData\Local\Temp\CFcatchme.sys [x]
R3 cpuz135;cpuz135;c:\users\uzivatel\AppData\Local\Temp\cpuz135\cpuz135_x32.sys [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [x]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]
R3 ldisk;ldisk;c:\users\uzivatel\AppData\Local\Temp\ldisk.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [x]
S2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [x]
S3 ALSysIO;ALSysIO;c:\users\uzivatel\AppData\Local\Temp\ALSysIO.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
S3 stdriver;Sound Tap Upper Class Filter Driver v2.0.0.0;c:\windows\system32\DRIVERS\stdriver32.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyServer = 187.17.173.17:8088
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\4pi66bv2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://zoznam.sk
FF - prefs.js: network.proxy.http - 83.157.174.237
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(724)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\users\uzivatel\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\uzivatel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\windows defender\MpCmdRun.exe
.
**************************************************************************
.
Completion time: 2013-01-14 15:53:14 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-14 14:53
ComboFix2.txt 2013-01-13 16:43
.
Pre-Run: 78 734 663 680 bytes free
Post-Run: 78 556 852 224 bytes free
.
- - End Of File - - D1DE958B1B90F7E92943BC12609FD260
Upload was successful


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 14.01.2013 16:50 | Avast pri pokuse o odstránenie malware zamrzne

log z tdsskiller:

16:33:14.0290 1576 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:33:14.0555 1576 ============================================================
16:33:14.0555 1576 Current date / time: 2013/01/14 16:33:14.0555
16:33:14.0555 1576 SystemInfo:
16:33:14.0555 1576
16:33:14.0555 1576 OS Version: 6.1.7601 ServicePack: 1.0
16:33:14.0555 1576 Product type: Workstation
16:33:14.0555 1576 ComputerName: UZIVATEL-PC
16:33:14.0555 1576 UserName: uzivatel
16:33:14.0555 1576 Windows directory: C:\windows
16:33:14.0555 1576 System windows directory: C:\windows
16:33:14.0555 1576 Processor architecture: Intel x86
16:33:14.0555 1576 Number of processors: 2
16:33:14.0555 1576 Page size: 0x1000
16:33:14.0555 1576 Boot type: Normal boot
16:33:14.0555 1576 ============================================================
16:33:16.0115 1576 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder:
0xFF, Type 'K0', Flags 0x00000050
16:33:16.0115 1576 ============================================================
16:33:16.0115 1576 \Device\Harddisk0\DR0:
16:33:16.0115 1576 MBR partitions:
16:33:16.0115 1576 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
16:33:16.0115 1576 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x23197800
16:33:16.0115 1576 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2322E000, BlocksNum 0x1E00000
16:33:16.0115 1576 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x2502E000, BlocksNum 0x3FD800
16:33:16.0115 1576 ============================================================
16:33:16.0131 1576 C: <-> \Device\Harddisk0\DR0\Partition2
16:33:16.0162 1576 E: <-> \Device\Harddisk0\DR0\Partition4
16:33:16.0162 1576 ============================================================
16:33:16.0162 1576 Initialize success
16:33:16.0162 1576 ============================================================
16:34:05.0536 1672 ============================================================
16:34:05.0536 1672 Scan started
16:34:05.0536 1672 Mode: Manual;
16:34:05.0536 1672 ============================================================
16:34:06.0051 1672 ================ Scan system memory ========================
16:34:06.0051 1672 System memory - ok
16:34:06.0051 1672 ================ Scan services =============================
16:34:06.0300 1672 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:34:06.0300 1672 1394ohci - ok
16:34:06.0363 1672 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:34:06.0378 1672 ACPI - ok
16:34:06.0425 1672 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:34:06.0441 1672 AcpiPmi - ok
16:34:06.0472 1672 adfs - ok
16:34:06.0534 1672 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:34:06.0566 1672 adp94xx - ok
16:34:06.0597 1672 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:34:06.0612 1672 adpahci - ok
16:34:06.0644 1672 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:34:06.0659 1672 adpu320 - ok
16:34:06.0706 1672 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:34:06.0706 1672 AeLookupSvc - ok
16:34:06.0815 1672 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters
C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\aestsrv.exe
16:34:06.0815 1672 AESTFilters - ok
16:34:06.0893 1672 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:34:06.0909 1672 AFD - ok
16:34:06.0956 1672 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
16:34:06.0956 1672 AgereModemAudio - ok
16:34:07.0018 1672 [ FAA5A0B80E011464C7654851CE3D7FE7 ] AgereSoftModem C:\windows\system32\DRIVERS\AGRSM.sys
16:34:07.0065 1672 AgereSoftModem - ok
16:34:07.0112 1672 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:34:07.0112 1672 agp440 - ok
16:34:07.0158 1672 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:34:07.0158 1672 aic78xx - ok
16:34:07.0205 1672 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:34:07.0221 1672 ALG - ok
16:34:07.0268 1672 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:34:07.0268 1672 aliide - ok
16:34:07.0377 1672 ALSysIO - ok
16:34:07.0439 1672 [ A236CEE2BF90381E981EBB870429FA9B ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:34:07.0439 1672 AMD External Events Utility - ok
16:34:07.0486 1672 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:34:07.0486 1672 amdagp - ok
16:34:07.0517 1672 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:34:07.0517 1672 amdide - ok
16:34:07.0580 1672 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:34:07.0580 1672 AmdK8 - ok
16:34:07.0626 1672 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:34:07.0626 1672 AmdPPM - ok
16:34:07.0689 1672 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
16:34:07.0689 1672 amdsata - ok
16:34:07.0736 1672 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:34:07.0751 1672 amdsbs - ok
16:34:07.0782 1672 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:34:07.0782 1672 amdxata - ok
16:34:07.0829 1672 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:34:07.0845 1672 AppID - ok
16:34:07.0860 1672 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:34:07.0876 1672 AppIDSvc - ok
16:34:07.0923 1672 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:34:07.0938 1672 Appinfo - ok
16:34:08.0063 1672 [ ACB095E7E1663F1B83A41C22C5D75F90 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:34:08.0063 1672 Apple Mobile Device - ok
16:34:08.0141 1672 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:34:08.0141 1672 arc - ok
16:34:08.0157 1672 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:34:08.0172 1672 arcsas - ok
16:34:08.0328 1672 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:34:08.0328 1672 aspnet_state - ok
16:34:08.0406 1672 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:34:08.0406 1672 aswFsBlk - ok
16:34:08.0484 1672 [ 31E0D16EB06D09A248AFF20C76F9091B ] aswKbd C:\windows\system32\drivers\aswKbd.sys
16:34:08.0484 1672 aswKbd - ok
16:34:08.0578 1672 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:34:08.0594 1672 aswMonFlt - ok
16:34:08.0656 1672 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:34:08.0656 1672 aswRdr - ok
16:34:08.0750 1672 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:34:08.0765 1672 aswSnx - ok
16:34:08.0812 1672 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:34:08.0812 1672 aswSP - ok
16:34:08.0843 1672 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:34:08.0843 1672 aswTdi - ok
16:34:08.0874 1672 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:34:08.0874 1672 AsyncMac - ok
16:34:08.0921 1672 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:34:08.0921 1672 atapi - ok
16:34:08.0984 1672 [ 187C905E157D791A3A404EADF8FAE754 ] athsgt C:\windows\system32\DRIVERS\athsgt.sys
16:34:08.0999 1672 athsgt - ok
16:34:09.0233 1672 [ A4252328D2B1520571102992EF0B0E5C ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:34:09.0420 1672 atikmdag - ok
16:34:09.0483 1672 [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie C:\windows\system32\DRIVERS\AtiPcie.sys
16:34:09.0498 1672 AtiPcie - ok
16:34:09.0576 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:34:09.0608 1672 AudioEndpointBuilder - ok
16:34:09.0639 1672 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:34:09.0654 1672 Audiosrv - ok
16:34:09.0717 1672 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:34:09.0732 1672 avast! Antivirus - ok
16:34:09.0779 1672 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:34:09.0779 1672 AxInstSV - ok
16:34:09.0873 1672 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:34:09.0904 1672 b06bdrv - ok
16:34:09.0951 1672 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:34:09.0966 1672 b57nd60x - ok
16:34:10.0122 1672 [ B9E94D37FC08525D893B632A0CA2E18C ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
16:34:10.0185 1672 BCM43XX - ok
16:34:10.0216 1672 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:34:10.0216 1672 BDESVC - ok
16:34:10.0263 1672 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:34:10.0263 1672 Beep - ok
16:34:10.0341 1672 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:34:10.0356 1672 BFE - ok
16:34:10.0403 1672 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\system32\qmgr.dll
16:34:10.0434 1672 BITS - ok
16:34:10.0466 1672 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:34:10.0481 1672 blbdrive - ok
16:34:10.0575 1672 [ A065F048E9E23E6C026A7BB548D126A7 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:34:10.0606 1672 Bonjour Service - ok
16:34:10.0637 1672 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:34:10.0653 1672 bowser - ok
16:34:10.0684 1672 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:34:10.0684 1672 BrFiltLo - ok
16:34:10.0715 1672 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:34:10.0715 1672 BrFiltUp - ok
16:34:10.0778 1672 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
16:34:10.0793 1672 BridgeMP - ok
16:34:10.0824 1672 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:34:10.0840 1672 Browser - ok
16:34:10.0871 1672 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:34:10.0887 1672 Brserid - ok
16:34:10.0918 1672 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:34:10.0918 1672 BrSerWdm - ok
16:34:10.0934 1672 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:34:10.0934 1672 BrUsbMdm - ok
16:34:10.0965 1672 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:34:10.0965 1672 BrUsbSer - ok
16:34:11.0027 1672 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:34:11.0027 1672 BthEnum - ok
16:34:11.0058 1672 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:34:11.0058 1672 BTHMODEM - ok
16:34:11.0090 1672 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:34:11.0090 1672 BthPan - ok
16:34:11.0168 1672 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:34:11.0183 1672 BTHPORT - ok
16:34:11.0246 1672 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:34:11.0246 1672 bthserv - ok
16:34:11.0292 1672 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:34:11.0292 1672 BTHUSB - ok
16:34:11.0370 1672 [ D57D29132EFE13A83133D9BD449E0CF1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
16:34:11.0370 1672 btwaudio - ok
16:34:11.0433 1672 [ D282C14A69357D0E1BAFAECC2CA98C3A ] btwavdt C:\windows\system32\drivers\btwavdt.sys
16:34:11.0433 1672 btwavdt - ok
16:34:11.0526 1672 [ 7D2DD14E60CE4FF3308D66FDA7990546 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:34:11.0542 1672 btwdins - ok
16:34:11.0573 1672 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
16:34:11.0589 1672 btwl2cap - ok
16:34:11.0636 1672 [ 02EB4D2B05967DF2D32F29C84AB1FB17 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
16:34:11.0636 1672 btwrchid - ok
16:34:11.0714 1672 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
16:34:11.0714 1672 Capture Device Service - ok
16:34:11.0760 1672 catchme - ok
16:34:11.0838 1672 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:34:11.0854 1672 cdfs - ok
16:34:11.0901 1672 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:34:11.0916 1672 cdrom - ok
16:34:11.0963 1672 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:34:11.0963 1672 CertPropSvc - ok
16:34:12.0010 1672 CFcatchme - ok
16:34:12.0072 1672 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:34:12.0072 1672 circlass - ok
16:34:12.0119 1672 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:34:12.0135 1672 CLFS - ok
16:34:12.0213 1672 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:34:12.0213 1672 clr_optimization_v2.0.50727_32 - ok
16:34:12.0291 1672 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:34:12.0306 1672 clr_optimization_v4.0.30319_32 - ok
16:34:12.0322 1672 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:34:12.0338 1672 CmBatt - ok
16:34:12.0369 1672 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:34:12.0384 1672 cmdide - ok
16:34:12.0431 1672 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
16:34:12.0462 1672 CNG - ok
16:34:12.0540 1672 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:34:12.0556 1672 Com4QLBEx - ok
16:34:12.0587 1672 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:34:12.0587 1672 Compbatt - ok
16:34:12.0650 1672 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:34:12.0665 1672 CompositeBus - ok
16:34:12.0681 1672 COMSysApp - ok
16:34:12.0728 1672 cpuz135 - ok
16:34:12.0759 1672 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:34:12.0774 1672 crcdisk - ok
16:34:12.0837 1672 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
16:34:12.0852 1672 CryptSvc - ok
16:34:12.0915 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:34:12.0946 1672 DcomLaunch - ok
16:34:12.0993 1672 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:34:13.0008 1672 defragsvc - ok
16:34:13.0055 1672 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:34:13.0055 1672 DfsC - ok
16:34:13.0102 1672 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:34:13.0118 1672 Dhcp - ok
16:34:13.0149 1672 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:34:13.0149 1672 discache - ok
16:34:13.0211 1672 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:34:13.0211 1672 Disk - ok
16:34:13.0274 1672 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:34:13.0289 1672 Dnscache - ok
16:34:13.0367 1672 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:34:13.0383 1672 dot3svc - ok
16:34:13.0430 1672 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:34:13.0445 1672 DPS - ok
16:34:13.0492 1672 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:34:13.0492 1672 drmkaud - ok
16:34:13.0570 1672 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:34:13.0586 1672 DXGKrnl - ok
16:34:13.0617 1672 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:34:13.0632 1672 EapHost - ok
16:34:13.0773 1672 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:34:13.0898 1672 ebdrv - ok
16:34:13.0944 1672 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:34:13.0960 1672 EFS - ok
16:34:14.0022 1672 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:34:14.0054 1672 ehRecvr - ok
16:34:14.0085 1672 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:34:14.0085 1672 ehSched - ok
16:34:14.0163 1672 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:34:14.0194 1672 elxstor - ok
16:34:14.0210 1672 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:34:14.0225 1672 ErrDev - ok
16:34:14.0303 1672 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:34:14.0319 1672 EventSystem - ok
16:34:14.0350 1672 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:34:14.0366 1672 exfat - ok
16:34:14.0397 1672 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:34:14.0412 1672 fastfat - ok
16:34:14.0475 1672 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:34:14.0522 1672 Fax - ok
16:34:14.0553 1672 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:34:14.0553 1672 fdc - ok
16:34:14.0600 1672 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:34:14.0615 1672 fdPHost - ok
16:34:14.0631 1672 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:34:14.0646 1672 FDResPub - ok
16:34:14.0678 1672 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:34:14.0678 1672 FileInfo - ok
16:34:14.0693 1672 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:34:14.0709 1672 Filetrace - ok
16:34:14.0771 1672 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet
Publisher\FNPLicensingService.exe
16:34:14.0802 1672 FLEXnet Licensing Service - ok
16:34:14.0834 1672 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:34:14.0834 1672 flpydisk - ok
16:34:14.0865 1672 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:34:14.0880 1672 FltMgr - ok
16:34:14.0974 1672 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
16:34:15.0021 1672 FontCache - ok
16:34:15.0068 1672 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:34:15.0068 1672 FontCache3.0.0.0 - ok
16:34:15.0099 1672 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:34:15.0114 1672 FsDepends - ok
16:34:15.0161 1672 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:34:15.0161 1672 Fs_Rec - ok
16:34:15.0224 1672 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:34:15.0239 1672 fvevol - ok
16:34:15.0302 1672 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:34:15.0302 1672 gagp30kx - ok
16:34:15.0380 1672 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:34:15.0411 1672 gpsvc - ok
16:34:15.0567 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:34:15.0567 1672 gupdate - ok
16:34:15.0598 1672 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:34:15.0598 1672 gupdatem - ok
16:34:15.0645 1672 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:34:15.0645 1672 hcw85cir - ok
16:34:15.0707 1672 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:34:15.0723 1672 HdAudAddService - ok
16:34:15.0785 1672 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:34:15.0785 1672 HDAudBus - ok
16:34:15.0816 1672 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:34:15.0816 1672 HidBatt - ok
16:34:15.0879 1672 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:34:15.0879 1672 HidBth - ok
16:34:15.0926 1672 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:34:15.0926 1672 HidIr - ok
16:34:15.0972 1672 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\System32\hidserv.dll
16:34:15.0988 1672 hidserv - ok
16:34:16.0050 1672 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:34:16.0050 1672 HidUsb - ok
16:34:16.0113 1672 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:34:16.0128 1672 hkmsvc - ok
16:34:16.0175 1672 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:34:16.0191 1672 HomeGroupListener - ok
16:34:16.0253 1672 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:34:16.0284 1672 HomeGroupProvider - ok
16:34:16.0347 1672 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:34:16.0347 1672 HP Health Check Service - ok
16:34:16.0409 1672 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
16:34:16.0409 1672 HpqKbFiltr - ok
16:34:16.0456 1672 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:34:16.0456 1672 hpqwmiex - ok
16:34:16.0503 1672 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:34:16.0503 1672 HpSAMD - ok
16:34:16.0581 1672 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:34:16.0612 1672 HTTP - ok
16:34:16.0659 1672 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:34:16.0659 1672 hwpolicy - ok
16:34:16.0721 1672 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:34:16.0721 1672 i8042prt - ok
16:34:16.0784 1672 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:34:16.0799 1672 iaStorV - ok
16:34:16.0862 1672 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:34:16.0893 1672 idsvc - ok
16:34:17.0111 1672 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
16:34:17.0283 1672 igfx - ok
16:34:17.0345 1672 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:34:17.0361 1672 iirsp - ok
16:34:17.0423 1672 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:34:17.0470 1672 IKEEXT - ok
16:34:17.0517 1672 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:34:17.0532 1672 intelide - ok
16:34:17.0579 1672 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:34:17.0595 1672 intelppm - ok
16:34:17.0626 1672 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:34:17.0642 1672 IPBusEnum - ok
16:34:17.0673 1672 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:34:17.0673 1672 IpFilterDriver - ok
16:34:17.0751 1672 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:34:17.0782 1672 iphlpsvc - ok
16:34:17.0844 1672 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:34:17.0844 1672 IPMIDRV - ok
16:34:17.0876 1672 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:34:17.0876 1672 IPNAT - ok
16:34:17.0922 1672 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:34:17.0938 1672 IRENUM - ok
16:34:17.0985 1672 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:34:17.0985 1672 isapnp - ok
16:34:18.0047 1672 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:34:18.0063 1672 iScsiPrt - ok
16:34:18.0110 1672 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:34:18.0110 1672 kbdclass - ok
16:34:18.0156 1672 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:34:18.0172 1672 kbdhid - ok
16:34:18.0188 1672 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:34:18.0203 1672 KeyIso - ok
16:34:18.0250 1672 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:34:18.0266 1672 KSecDD - ok
16:34:18.0312 1672 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:34:18.0312 1672 KSecPkg - ok
16:34:18.0359 1672 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:34:18.0390 1672 KtmRm - ok
16:34:18.0453 1672 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\System32\srvsvc.dll
16:34:18.0484 1672 LanmanServer - ok
16:34:18.0531 1672 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:34:18.0562 1672 LanmanWorkstation - ok
16:34:18.0718 1672 [ 55AFD4A9D5ED4AD40D5215CCDF4D65F3 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
16:34:18.0812 1672 Lavasoft Ad-Aware Service - ok
16:34:18.0890 1672 [ 6C4A3804510AD8E0F0C07B5BE3D44DDB ] Lavasoft Kernexplorer C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys
16:34:18.0890 1672 Lavasoft Kernexplorer - ok
16:34:18.0952 1672 [ 336ABE8721CBC3110F1C6426DA633417 ] Lbd C:\windows\system32\DRIVERS\Lbd.sys
16:34:18.0968 1672 Lbd - ok
16:34:18.0999 1672 ldisk - ok
16:34:19.0061 1672 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
16:34:19.0061 1672 LightScribeService - ok
16:34:19.0108 1672 [ 6AC289AB3DE19BEE4868666EA3EEF34B ] limsgt C:\windows\system32\DRIVERS\limsgt.sys
16:34:19.0108 1672 limsgt - ok
16:34:19.0170 1672 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:34:19.0186 1672 lltdio - ok
16:34:19.0217 1672 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:34:19.0248 1672 lltdsvc - ok
16:34:19.0264 1672 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:34:19.0280 1672 lmhosts - ok
16:34:19.0342 1672 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:34:19.0358 1672 LSI_FC - ok
16:34:19.0373 1672 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:34:19.0389 1672 LSI_SAS - ok
16:34:19.0451 1672 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:34:19.0482 1672 LSI_SAS2 - ok
16:34:19.0623 1672 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:34:19.0623 1672 LSI_SCSI - ok
16:34:19.0654 1672 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:34:19.0670 1672 luafv - ok
16:34:19.0716 1672 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus.sys
16:34:19.0732 1672 MarvinBus - ok
16:34:19.0810 1672 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\windows\system32\drivers\mbamswissarmy.sys
16:34:19.0810 1672 MBAMSwissArmy - ok
16:34:19.0888 1672 [ F922B609524CF1ED66A1A109F3CE014F ] mcdbus C:\windows\system32\DRIVERS\mcdbus.sys
16:34:19.0888 1672 mcdbus - ok
16:34:19.0966 1672 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:34:19.0982 1672 Mcx2Svc - ok
16:34:20.0013 1672 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:34:20.0013 1672 megasas - ok
16:34:20.0044 1672 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:34:20.0060 1672 MegaSR - ok
16:34:20.0122 1672 [ 64B96DE8C492BD435372D9130A535F1D ] MfeAVFK C:\windows\system32\drivers\MfeAVFK.sys
16:34:20.0122 1672 MfeAVFK - ok
16:34:20.0138 1672 [ 078E87A89D36CC3516F19D5FB518BDDC ] MfeBOPK C:\windows\system32\drivers\MfeBOPK.sys
16:34:20.0153 1672 MfeBOPK - ok
16:34:20.0184 1672 [ 168C565101FD5B9DB694EFDEC91FAFA9 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
16:34:20.0184 1672 mfehidk - ok
16:34:20.0216 1672 [ E0842F67DC9BC4D21D1E319610EBE9E5 ] MfeRKDK C:\windows\system32\drivers\MfeRKDK.sys
16:34:20.0216 1672 MfeRKDK - ok
16:34:20.0278 1672 [ 43A7ACBBD70ECD62F0B63486C72089A3 ] mfetdik C:\windows\system32\drivers\mfetdik.sys
16:34:20.0278 1672 mfetdik - ok
16:34:20.0372 1672 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:34:20.0372 1672 Microsoft Office Groove Audit Service - ok
16:34:20.0403 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:34:20.0418 1672 MMCSS - ok
16:34:20.0450 1672 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:34:20.0450 1672 Modem - ok
16:34:20.0481 1672 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:34:20.0481 1672 monitor - ok
16:34:20.0543 1672 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
16:34:20.0543 1672 mouclass - ok
16:34:20.0574 1672 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:34:20.0590 1672 mouhid - ok
16:34:20.0637 1672 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:34:20.0637 1672 mountmgr - ok
16:34:20.0715 1672 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:34:20.0715 1672 MozillaMaintenance - ok
16:34:20.0777 1672 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:34:20.0777 1672 mpio - ok
16:34:20.0808 1672 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:34:20.0808 1672 mpsdrv - ok
16:34:20.0886 1672 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:34:20.0918 1672 MpsSvc - ok
16:34:20.0964 1672 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:34:20.0980 1672 MRxDAV - ok
16:34:21.0042 1672 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:34:21.0042 1672 mrxsmb - ok
16:34:21.0105 1672 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:34:21.0120 1672 mrxsmb10 - ok
16:34:21.0136 1672 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:34:21.0152 1672 mrxsmb20 - ok
16:34:21.0198 1672 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:34:21.0198 1672 msahci - ok
16:34:21.0276 1672 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:34:21.0276 1672 msdsm - ok
16:34:21.0308 1672 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:34:21.0339 1672 MSDTC - ok
16:34:21.0417 1672 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:34:21.0417 1672 Msfs - ok
16:34:21.0448 1672 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:34:21.0448 1672 mshidkmdf - ok
16:34:21.0495 1672 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:34:21.0495 1672 msisadrv - ok
16:34:21.0542 1672 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:34:21.0557 1672 MSiSCSI - ok
16:34:21.0573 1672 msiserver - ok
16:34:21.0620 1672 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:34:21.0620 1672 MSKSSRV - ok
16:34:21.0682 1672 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:34:21.0682 1672 MSPCLOCK - ok
16:34:21.0713 1672 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:34:21.0713 1672 MSPQM - ok
16:34:21.0744 1672 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:34:21.0744 1672 MsRPC - ok
16:34:21.0822 1672 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:34:21.0822 1672 mssmbios - ok
16:34:21.0838 1672 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:34:21.0838 1672 MSTEE - ok
16:34:21.0869 1672 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:34:21.0869 1672 MTConfig - ok
16:34:21.0916 1672 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:34:21.0932 1672 Mup - ok
16:34:21.0978 1672 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:34:22.0010 1672 napagent - ok
16:34:22.0088 1672 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:34:22.0103 1672 NativeWifiP - ok
16:34:22.0212 1672 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
16:34:22.0259 1672 NBService - ok
16:34:22.0337 1672 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
16:34:22.0368 1672 NDIS - ok
16:34:22.0415 1672 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:34:22.0431 1672 NdisCap - ok
16:34:22.0478 1672 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:34:22.0478 1672 NdisTapi - ok
16:34:22.0540 1672 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:34:22.0540 1672 Ndisuio - ok
16:34:22.0602 1672 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:34:22.0602 1672 NdisWan - ok
16:34:22.0665 1672 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:34:22.0665 1672 NDProxy - ok
16:34:22.0727 1672 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:34:22.0727 1672 NetBIOS - ok
16:34:22.0790 1672 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:34:22.0805 1672 NetBT - ok
16:34:22.0821 1672 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:34:22.0836 1672 Netlogon - ok
16:34:22.0899 1672 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:34:22.0930 1672 Netman - ok
16:34:22.0992 1672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:34:22.0992 1672 NetMsmqActivator - ok
16:34:23.0024 1672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:34:23.0039 1672 NetPipeActivator - ok
16:34:23.0086 1672 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:34:23.0117 1672 netprofm - ok
16:34:23.0148 1672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:34:23.0164 1672 NetTcpActivator - ok
16:34:23.0180 1672 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:34:23.0180 1672 NetTcpPortSharing - ok
16:34:23.0226 1672 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:34:23.0226 1672 nfrd960 - ok
16:34:23.0289 1672 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
16:34:23.0304 1672 NlaSvc - ok
16:34:23.0429 1672 [ E32686B4E27D11F83E3F2844E104C66C ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
16:34:23.0445 1672 NMIndexingService - ok
16:34:23.0492 1672 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:34:23.0492 1672 Npfs - ok
16:34:23.0507 1672 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:34:23.0523 1672 nsi - ok
16:34:23.0554 1672 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:34:23.0554 1672 nsiproxy - ok
16:34:23.0648 1672 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:34:23.0694 1672 Ntfs - ok
16:34:23.0741 1672 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:34:23.0741 1672 Null - ok
16:34:23.0819 1672 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:34:23.0835 1672 nvraid - ok
16:34:23.0897 1672 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:34:23.0897 1672 nvstor - ok
16:34:23.0960 1672 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:34:23.0960 1672 nv_agp - ok
16:34:24.0053 1672 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:34:24.0069 1672 odserv - ok
16:34:24.0116 1672 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:34:24.0131 1672 ohci1394 - ok
16:34:24.0194 1672 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:34:24.0194 1672 ose - ok
16:34:24.0272 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:34:24.0318 1672 p2pimsvc - ok
16:34:24.0350 1672 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:34:24.0381 1672 p2psvc - ok
16:34:24.0443 1672 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:34:24.0443 1672 Parport - ok
16:34:24.0506 1672 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:34:24.0506 1672 partmgr - ok
16:34:24.0521 1672 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:34:24.0537 1672 Parvdm - ok
16:34:24.0552 1672 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:34:24.0584 1672 PcaSvc - ok
16:34:24.0630 1672 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:34:24.0646 1672 pci - ok
16:34:24.0693 1672 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:34:24.0693 1672 pciide - ok
16:34:24.0771 1672 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:34:24.0786 1672 pcmcia - ok
16:34:24.0849 1672 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\windows\system32\Drivers\pcouffin.sys
16:34:24.0864 1672 pcouffin - ok
16:34:24.0911 1672 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:34:24.0911 1672 pcw - ok
16:34:24.0974 1672 pdfcDispatcher - ok
16:34:25.0036 1672 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:34:25.0067 1672 PEAUTH - ok
16:34:25.0208 1672 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:34:25.0286 1672 pla - ok
16:34:25.0348 1672 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:34:25.0379 1672 PlugPlay - ok
16:34:25.0395 1672 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:34:25.0410 1672 PNRPAutoReg - ok
16:34:25.0442 1672 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:34:25.0473 1672 PNRPsvc - ok
16:34:25.0520 1672 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:34:25.0535 1672 PolicyAgent - ok
16:34:25.0613 1672 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:34:25.0629 1672 Power - ok
16:34:25.0676 1672 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:34:25.0691 1672 PptpMiniport - ok
16:34:25.0722 1672 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:34:25.0722 1672 Processor - ok
16:34:25.0785 1672 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
16:34:25.0816 1672 ProfSvc - ok
16:34:25.0847 1672 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:34:25.0863 1672 ProtectedStorage - ok
16:34:25.0910 1672 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:34:25.0925 1672 Psched - ok
16:34:25.0972 1672 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
16:34:25.0988 1672 PxHelp20 - ok
16:34:26.0066 1672 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:34:26.0112 1672 ql2300 - ok
16:34:26.0175 1672 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:34:26.0175 1672 ql40xx - ok
16:34:26.0222 1672 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:34:26.0253 1672 QWAVE - ok
16:34:26.0268 1672 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:34:26.0284 1672 QWAVEdrv - ok
16:34:26.0300 1672 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:34:26.0300 1672 RasAcd - ok
16:34:26.0362 1672 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:34:26.0362 1672 RasAgileVpn - ok
16:34:26.0393 1672 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:34:26.0424 1672 RasAuto - ok
16:34:26.0440 1672 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:34:26.0456 1672 Rasl2tp - ok
16:34:26.0534 1672 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:34:26.0565 1672 RasMan - ok
16:34:26.0612 1672 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:34:26.0612 1672 RasPppoe - ok
16:34:26.0674 1672 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:34:26.0674 1672 RasSstp - ok
16:34:26.0736 1672 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:34:26.0752 1672 rdbss - ok
16:34:26.0783 1672 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 14.01.2013 16:50 | Avast pri pokuse o odstránenie malware zamrzne

pokračovanie
16:34:26.0799 1672 rdpbus - ok
16:34:26.0846 1672 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:34:26.0846 1672 RDPCDD - ok
16:34:26.0908 1672 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:34:26.0908 1672 RDPENCDD - ok
16:34:26.0939 1672 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:34:26.0939 1672 RDPREFMP - ok
16:34:26.0986 1672 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:34:27.0002 1672 RDPWD - ok
16:34:27.0048 1672 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:34:27.0064 1672 rdyboost - ok
16:34:27.0095 1672 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:34:27.0111 1672 RemoteAccess - ok
16:34:27.0142 1672 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:34:27.0158 1672 RemoteRegistry - ok
16:34:27.0220 1672 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:34:27.0220 1672 RFCOMM - ok
16:34:27.0251 1672 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:34:27.0267 1672 RpcEptMapper - ok
16:34:27.0298 1672 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:34:27.0314 1672 RpcLocator - ok
16:34:27.0376 1672 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
16:34:27.0407 1672 RpcSs - ok
16:34:27.0454 1672 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:34:27.0454 1672 rspndr - ok
16:34:27.0516 1672 [ D0EEDC88876B20D42157CDCCA3E647F3 ] s1039bus C:\windows\system32\DRIVERS\s1039bus.sys
16:34:27.0532 1672 s1039bus - ok
16:34:27.0579 1672 [ 7B35091A7BB597C86262C589B0B57D06 ] s1039mdfl C:\windows\system32\DRIVERS\s1039mdfl.sys
16:34:27.0579 1672 s1039mdfl - ok
16:34:27.0641 1672 [ 4CB1AB13C9813CBF3E4C6406F8043EC2 ] s1039mdm C:\windows\system32\DRIVERS\s1039mdm.sys
16:34:27.0641 1672 s1039mdm - ok
16:34:27.0688 1672 [ 2649CA09585A7531126DCC116AD1F88C ] s1039mgmt C:\windows\system32\DRIVERS\s1039mgmt.sys
16:34:27.0704 1672 s1039mgmt - ok
16:34:27.0766 1672 [ 6D3F549EFD6DAEDD7D12F3DE2175053F ] s1039nd5 C:\windows\system32\DRIVERS\s1039nd5.sys
16:34:27.0766 1672 s1039nd5 - ok
16:34:27.0828 1672 [ 305E3E3ACA0037AF2E2C1B50A383C91B ] s1039obex C:\windows\system32\DRIVERS\s1039obex.sys
16:34:27.0828 1672 s1039obex - ok
16:34:27.0860 1672 [ 7DD02A58277C84C043442561589914F4 ] s1039unic C:\windows\system32\DRIVERS\s1039unic.sys
16:34:27.0860 1672 s1039unic - ok
16:34:27.0891 1672 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:34:27.0906 1672 SamSs - ok
16:34:27.0969 1672 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:34:27.0969 1672 sbp2port - ok
16:34:28.0000 1672 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:34:28.0031 1672 SCardSvr - ok
16:34:28.0094 1672 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:34:28.0094 1672 scfilter - ok
16:34:28.0172 1672 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:34:28.0203 1672 Schedule - ok
16:34:28.0265 1672 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:34:28.0265 1672 SCPolicySvc - ok
16:34:28.0312 1672 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:34:28.0343 1672 SDRSVC - ok
16:34:28.0437 1672 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:34:28.0437 1672 SeaPort - ok
16:34:28.0499 1672 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:34:28.0499 1672 secdrv - ok
16:34:28.0530 1672 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:34:28.0546 1672 seclogon - ok
16:34:28.0577 1672 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\system32\sens.dll
16:34:28.0593 1672 SENS - ok
16:34:28.0640 1672 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:34:28.0655 1672 SensrSvc - ok
16:34:28.0686 1672 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:34:28.0686 1672 Serenum - ok
16:34:28.0718 1672 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:34:28.0733 1672 Serial - ok
16:34:28.0796 1672 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:34:28.0796 1672 sermouse - ok
16:34:28.0889 1672 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:34:28.0905 1672 SessionEnv - ok
16:34:28.0967 1672 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:34:28.0967 1672 sffdisk - ok
16:34:28.0983 1672 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:34:28.0983 1672 sffp_mmc - ok
16:34:29.0014 1672 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:34:29.0014 1672 sffp_sd - ok
16:34:29.0030 1672 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:34:29.0045 1672 sfloppy - ok
16:34:29.0123 1672 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:34:29.0139 1672 SharedAccess - ok
16:34:29.0170 1672 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:34:29.0217 1672 ShellHWDetection - ok
16:34:29.0264 1672 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:34:29.0279 1672 sisagp - ok
16:34:29.0326 1672 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:34:29.0326 1672 SiSRaid2 - ok
16:34:29.0373 1672 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:34:29.0388 1672 SiSRaid4 - ok
16:34:29.0466 1672 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:34:29.0466 1672 SkypeUpdate - ok
16:34:29.0529 1672 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:34:29.0544 1672 Smb - ok
16:34:29.0622 1672 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:34:29.0638 1672 SNMPTRAP - ok
16:34:29.0763 1672 [ D8ABA1293B82E7AF2F78B67CA46FCB3D ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
16:34:29.0810 1672 SNP2UVC - ok
16:34:29.0856 1672 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:34:29.0872 1672 spldr - ok
16:34:29.0934 1672 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
16:34:29.0966 1672 Spooler - ok
16:34:30.0122 1672 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:34:30.0278 1672 sppsvc - ok
16:34:30.0324 1672 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:34:30.0340 1672 sppuinotify - ok
16:34:30.0449 1672 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\windows\system32\Drivers\sptd.sys
16:34:30.0449 1672 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
16:34:30.0480 1672 sptd ( LockedFile.Multi.Generic ) - warning
16:34:30.0480 1672 sptd - detected LockedFile.Multi.Generic (1)
16:34:30.0543 1672 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:34:30.0558 1672 srv - ok
16:34:30.0590 1672 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:34:30.0621 1672 srv2 - ok
16:34:30.0636 1672 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:34:30.0652 1672 srvnet - ok
16:34:30.0683 1672 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:34:30.0714 1672 SSDPSRV - ok
16:34:30.0730 1672 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:34:30.0761 1672 SstpSvc - ok
16:34:30.0902 1672 [ A8D11FB4733AF636A96FC7C67417D893 ] STacSV
C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\STacSV.exe
16:34:30.0902 1672 STacSV - ok
16:34:30.0980 1672 [ 8BB19094DEF583E0EECE1830457444EE ] stdriver C:\windows\system32\DRIVERS\stdriver32.sys
16:34:30.0980 1672 stdriver - ok
16:34:31.0026 1672 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:34:31.0026 1672 stexstor - ok
16:34:31.0089 1672 [ 901703459C668331DF0C0245F6B8160A ] STHDA C:\windows\system32\DRIVERS\stwrt.sys
16:34:31.0104 1672 STHDA - ok
16:34:31.0151 1672 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:34:31.0198 1672 StiSvc - ok
16:34:31.0245 1672 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:34:31.0245 1672 swenum - ok
16:34:31.0276 1672 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:34:31.0323 1672 swprv - ok
16:34:31.0385 1672 [ 1DE40024679CDE0E573465253519730E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:34:31.0401 1672 SynTP - ok
16:34:31.0479 1672 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:34:31.0541 1672 SysMain - ok
16:34:31.0588 1672 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:34:31.0619 1672 TabletInputService - ok
16:34:31.0666 1672 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:34:31.0713 1672 TapiSrv - ok
16:34:31.0728 1672 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:34:31.0760 1672 TBS - ok
16:34:31.0869 1672 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:34:31.0916 1672 Tcpip - ok
16:34:32.0009 1672 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:34:32.0040 1672 TCPIP6 - ok
16:34:32.0118 1672 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:34:32.0134 1672 tcpipreg - ok
16:34:32.0212 1672 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:34:32.0212 1672 TDPIPE - ok
16:34:32.0259 1672 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:34:32.0259 1672 TDTCP - ok
16:34:32.0306 1672 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:34:32.0321 1672 tdx - ok
16:34:32.0368 1672 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:34:32.0384 1672 TermDD - ok
16:34:32.0430 1672 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:34:32.0493 1672 TermService - ok
16:34:32.0508 1672 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:34:32.0540 1672 Themes - ok
16:34:32.0571 1672 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:34:32.0586 1672 THREADORDER - ok
16:34:32.0649 1672 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\windows\system32\drivers\tpm.sys
16:34:32.0649 1672 TPM - ok
16:34:32.0680 1672 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:34:32.0696 1672 TrkWks - ok
16:34:32.0774 1672 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:34:32.0774 1672 TrustedInstaller - ok
16:34:32.0805 1672 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:34:32.0820 1672 tssecsrv - ok
16:34:32.0898 1672 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:34:32.0898 1672 TsUsbFlt - ok
16:34:32.0976 1672 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:34:32.0992 1672 tunnel - ok
16:34:33.0008 1672 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:34:33.0008 1672 uagp35 - ok
16:34:33.0054 1672 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:34:33.0070 1672 udfs - ok
16:34:33.0117 1672 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:34:33.0132 1672 UI0Detect - ok
16:34:33.0210 1672 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:34:33.0210 1672 uliagpkx - ok
16:34:33.0257 1672 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:34:33.0273 1672 umbus - ok
16:34:33.0304 1672 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:34:33.0304 1672 UmPass - ok
16:34:33.0335 1672 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:34:33.0382 1672 upnphost - ok
16:34:33.0398 1672 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:34:33.0413 1672 usbccgp - ok
16:34:33.0460 1672 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:34:33.0460 1672 usbcir - ok
16:34:33.0491 1672 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:34:33.0507 1672 usbehci - ok
16:34:33.0538 1672 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:34:33.0554 1672 usbhub - ok
16:34:33.0585 1672 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:34:33.0585 1672 usbohci - ok
16:34:33.0616 1672 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:34:33.0632 1672 usbprint - ok
16:34:33.0647 1672 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:34:33.0663 1672 USBSTOR - ok
16:34:33.0694 1672 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:34:33.0694 1672 usbuhci - ok
16:34:33.0772 1672 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:34:33.0788 1672 usbvideo - ok
16:34:33.0819 1672 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:34:33.0834 1672 UxSms - ok
16:34:33.0866 1672 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:34:33.0881 1672 VaultSvc - ok
16:34:33.0928 1672 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:34:33.0928 1672 vdrvroot - ok
16:34:33.0990 1672 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:34:34.0037 1672 vds - ok
16:34:34.0068 1672 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:34:34.0068 1672 vga - ok
16:34:34.0131 1672 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:34:34.0131 1672 VgaSave - ok
16:34:34.0193 1672 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:34:34.0193 1672 vhdmp - ok
16:34:34.0256 1672 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:34:34.0256 1672 viaagp - ok
16:34:34.0302 1672 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:34:34.0302 1672 ViaC7 - ok
16:34:34.0349 1672 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:34:34.0349 1672 viaide - ok
16:34:34.0427 1672 [ 531BDF98A509913BDA241C5C686C2AFF ] VirtualCam C:\windows\system32\DRIVERS\VirtualCam.sys
16:34:34.0443 1672 VirtualCam - ok
16:34:34.0490 1672 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:34:34.0505 1672 volmgr - ok
16:34:34.0568 1672 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:34:34.0583 1672 volmgrx - ok
16:34:34.0614 1672 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:34:34.0630 1672 volsnap - ok
16:34:34.0708 1672 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:34:34.0724 1672 vsmraid - ok
16:34:34.0802 1672 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:34:34.0864 1672 VSS - ok
16:34:34.0895 1672 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:34:34.0895 1672 vwifibus - ok
16:34:34.0973 1672 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:34:34.0973 1672 vwififlt - ok
16:34:35.0020 1672 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:34:35.0020 1672 vwifimp - ok
16:34:35.0067 1672 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:34:35.0114 1672 W32Time - ok
16:34:35.0160 1672 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:34:35.0160 1672 WacomPen - ok
16:34:35.0207 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:34:35.0223 1672 WANARP - ok
16:34:35.0238 1672 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:34:35.0238 1672 Wanarpv6 - ok
16:34:35.0363 1672 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:34:35.0410 1672 WatAdminSvc - ok
16:34:35.0488 1672 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:34:35.0550 1672 wbengine - ok
16:34:35.0582 1672 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:34:35.0597 1672 WbioSrvc - ok
16:34:35.0660 1672 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:34:35.0706 1672 wcncsvc - ok
16:34:35.0738 1672 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:34:35.0769 1672 WcsPlugInService - ok
16:34:35.0784 1672 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:34:35.0800 1672 Wd - ok
16:34:35.0862 1672 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:34:35.0878 1672 Wdf01000 - ok
16:34:35.0909 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:34:35.0940 1672 WdiServiceHost - ok
16:34:35.0940 1672 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:34:35.0972 1672 WdiSystemHost - ok
16:34:36.0034 1672 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:34:36.0065 1672 WebClient - ok
16:34:36.0096 1672 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:34:36.0128 1672 Wecsvc - ok
16:34:36.0159 1672 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:34:36.0174 1672 wercplsupport - ok
16:34:36.0252 1672 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:34:36.0268 1672 WerSvc - ok
16:34:36.0362 1672 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:34:36.0362 1672 WfpLwf - ok
16:34:36.0393 1672 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:34:36.0408 1672 WIMMount - ok
16:34:36.0455 1672 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:34:36.0486 1672 WinDefend - ok
16:34:36.0518 1672 WinHttpAutoProxySvc - ok
16:34:36.0580 1672 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:34:36.0611 1672 Winmgmt - ok
16:34:36.0674 1672 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:34:36.0752 1672 WinRM - ok
16:34:36.0845 1672 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:34:36.0845 1672 WinUsb - ok
16:34:36.0908 1672 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:34:36.0939 1672 Wlansvc - ok
16:34:37.0110 1672 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:34:37.0173 1672 wlidsvc - ok
16:34:37.0235 1672 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:34:37.0235 1672 WmiAcpi - ok
16:34:37.0282 1672 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:34:37.0282 1672 wmiApSrv - ok
16:34:37.0376 1672 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:34:37.0422 1672 WMPNetworkSvc - ok
16:34:37.0454 1672 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:34:37.0469 1672 WPCSvc - ok
16:34:37.0532 1672 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:34:37.0547 1672 WPDBusEnum - ok
16:34:37.0594 1672 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:34:37.0610 1672 ws2ifsl - ok
16:34:37.0625 1672 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\system32\wscsvc.dll
16:34:37.0656 1672 wscsvc - ok
16:34:37.0672 1672 WSearch - ok
16:34:37.0797 1672 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:34:37.0875 1672 wuauserv - ok
16:34:37.0953 1672 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:34:37.0968 1672 WudfPf - ok
16:34:38.0000 1672 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:34:38.0015 1672 WUDFRd - ok
16:34:38.0062 1672 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:34:38.0093 1672 wudfsvc - ok
16:34:38.0140 1672 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:34:38.0187 1672 WwanSvc - ok
16:34:38.0265 1672 [ 3EB1576F77B60A6C79DD7742B67219B8 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
16:34:38.0280 1672 yukonw7 - ok
16:34:38.0358 1672 ================ Scan global ===============================
16:34:38.0405 1672 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:34:38.0468 1672 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
16:34:38.0514 1672 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\windows\system32\winsrv.dll
16:34:38.0577 1672 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:34:38.0639 1672 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:34:38.0655 1672 [Global] - ok
16:34:38.0655 1672 ================ Scan MBR ==================================
16:34:38.0670 1672 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:34:39.0014 1672 \Device\Harddisk0\DR0 - ok
16:34:39.0014 1672 ================ Scan VBR ==================================
16:34:39.0029 1672 [ CCDE37EA65F16924A64B72640EF3FE12 ] \Device\Harddisk0\DR0\Partition1
16:34:39.0029 1672 \Device\Harddisk0\DR0\Partition1 - ok
16:34:39.0045 1672 [ 75720E990AB1B714E1AD2ACFC9885E9D ] \Device\Harddisk0\DR0\Partition2
16:34:39.0060 1672 \Device\Harddisk0\DR0\Partition2 - ok
16:34:39.0092 1672 [ A891AB4863E553B9F5D09E07B975B90D ] \Device\Harddisk0\DR0\Partition3
16:34:39.0107 1672 \Device\Harddisk0\DR0\Partition3 - ok
16:34:39.0123 1672 [ 632BA99C857A32664D090DCDAF8EA345 ] \Device\Harddisk0\DR0\Partition4
16:34:39.0123 1672 \Device\Harddisk0\DR0\Partition4 - ok
16:34:39.0123 1672 ============================================================
16:34:39.0123 1672 Scan finished
16:34:39.0123 1672 ============================================================
16:34:39.0170 1368 Detected object count: 1
16:34:39.0170 1368 Actual detected object count: 1
16:34:51.0384 1368 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:34:51.0384 1368 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:41:48.0742 3076 Deinitialize success


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Stiahni si RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe ulož ho na plochu a spusť ako spravca
Prebehne test keď skonči stlač tlačidlo prehľadať
Keď to skonči stlač tlačidlo sprava log vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 14.01.2013 18:35 | Avast pri pokuse o odstránenie malware zamrzne

Bohužiaľ nemôžem tým RogueKillerrom vygenerovať log, lebo krátko po spustení sa my počítač reštartuje :/ Skúšala som to trikrát a vždy ten istý výsledok.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

a aj v nudzovom režime


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 15.01.2013 14:13 | Avast pri pokuse o odstránenie malware zamrzne

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : uzivatel [Práva Správcu]
Režim : Kontrola -- Dátum : 01/15/2013 13:44:43

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 6 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (187.17.173.17:8088) -> NÁJDENÉ
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] 6377f0b355823be67bbabdfbb841267f
[BSP] 0632f5c82f519ba9facfc9d839f8c155 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1]_S_01152013_02d1344.txt >>
RKreport[1]_S_01152013_02d1344.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Znovu spusť RogueKiller
Prebehne test keď skonči stlač tlačidlo prehľadať
Po dokončení stlač tlačidlo zmazať
Keď to skonči stlač tlačidlo sprava objaví sa log ten sem vlož
Potom klikni na tlačidlo oprava HOST
Znovu Keď to skonči stlač tlačidlo sprava log vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 15.01.2013 17:16 | Avast pri pokuse o odstránenie malware zamrzne

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : uzivatel [Práva Správcu]
Režim : Kontrola -- Dátum : 01/15/2013 16:59:06

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 6 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (187.17.173.17:8088) -> NÁJDENÉ
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NÁJDENÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NÁJDENÉ
[HJ] HKLM\[...]\System : EnableLUA (0) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] 6377f0b355823be67bbabdfbb841267f
[BSP] 0632f5c82f519ba9facfc9d839f8c155 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[2]_S_01152013_02d1659.txt >>
RKreport[1]_S_01152013_02d1344.txt ; RKreport[2]_S_01152013_02d1659.txt




RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : uzivatel [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 01/15/2013 16:59:56

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[4]_H_01152013_02d1659.txt >>
RKreport[1]_S_01152013_02d1344.txt ; RKreport[2]_S_01152013_02d1659.txt ; RKreport[3]_D_01152013_02d1659.txt ; RKreport[4]_H_01152013_02d1659.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

nedala si zmazať


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 15.01.2013 21:17 | Avast pri pokuse o odstránenie malware zamrzne

Určite som dala zmazať (minimálne teraz tam už na zmazanie nič nie je) asi som sem omylom postla iný log :oops:
Tento sa podľa času vytvoril medzi tým prvým a druhým čo som postla minule

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : uzivatel [Práva Správcu]
Režim : Odebrať -- Dátum : 01/15/2013 16:59:30

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 6 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (187.17.173.17:8088) -> NEBOLO ODSTRÁNENÉ, POUŽITE PROXYFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZANÉ
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRADENÉ (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> NAHRADENÉ (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRADENÉ (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEKT-60F3T1 ATA Device +++++
--- User ---
[MBR] 6377f0b355823be67bbabdfbb841267f
[BSP] 0632f5c82f519ba9facfc9d839f8c155 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 287535 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 589488128 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 620945408 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3]_D_01152013_02d1659.txt >>
RKreport[1]_S_01152013_02d1344.txt ; RKreport[2]_S_01152013_02d1659.txt ; RKreport[3]_D_01152013_02d1659.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Spusť roguekiller daj oprava proxy


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 16.01.2013 16:15 | Avast pri pokuse o odstránenie malware zamrzne

opravené
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operačný systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : uzivatel [Práva Správcu]
Režim : Oprava Proxy -- Dátum : 01/16/2013 14:46:06

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

Dokončené : << RKreport[5]_PR_01162013_02d1446.txt >>
RKreport[3]_D_01152013_02d1659.txt ; RKreport[4]_PR_01162013_02d1445.txt ; RKreport[5]_PR_01162013_02d1446.txt


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Stiahni si OTL
http://oldtimer.geekstogo.com/OTL.exe
Pre OS XP spusť pod administratorom
Pre OS vista ,7
Zaškrtni LOP check ,Purity check, všetkých používateľov (scan all users )
Klinky na prehľadať (RUN SCAN)
Prebehne scan keď skonči vyskočia logy OTL.txt a Extras.txt tie sem vlož


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 16.01.2013 21:49 | Avast pri pokuse o odstránenie malware zamrzne

OTL logfile created on: 1/16/2013 9:03:05 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2.75 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 70.84% Memory free
5.49 Gb Paging File | 4.47 Gb Available in Paging File | 81.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 280.80 Gb Total Space | 72.31 Gb Free Space | 25.75% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.98 Gb Free Space | 99.65% Space Free | Partition Type: FAT32

Computer Name: UZIVATEL-PC | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/16 21:00:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
PRC - [2012/11/30 03:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/09/17 14:36:54 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012/01/25 13:59:06 | 000,758,224 | ---- | M] () -- C:\Program Files\Core Temp\Core Temp.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/08/04 07:52:00 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/08/04 07:51:00 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/30 16:49:34 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/07/30 16:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/07/27 23:32:56 | 000,076,344 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2009/07/27 16:52:16 | 000,014,336 | ---- | M] (LSI Corporation) -- C:\Program Files\LSI SoftModem\agrsmsvc.exe
PRC - [2009/07/14 02:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Windows Defender\MpCmdRun.exe
PRC - [2009/06/18 17:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files\PDF Complete\pdfsvc.exe
PRC - [2009/03/02 22:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\AEstSrv.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/10 14:24:35 | 001,051,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/10 12:41:45 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\0ac577a8ad6528ff03b50db5eeeac8be\System.Web.ni.dll
MOD - [2013/01/10 12:41:26 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/10 12:39:42 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\865d2bf19a7af7fab8660a42d92550fe\System.Windows.Forms.ni.dll
MOD - [2013/01/10 12:39:12 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/10 12:38:25 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/10 12:38:14 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/10 12:38:10 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/10 12:37:58 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/01/25 13:59:06 | 000,758,224 | ---- | M] () -- C:\Program Files\Core Temp\Core Temp.exe
MOD - [2010/02/02 21:50:03 | 001,732,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3503.18374__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:03 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3503.18350__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:03 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3503.18376__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:03 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3503.18446__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:03 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3503.18369__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:03 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3503.18406__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:03 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3503.18360__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:02 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3503.18471__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:02 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3503.18426__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:02 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3503.18427__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:02 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3503.18360__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:02 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3503.18419__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:02 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3503.18472__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:01 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3503.18471__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:01 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3503.18426__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:01 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3503.18470__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:00 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3503.18409__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:00 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3503.18377__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:00 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3503.18439__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010/02/02 21:50:00 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3503.18363__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:00 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3503.18376__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:00 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3503.18415__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010/02/02 21:50:00 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3503.18408__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:00 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3503.18382__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010/02/02 21:50:00 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3503.18415__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010/02/02 21:49:59 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3503.18407__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010/02/02 21:49:59 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3503.18417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010/02/02 21:49:59 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3503.18383__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010/02/02 21:49:59 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/02/02 21:49:59 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3503.18407__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010/02/02 21:49:59 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3503.18408__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010/02/02 21:49:59 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3503.18417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010/02/02 21:49:58 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/02/02 21:49:58 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/02/02 21:49:57 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/02/02 21:49:57 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/02/02 21:49:57 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/02/02 21:49:57 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/02/02 21:49:57 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/02/02 21:49:57 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/02/02 21:49:57 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010/02/02 21:49:56 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3503.18478__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/02/02 21:49:55 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/02/02 21:49:55 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/02/02 21:49:55 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3503.18344__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/02/02 21:49:54 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3503.18368__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/02/02 21:49:54 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3503.18465__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/02/02 21:49:54 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3503.18463__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/02/02 21:49:54 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3503.18348__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/02/02 21:49:54 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3503.18347__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/02/02 21:49:54 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/02/02 21:49:54 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/02/02 21:49:54 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/02/02 21:49:54 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/02/02 21:49:54 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/02/02 21:49:54 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/02/02 21:49:53 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/02/02 21:49:52 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3503.18356__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/02/02 21:49:52 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3503.18346__90ba9c70f846762e\APM.Server.dll
MOD - [2010/02/02 21:49:52 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3503.18345__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/02/02 21:49:52 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/02/02 21:49:52 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/02/02 21:49:52 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/02/02 21:49:52 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3503.18464__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/08/21 15:11:18 | 000,246,032 | ---- | M] () -- C:\Program Files\Pinnacle\Studio 14\Programs\BlueShellExt.dll
MOD - [2009/08/16 17:06:04 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/07/30 16:49:52 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008/12/19 00:03:42 | 000,020,480 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll


========== Services (SafeList) ==========

SRV - [2013/01/15 17:21:33 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/13 12:25:24 | 002,152,720 | ---- | M] (Lavasoft Limited) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/10/22 20:18:32 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/06/05 23:02:20 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009/08/04 07:51:00 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/30 16:49:34 | 000,582,944 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/07/27 16:52:16 | 000,014,336 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 00:56:02 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\stacsv.exe -- (STacSV)
SRV - [2009/06/18 17:07:06 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/03/02 22:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_b3d7bbbd6875f4bb\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\ldisk.sys -- (ldisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aszio7kl)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\uzivatel\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2013/01/13 12:34:34 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/08/21 10:13:14 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2011/12/23 06:12:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2011/12/23 06:12:10 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/06 19:54:38 | 000,052,824 | ---- | M] (NCH Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stdriver32.sys -- (stdriver)
DRV - [2010/10/30 11:56:52 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/03/15 09:38:44 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2010/03/15 09:38:44 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2010/03/15 09:38:44 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2010/03/15 09:38:44 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2010/03/15 09:38:44 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2010/03/15 09:38:44 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2010/03/15 09:38:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2010/02/19 16:12:23 | 000,164,992 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\athsgt.sys -- (athsgt)
DRV - [2010/02/19 16:12:18 | 000,012,544 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\limsgt.sys -- (limsgt)
DRV - [2009/08/04 08:25:00 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/27 16:52:14 | 001,161,664 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/20 10:10:00 | 000,313,856 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/14 00:56:02 | 000,408,576 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/14 00:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/02 10:40:34 | 001,765,168 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC)
DRV - [2009/05/16 02:15:14 | 000,214,024 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/05/16 02:15:14 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfeavfk.sys -- (MfeAVFK)
DRV - [2009/05/16 02:15:14 | 000,055,336 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/05/16 02:15:14 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfebopk.sys -- (MfeBOPK)
DRV - [2009/05/16 02:15:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (MfeRKDK)
DRV - [2009/05/04 19:30:00 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/04/29 16:46:54 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/09/05 00:46:34 | 000,092,544 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2005/09/23 21:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2004/11/25 02:21:24 | 000,192,512 | ---- | M] (MorningSound Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\VirtualCam.sys -- (VirtualCam)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://zoznam.sk"
FF - prefs.js..extensions.enabledAddons: en-US%40dictionaries.addons.mozilla.org:6.0
FF - prefs.js..extensions.enabledAddons: gmailwatcher%40sonthakit:1.57
FF - prefs.js..extensions.enabledAddons: youtubeautoplaystopper%40grizzlyape.com:1.0.7
FF - prefs.js..extensions.enabledAddons: %7B46551EC9-40F0-4e47-8E18-8E5CF550CFB8%7D:1.3
FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.4
FF - prefs.js..extensions.enabledAddons: %7BE173B749-DB5B-4fd2-BA0E-94ECEA0CA55B%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.6
FF - prefs.js..extensions.enabledItems: {6AC85730-7D0F-4de0-B3FA-21142DD85326}:2.5.5
FF - prefs.js..extensions.enabledItems: {ee4c73ff-7a1b-4330-acec-45e409118cc1}:3.3.3.2
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: gmailwatcher@sonthakit:1.34
FF - prefs.js..extensions.enabledItems: {9e06d377-8c36-46df-9e57-0f6f3f5ee23e}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {2f17f610-5e97-4fed-828f-9940b7b577a4}:1.6.5
FF - prefs.js..network.proxy.http: "83.157.174.237"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/01/03 11:06:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/15 17:21:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/15 17:21:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/15 17:21:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/01/15 17:21:25 | 000,000,000 | ---D | M]

[2010/02/13 19:37:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Extensions
[2013/01/13 14:07:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\4pi66bv2.default\extensions
[2012/08/01 15:53:30 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012/05/21 12:35:15 | 000,000,000 | ---D | M] (Memory Fox) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\4pi66bv2.default\extensions\{E173B749-DB5B-4fd2-BA0E-94ECEA0CA55B}
[2012/05/20 16:48:58 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\uzivatel\AppData\Roaming\mozilla\Firefox\Profiles\4pi66bv2.default\extensions\en-US@dictionaries.addons.mozilla.org
[2012/10/16 12:42:31 | 000,225,820 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\gmailwatcher@sonthakit.xpi
[2012/11/10 16:31:28 | 000,660,585 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\jid0-0PGffAcVvhUBieFYkRVVc5w6lIU@jetpack.xpi
[2012/08/29 21:39:51 | 000,200,628 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\jid1-W5guVoyeUR0uBg@jetpack.xpi
[2012/05/18 22:13:22 | 000,031,379 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\youtubeautoplaystopper@grizzlyape.com.xpi
[2012/11/11 10:21:53 | 000,269,659 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
[2012/10/12 14:10:09 | 000,252,340 | ---- | M] () (No name found) -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011/03/03 18:48:55 | 000,001,196 | ---- | M] () -- C:\Users\uzivatel\AppData\Roaming\mozilla\firefox\profiles\4pi66bv2.default\searchplugins\winamp-search.xml
[2013/01/15 17:21:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/15 17:21:35 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/02/21 11:22:32 | 000,712,704 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2011/02/18 21:29:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/03/10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012/05/03 14:06:13 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2012/05/03 14:06:13 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2012/05/03 14:06:13 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2012/05/03 14:06:13 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2012/05/03 14:06:13 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2012/05/03 14:06:13 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 16.01.2013 21:50 | Avast pri pokuse o odstránenie malware zamrzne

pokračovanie
========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\windows\system32\npDeployJava1.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: 3DVIA player (Enabled) = C:\Program Files\Virtools\3D Life Player\npvirtools.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Google Update (Enabled) = C:\Users\uzivatel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Ask Toolbar = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanjlpfikkmbfcnghlokpfenkelhni\7.15.4.24106_0\
CHR - Extension: Anna Sui = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjohejgigkmiclpgnilojffhiohcglib\3_0\
CHR - Extension: Recreland = C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgngoclpmmghblkcdadkjcnnndeejjg\2011.12.4.26421_0\

O1 HOSTS File: ([2013/01/15 16:59:56 | 000,000,019 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (QUICKfind BHO Object) - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20China/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20China/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{939928C6-B3EB-4574-B969-9357C72C7A2F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A6ED36C-7F19-4417-AFF3-0E99EF456849}: DhcpNameServer = 194.154.227.17 195.91.0.17
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/16 21:00:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2013/01/15 17:21:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/14 17:36:00 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\RK_Quarantine
[2013/01/14 15:50:57 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/14 15:36:33 | 000,000,000 | ---D | C] -- C:\windows\temp
[2013/01/14 15:36:33 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Local\temp
[2013/01/13 20:20:04 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\uzivatel\Desktop\tdsskiller.exe
[2013/01/13 15:13:59 | 005,021,655 | R--- | C] (Swearware) -- C:\Users\uzivatel\Desktop\ComboFix.exe
[2013/01/13 15:13:45 | 001,754,528 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\uzivatel\Desktop\rkill.com
[2013/01/13 13:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[2013/01/13 13:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Speccy
[2013/01/13 13:24:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/01/13 13:24:59 | 000,000,000 | ---D | C] -- C:\rsit
[2013/01/13 10:56:57 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Local\Programs
[2013/01/13 10:55:48 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
[2013/01/13 10:55:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/01/13 10:55:28 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013/01/13 10:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/01/13 10:55:22 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2013/01/13 10:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/01/12 17:52:59 | 002,322,184 | ---- | C] (ESET) -- C:\Users\uzivatel\Desktop\esetsmartinstaller_sky.exe
[2013/01/09 13:34:09 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2013/01/09 13:33:47 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2013/01/09 13:33:47 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2013/01/09 13:33:46 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/01/09 13:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/01/09 13:33:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/01/09 13:33:44 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/01/09 13:33:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/01/09 13:33:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/01/09 13:33:44 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/01/09 13:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/01/09 13:33:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/01/09 13:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/01/09 13:33:44 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/01/09 13:33:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/01/09 13:33:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/01/09 13:33:42 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/01/09 13:33:42 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/01/09 13:33:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/01/09 13:33:41 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/01/09 13:33:41 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/01/09 13:32:44 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\System32\oflc-nz.rs
[2013/01/09 13:32:44 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\System32\csrr.rs
[2013/01/09 13:32:44 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\System32\cob-au.rs
[2013/01/09 13:32:43 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\System32\fpb.rs
[2013/01/09 13:32:43 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\System32\pegibbfc.rs
[2013/01/09 13:32:43 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\System32\usk.rs
[2013/01/09 13:32:43 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\System32\grb.rs
[2013/01/09 13:32:43 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-pt.rs
[2013/01/09 13:32:43 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi.rs
[2013/01/09 13:32:43 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\System32\djctq.rs
[2013/01/09 13:32:42 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\gameux.dll
[2013/01/09 13:32:42 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\Wpc.dll
[2013/01/09 13:32:38 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\System32\esrb.rs
[2013/01/09 13:32:38 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\System32\oflc.rs
[2013/01/09 13:32:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\System32\pegi-fi.rs
[2013/01/09 13:32:37 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\System32\cero.rs
[2013/01/09 13:32:14 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ncrypt.dll
[2013/01/09 13:32:14 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\taskhost.exe
[2013/01/06 19:21:35 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\2248_black_ink
[2012/12/25 12:02:35 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\One-Direction---Take-Me-Home-(2012)(1)
[2012/12/24 13:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2012/12/22 11:30:07 | 000,000,000 | ---D | C] -- C:\Users\uzivatel\Desktop\GA
[2012/12/21 19:21:41 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\System32\atmfd.dll
[2012/12/21 19:21:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\System32\atmlib.dll
[2012/12/20 18:13:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro-Happy.com
[2012/12/20 18:13:37 | 000,000,000 | ---D | C] -- C:\agia3d
[2010/03/22 14:51:54 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\uzivatel\AppData\Roaming\pcouffin.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/16 21:00:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2013/01/16 18:25:05 | 000,072,220 | ---- | M] () -- C:\Users\uzivatel\Desktop\Private.Practice.S06E12.HDTV.x264-LOL.[VTV].srt
[2013/01/16 18:23:32 | 260,133,927 | ---- | M] () -- C:\Users\uzivatel\Desktop\Private.Practice.S06E12.HDTV.x264-LOL.[VTV].mp4
[2013/01/16 14:57:42 | 000,019,760 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/16 14:57:42 | 000,019,760 | ---- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/16 14:54:17 | 000,663,820 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2013/01/16 14:54:17 | 000,125,950 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2013/01/16 14:47:14 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/01/16 14:47:11 | 2212,126,720 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/15 16:59:56 | 000,000,019 | ---- | M] () -- C:\windows\System32\drivers\etc\hosts
[2013/01/14 17:33:23 | 000,764,416 | ---- | M] () -- C:\Users\uzivatel\Desktop\RogueKiller.exe
[2013/01/13 20:20:14 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\uzivatel\Desktop\tdsskiller.exe
[2013/01/13 15:14:42 | 005,021,655 | R--- | M] (Swearware) -- C:\Users\uzivatel\Desktop\ComboFix.exe
[2013/01/13 15:14:04 | 001,754,528 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\uzivatel\Desktop\rkill.com
[2013/01/13 13:43:43 | 000,554,087 | ---- | M] () -- C:\Users\uzivatel\Desktop\adwcleaner.exe
[2013/01/13 13:43:06 | 000,019,261 | ---- | M] () -- C:\Users\uzivatel\Desktop\teploty.JPG
[2013/01/13 13:41:46 | 000,000,897 | ---- | M] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/13 13:24:45 | 000,781,383 | ---- | M] () -- C:\Users\uzivatel\Desktop\RSIT.exe
[2013/01/13 12:34:34 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2013/01/12 20:06:15 | 002,639,540 | ---- | M] () -- C:\Users\uzivatel\Desktop\gdbnt.zip
[2013/01/12 18:38:51 | 000,020,992 | ---- | M] () -- C:\Users\uzivatel\Desktop\Chapter 1.wps
[2013/01/12 17:53:04 | 002,322,184 | ---- | M] (ESET) -- C:\Users\uzivatel\Desktop\esetsmartinstaller_sky.exe
[2013/01/12 16:37:11 | 000,000,064 | ---- | M] () -- C:\windows\System32\rp_stats.dat
[2013/01/12 16:37:11 | 000,000,044 | ---- | M] () -- C:\windows\System32\rp_rules.dat
[2013/01/12 10:50:31 | 000,002,341 | ---- | M] () -- C:\Users\uzivatel\Desktop\Google Chrome.lnk
[2013/01/11 14:53:09 | 000,093,696 | ---- | M] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/11 14:43:01 | 275,894,321 | ---- | M] () -- C:\Users\uzivatel\Desktop\Greys.Anatomy.S09E10.HDTV.x264-2HD.mp4
[2013/01/10 12:36:20 | 003,114,336 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2013/01/09 23:07:28 | 000,044,885 | ---- | M] () -- C:\Users\uzivatel\Desktop\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.srt
[2013/01/09 14:39:13 | 258,432,621 | ---- | M] () -- C:\Users\uzivatel\Desktop\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.mp4
[2013/01/04 00:17:44 | 000,006,448 | ---- | M] () -- C:\Users\uzivatel\Desktop\double date.omm
[2013/01/03 11:06:52 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2013/01/02 21:53:44 | 000,004,049 | ---- | M] () -- C:\Users\uzivatel\Desktop\birthday party.omm
[2012/12/27 17:48:22 | 000,029,210 | ---- | M] () -- C:\Users\uzivatel\Desktop\How-I-Met-Your-Mother-S03E01(0000084261).srt
[2012/12/27 17:47:05 | 000,032,252 | ---- | M] () -- C:\Users\uzivatel\Desktop\How-I-Met-Your-Mother-S03E02(0000085597).srt
[2012/12/26 13:34:06 | 000,171,871 | ---- | M] () -- C:\Users\uzivatel\Desktop\movie_folder_template_by_mrfolder-d46rpj1.rar
[2012/12/24 13:56:33 | 001,606,064 | ---- | M] () -- C:\Users\uzivatel\Desktop\googletalk-setup.exe
[2012/12/22 23:54:03 | 000,024,431 | ---- | M] () -- C:\Users\uzivatel\Desktop\chapter 5.omm
[2012/12/20 18:13:44 | 000,000,777 | ---- | M] () -- C:\Users\Public\Desktop\Euro-Happy.com.lnk
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/16 18:24:59 | 000,072,220 | ---- | C] () -- C:\Users\uzivatel\Desktop\Private.Practice.S06E12.HDTV.x264-LOL.[VTV].srt
[2013/01/16 18:14:25 | 260,133,927 | ---- | C] () -- C:\Users\uzivatel\Desktop\Private.Practice.S06E12.HDTV.x264-LOL.[VTV].mp4
[2013/01/14 17:33:10 | 000,764,416 | ---- | C] () -- C:\Users\uzivatel\Desktop\RogueKiller.exe
[2013/01/13 13:43:31 | 000,554,087 | ---- | C] () -- C:\Users\uzivatel\Desktop\adwcleaner.exe
[2013/01/13 13:43:03 | 000,019,261 | ---- | C] () -- C:\Users\uzivatel\Desktop\teploty.JPG
[2013/01/13 13:41:46 | 000,000,897 | ---- | C] () -- C:\Users\Public\Desktop\Speccy.lnk
[2013/01/13 13:24:35 | 000,781,383 | ---- | C] () -- C:\Users\uzivatel\Desktop\RSIT.exe
[2013/01/12 20:05:50 | 002,639,540 | ---- | C] () -- C:\Users\uzivatel\Desktop\gdbnt.zip
[2013/01/12 18:38:49 | 000,020,992 | ---- | C] () -- C:\Users\uzivatel\Desktop\Chapter 1.wps
[2013/01/11 14:34:40 | 275,894,321 | ---- | C] () -- C:\Users\uzivatel\Desktop\Greys.Anatomy.S09E10.HDTV.x264-2HD.mp4
[2013/01/10 16:57:34 | 000,044,885 | ---- | C] () -- C:\Users\uzivatel\Desktop\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.srt
[2013/01/09 14:29:54 | 258,432,621 | ---- | C] () -- C:\Users\uzivatel\Desktop\Pretty.Little.Liars.S03E14.HDTV.x264-LOL.mp4
[2013/01/01 17:55:20 | 000,004,049 | ---- | C] () -- C:\Users\uzivatel\Desktop\birthday party.omm
[2012/12/30 22:21:59 | 000,006,448 | ---- | C] () -- C:\Users\uzivatel\Desktop\double date.omm
[2012/12/27 17:48:18 | 000,029,210 | ---- | C] () -- C:\Users\uzivatel\Desktop\How-I-Met-Your-Mother-S03E01(0000084261).srt
[2012/12/27 17:46:55 | 000,032,252 | ---- | C] () -- C:\Users\uzivatel\Desktop\How-I-Met-Your-Mother-S03E02(0000085597).srt
[2012/12/26 13:34:05 | 000,171,871 | ---- | C] () -- C:\Users\uzivatel\Desktop\movie_folder_template_by_mrfolder-d46rpj1.rar
[2012/12/24 13:56:13 | 001,606,064 | ---- | C] () -- C:\Users\uzivatel\Desktop\googletalk-setup.exe
[2012/12/20 18:13:44 | 000,000,777 | ---- | C] () -- C:\Users\Public\Desktop\Euro-Happy.com.lnk
[2012/07/26 16:29:06 | 000,007,602 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\Resmon.ResmonCfg
[2012/07/16 12:20:18 | 000,000,064 | ---- | C] () -- C:\windows\System32\rp_stats.dat
[2012/07/16 12:20:18 | 000,000,044 | ---- | C] () -- C:\windows\System32\rp_rules.dat
[2012/07/13 13:36:56 | 000,016,432 | ---- | C] () -- C:\windows\System32\lsdelete.exe
[2012/03/29 17:07:53 | 000,000,022 | ---- | C] () -- C:\windows\pspvc_path.ini
[2012/02/23 18:08:11 | 000,151,552 | ---- | C] () -- C:\windows\System32\nvRegDev.dll
[2011/07/11 10:21:24 | 000,369,040 | -H-- | C] () -- C:\windows\System32\mlfcache.dat
[2011/06/26 16:54:10 | 000,000,046 | ---- | C] () -- C:\windows\Speed.INI
[2011/04/01 13:24:21 | 000,000,005 | ---- | C] () -- C:\Program Files\trl.trl
[2010/10/10 17:55:07 | 000,005,642 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/09/25 19:14:53 | 000,004,096 | -H-- | C] () -- C:\Users\uzivatel\AppData\Local\keyfile3.drm
[2010/07/24 14:41:39 | 000,000,589 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\AutoGK.ini
[2010/07/24 11:23:36 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/05/28 21:35:00 | 000,093,696 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/22 14:51:55 | 000,007,887 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\pcouffin.cat
[2010/03/22 14:51:54 | 000,001,144 | ---- | C] () -- C:\Users\uzivatel\AppData\Roaming\pcouffin.inf
[2010/03/19 22:15:27 | 000,000,096 | ---- | C] () -- C:\Users\uzivatel\AppData\Local\fusioncache.dat

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/02/21 14:47:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\12Voip
[2010/04/17 19:02:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ambient Design
[2010/07/11 10:48:38 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Any DVD Clone
[2011/05/21 11:03:29 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ashampoo
[2011/01/14 13:27:33 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Audacity
[2010/10/06 17:29:37 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Auslogics
[2010/02/15 16:39:16 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\avidemux
[2012/03/10 10:48:45 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Awrepi
[2010/04/26 18:08:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\BitComet
[2012/02/19 14:02:05 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Blender Foundation
[2012/05/17 16:52:50 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\BSplayer
[2010/02/12 18:54:58 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\BSplayer Pro
[2010/08/28 18:08:23 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\COWON
[2012/07/17 08:34:30 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
[2010/02/20 12:55:25 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Desperate Housewives
[2010/04/04 14:53:08 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Dev-Cpp
[2011/07/11 10:17:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\dizengine
[2011/06/03 16:05:55 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DVDFab
[2012/03/09 15:28:00 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Enopc
[2011/05/02 14:51:55 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ESET
[2011/07/03 20:41:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\FairStars Recorder
[2011/03/16 19:44:32 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\FileZilla
[2010/05/28 22:02:33 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\GeoVid
[2011/10/08 21:35:04 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\GetRightToGo
[2010/05/31 13:45:52 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\GHISLER
[2011/04/19 17:49:49 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Gomez
[2012/12/20 14:07:30 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ICQ
[2011/02/06 14:03:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\IObit
[2011/12/16 17:57:53 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\iPadian
[2010/02/16 16:52:14 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Leadertech
[2010/06/12 15:13:13 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\MAGIX
[2012/02/04 18:00:50 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\MilkShape 3D 1.x.x
[2010/11/13 19:54:55 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\NCH Swift Sound
[2011/02/18 23:30:05 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\oald8
[2011/05/21 09:07:11 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Oberon Media
[2011/05/19 12:24:57 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\OnLive App
[2010/02/28 23:08:20 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\OpenOffice.org
[2011/02/05 22:04:36 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Opera
[2012/05/17 16:53:34 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Orbit
[2012/02/24 00:39:17 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PhotoFiltre
[2011/09/19 18:48:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PhotoScape
[2011/11/05 00:27:40 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ProgSense
[2010/07/15 11:57:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Publish Providers
[2010/03/30 18:00:12 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SecondLife
[2012/08/15 17:01:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SharePod
[2010/10/22 14:51:44 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Sony
[2010/07/21 19:43:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Sony Creative Software
[2010/04/15 10:42:42 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SPIL Games
[2010/06/22 16:57:16 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\SpinTop
[2012/06/03 12:59:53 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Student dog
[2011/12/06 17:48:03 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Synthesia
[2011/07/06 14:03:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\TSRWorkshop
[2010/10/31 13:57:24 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Ulead Systems
[2013/01/16 19:44:09 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\uTorrent
[2010/05/28 21:34:19 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\VisiFly
[2012/02/12 18:52:56 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Vso
[2011/04/30 09:18:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Windows Live Writer
[2010/05/15 16:14:33 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\WNR

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/09/09 18:20:06 | 000,000,000 | ---D | M](C:\Users\uzivatel\Nov? prie?inok) -- C:\Users\uzivatel\Nov� prie�inok
[2012/09/09 18:20:06 | 000,000,000 | ---D | M](C:\Users\uzivatel\Nov? prie?inok) -- C:\Users\uzivatel\Nov� prie�inok
(C:\Users\uzivatel\Nov? prie?inok) -- C:\Users\uzivatel\Nov� prie�inok

========== Alternate Data Streams ==========

@Alternate Data Stream - 94 bytes -> C:\ProgramData\TEMP:40E5AD89
@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_SVXWV4PVSVVVV8N4TF1RVDNVCLPT4WP9HVM8G6XVFGVXVF5VVJVP
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:C3A4217C
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:264B2CC4
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:4A9220C3
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:E5EADA0D
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:4AD2C54D

< End of report >


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 16.01.2013 21:53 | Avast pri pokuse o odstránenie malware zamrzne

OTL Extras logfile created on: 1/16/2013 9:03:05 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\uzivatel\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2.75 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 70.84% Memory free
5.49 Gb Paging File | 4.47 Gb Available in Paging File | 81.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 280.80 Gb Total Space | 72.31 Gb Free Space | 25.75% Space Free | Partition Type: NTFS
Drive E: | 1.99 Gb Total Space | 1.98 Gb Free Space | 99.65% Space Free | Partition Type: FAT32

Computer Name: UZIVATEL-PC | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Program Files\PSPad\PSPAD.EXE (Prog-Soft s.r.o.)

[HKEY_USERS\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\Program Files\PSPad\PSPAD.EXE" "%1" (Prog-Soft s.r.o.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0878A315-88F4-4D71-883F-448ABDEAF5AA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{18173F66-F798-4656-80BE-7758CDA62A68}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{27991A4C-E411-4F95-9344-65C9C7B83A51}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2ABE44DA-53F5-45B0-A06D-8C46122385EC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3B46BAFA-00D9-4512-84F5-CD6CCE6CFCFE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40F3F030-B4D1-484F-9E6E-4EF1D7DE1EB8}" = rport=137 | protocol=17 | dir=out | app=system |
"{4228480E-17D1-4331-B5F5-1A332D8C3615}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{4659A14D-D2DB-431E-8633-8497B84BFC30}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5ADC02F0-0A3F-4A11-87B3-21ABA827D961}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5C17AAFF-FCCD-438D-AC9E-FDB3CAC77EB2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5FBF60BA-E5D5-42CA-B90B-F146AAF4F44A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{67979B4E-3764-4BE7-9108-A1E504BB49E9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{7256E206-B542-491C-A187-9F116E3F92EC}" = lport=139 | protocol=6 | dir=in | app=system |
"{73331BD6-40B3-4389-83D4-14D592735429}" = rport=139 | protocol=6 | dir=out | app=system |
"{74EAD3C1-7A00-4D35-9C9B-82D6D7ABF9EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81AE96F7-37C7-4E08-947C-744027F72AA8}" = lport=137 | protocol=17 | dir=in | app=system |
"{96D7F1DC-4B77-4BAD-9915-DCCAB74E7EB5}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{A110AC6A-94D0-4562-A53E-6A9779B40B49}" = lport=138 | protocol=17 | dir=in | app=system |
"{A56E0958-6DAA-40EF-9766-582BC1AFE568}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A83FA7B2-DDDA-417B-9870-5325B7CCC88E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADFF231F-6E24-4E87-896A-6A2E3E518DC1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B1A5D30C-9E70-4E33-8F18-4A34F395DC3E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B37348B7-54F5-452A-B2D7-54EBF0BD3448}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B45B3865-675D-4328-AAC9-D7FA9F82F707}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BA123227-9961-4611-AAC9-178DA33C986D}" = rport=138 | protocol=17 | dir=out | app=system |
"{C907D61A-A1DF-431D-8AEA-4DA25FC3C079}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CDD2E728-92A3-4D21-8FDD-25A0FB6DE23B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D0194CE9-8D36-47E1-BA5E-0A2F61C89E9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D12E63F0-2075-4FDE-9DD7-6202EC317AD5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D553B2E5-DB11-4283-BB6D-AC7A69D345C5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D66FBB32-B9F2-44F0-858D-CF9A0C6D7778}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D7132AD8-E293-45FB-A564-93AA44E0A54D}" = lport=17049 | protocol=6 | dir=in | name=bitcomet 17049 tcp |
"{E4954673-C16D-4DD7-BC02-9E3B6B2079DA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E86EFE49-43E7-401B-9EF0-F829DE994A93}" = lport=17049 | protocol=17 | dir=in | name=bitcomet 17049 udp |
"{E89E97F3-3E73-45B8-A272-9DFA2B7BD5CC}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EC8ACE31-A57D-42A9-BA7C-0DB827C09A31}" = rport=445 | protocol=6 | dir=out | app=system |
"{FF348BDB-ADA1-44D5-8F84-D42430D2AF83}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036EF417-6BCF-4406-B9B9-D9D697450C5E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{03E34C4C-870F-4F84-9693-A5230EFD837D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0584A724-251C-4CAC-AF0D-D9D9854F8E9A}" = protocol=6 | dir=in | app=c:\program files\proxy switcher standard\proxyswitcher.exe |
"{06A2CF36-5F54-40AF-AD8D-54D7D20307B6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0A321C13-F4B3-4098-9D17-3A0CE9D2105F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0CEE6493-3AF9-40BE-B19F-178A1CD4BF2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D6EEE58-5E0B-40C4-841E-42F045AAEF08}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0E8F34D3-FFF4-4AC7-943A-C82E5B53B8A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F3F01E2-D4B7-400F-9ADC-C8D6278C005B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{11057F48-E9AB-443D-8B3D-868B34329BD1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1135B715-7BC6-4008-9807-CB6F2AD69F40}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{12124D8B-D94B-46F7-995E-94ED0CC8B3F1}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{1287A251-0842-42F7-81CF-060E7F575143}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{13546123-3810-49BE-A585-01A906F21480}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13C49F8A-E9A7-4DB9-AB72-525B7489BDA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{149EB22F-DE05-4626-A03E-1BA266882FF9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14F85AFF-A941-4556-A607-F61DA78603D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{194CBB39-C5E0-4E15-9208-4E06F58A2464}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1C77400E-5936-4675-93C6-C4EF3B765088}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E361DC8-FEDF-41A5-9BC9-7FCFFA3AC205}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FA736E0-26FA-468E-BFB2-DD74CA50ED2C}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"{205F2498-F196-483B-B18E-1135C774D626}" = protocol=17 | dir=in | app=c:\program files\proxy switcher standard\proxyswitcher.exe |
"{20EED0F6-5410-4F29-B825-7D1487AE1454}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21DA3B23-EA2B-4EDF-B107-9041C57AF778}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{279B4112-F960-4A6F-A9BD-57DA2857DEA0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29C47345-8212-4D9D-AD53-4C0DF3E191F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29F12636-3E63-4CBF-BC4D-658232AB3D84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FABD79C-6D6D-48C5-9B77-56D9590E9DF8}" = protocol=17 | dir=in | app=c:\program files\12voip.com\12voip\12voip.exe |
"{318DFB2C-EBF1-4A0B-8BA0-9E270DC49EF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31A4E245-9CFA-41AE-996C-2A11D745CFF2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3218BF2E-319A-4184-A228-D33557A3A192}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3665E0AF-E553-4554-B693-43095D3871E1}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{36B89CFF-89E3-4655-9BC1-75CD50580538}" = protocol=6 | dir=in | app=c:\program files\maxthon3\bin\mxup.exe |
"{38E9FD0B-8D24-4174-977D-B89B2CD0AA93}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D37DFA1-3266-4DD8-A86C-E2CA9B64DFBF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3EA8F937-369B-41E3-8F81-FF6D3E027F7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{403CF5C2-CD61-4607-A104-890A188E54AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45CA363A-FD35-448C-B97F-A7DE16C951E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{46F0073E-1B02-4FAA-AC33-4C287441596C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{475F2468-0916-4ADD-9699-9733A937637D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{47DCE1FF-C8A3-4ACA-A47F-351913A33915}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4BF3C2EA-AAF5-4540-88C2-06BF74B0E49C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E5AA082-0DA0-4FD0-84B9-010A13766F09}" = protocol=17 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{4EB8E8EF-A7C6-4A46-B2E7-31DF12ED957F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4FE8E832-4566-4312-80C9-89099BEE4C79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{51B47E81-8E71-484E-8CFD-8B72C4280496}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{526C9851-5C17-4FC2-AECA-C189A0AB2EBC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52EE97CC-B539-41CF-B410-3A27F9F3897B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5885301D-92D3-4BC8-98ED-FEA650796A36}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{59CB9121-B0A3-426A-8A1F-041408AD24CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A2660C2-6FAC-435B-8D9F-32FABF7475D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C8B20A2-7B41-4EDD-8AD6-67300288DA7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5CF3BFDA-1B66-4687-8B8A-75FFC4F5B073}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6200EE29-FACF-43E4-92CD-6138E49E0A9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{632301BA-54FF-49E3-AB79-D6CB60648E03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6418A208-9D21-4937-8D98-BC4DDFD8D2F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64753386-B50D-4D01-8555-78477A85E6FD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{683CE358-59DA-4FC8-94D6-6A0FE07CB811}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{68C66D7B-CC2F-486C-B15A-01A695324A4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{69CC337D-7F81-470A-AB26-29D1183BB4AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6AA8870D-C264-4594-AD30-C32DC5936A67}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6E5F9ECB-3AA9-438D-AA37-DEB7A51D2F7B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6EDFBE77-EB2E-4D33-82F7-A32263941917}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F0BB2D6-B8BF-4769-ABA7-95BCB30B2869}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70385343-0BE4-4188-B621-AF7A3F96D5FA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{703EB2EB-A55E-4970-9A69-C13F75644AF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{704BE602-B7C9-4A63-99DE-D41F929C119B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70CDE0F3-472F-4885-95AE-655928C8947C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71A9A979-77CD-4ED4-AEE5-1215939683B3}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{7391DB59-4E77-489A-B0A2-08F492CC887B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73D7841A-C68B-48FB-A567-BB8EDDC928E5}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{7498C165-2C0C-4B56-88ED-194AD5C53026}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75DA9FB0-6868-4B3A-8875-1A9DC9B67E00}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{76E28746-016D-4386-BC83-9CD8EE72F339}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{773E1EA4-D909-4502-8F3F-5180F54E83A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{786C538B-C49E-4E35-990D-F9E86AD47B0D}" = protocol=6 | dir=in | app=c:\program files\12voip.com\12voip\12voip.exe |
"{798708C0-8EBE-4564-AA13-B55290DE4DDF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B5A408E-5C9F-46A8-BF25-BD01AD851127}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7B7EE53F-3494-4DCE-BC2E-0BFEF8017699}" = protocol=6 | dir=in | app=c:\program files\mcafee\managed virusscan\agent\myagtsvc.exe |
"{7D2ABF1C-D5EE-406C-891F-F2AE908FF022}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D6C1D9F-21F9-45B7-9D92-F4C720E71B66}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7E2753AD-6FF2-4EF7-9F55-52B0CC3E6DE3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80CF648D-46F9-49E5-B4D7-A7800442BD99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83745185-7450-46D8-9B3D-232410E41726}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83F96C0D-C3D7-4C8F-89E8-A2BDB2E6A3A0}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{8901CE3F-6B99-45B0-8C2C-CDB26203F407}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{8956E042-3B81-48A2-B649-5B0C68D3A2BB}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\umi.exe |
"{89CCF46E-AEF7-4F3A-999C-1460538DD089}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A0C785E-279F-4E78-8996-028D4C641E30}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A64E0B8-4039-410F-8BEF-9D95ADD382A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C443270-59B8-491E-9FC4-8ACE273EE303}" = protocol=17 | dir=in | app=c:\program files\maxthon3\bin\maxthon.exe |
"{8D89140B-ABBA-4D1C-AD75-05FB301C04FA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FFCE6F1-07FC-4E7D-96EB-1F6F71573FE5}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{90EB9DE7-7FF0-4139-826F-156EA74183D1}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{91DE1C4E-951E-41BC-95AB-DB34D58E4987}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{943A9E00-94C8-4B49-A9DC-1A80E90A73C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9585826A-4DE1-4B11-A4B1-93C90B1F8A90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{95CDB351-079A-40B5-BC03-D5B84D4A01EE}" = protocol=6 | dir=in | app=c:\program files\maxthon3\bin\maxthon.exe |
"{99F4C92C-2217-4E19-86DB-7E3CB6E01129}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9B485CD2-7EAB-4721-8A95-969C7D933A6A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DB89AA4-877A-4067-8C1D-8AD9C37D01B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9E694608-9614-4801-9DD7-81921E8BCDF4}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{9F1F4252-413A-4325-9B77-D46B32311B27}" = protocol=17 | dir=in | app=c:\program files\maxthon3\bin\mxup.exe |
"{9F25CAAC-9CB6-4E4E-AF22-B6D03F98BE3A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A09210EB-CFDD-47A9-A6F2-92100D2EE539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A850E913-F325-4D5C-AFDD-D69D54AE889E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A95ECB14-87B9-4CF7-8BC8-70553B98FC90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB1EF581-F4D6-4A2B-A177-CBE3F601A8F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2F0C548-946F-48FF-B8A9-2B42A9D1A433}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5FC4673-3ABE-4E09-88AE-660F3658FB44}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B716C99C-35CD-4263-BA7D-D66889D6D155}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{B72D2970-8CE3-4582-91A8-309765D87A89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B81744F8-B63E-4669-89A6-4408EED8DD38}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B8E781BE-539E-4BF5-AD0F-2FCD1B99DC33}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA420336-93B3-4272-845A-056728E0F747}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC0E76B2-6B9A-4378-B374-9AF32D909282}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC233848-0603-4156-B643-079CAA56229E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC55C522-7005-4774-AA0F-224BABDF80BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC6734FA-7FB1-467F-AA4F-82140EACA704}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{BD060CC9-20A1-41D1-8701-99D1FF288FB0}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{BF044642-61A7-431B-809D-6E417CB27F27}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF536ED1-12AA-4B95-8809-287C41DBF355}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BF755BB4-9423-42DD-846A-BD949FD579F1}" = protocol=6 | dir=in | app=c:\program files\pinnacle\studio 14\programs\rm.exe |
"{C062BD07-B0CF-4CC8-8BD1-98D039E092D9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{C234919E-E1E6-4EFF-82CD-54D56F92371E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C37C9202-0A47-4312-BD9B-399557082B29}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C3CF4A6D-9903-4DC3-8C19-60C05A98B222}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3E874C2-09D9-466F-BEB0-D36C132EE8AF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C49E5A3C-CE02-4D16-9656-A8D2C88EA868}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C636DB30-D072-47C9-B536-DBB439341545}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{C77501AD-037C-42A8-92FD-E4DB60D563E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB618A85-F8CA-4353-89AE-9AEEBDAE3F03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB68A886-D8FA-4025-BFAC-EC70964328FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CCBFF365-8046-4067-AB41-48BDA2E72C67}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD900016-5B7F-4808-BCF3-C91323B6D11A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDB5AE7D-EDB4-4FD1-8CEB-BD8F6B44B4EF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE44D615-FCCA-477E-BD4C-14DC612ACAF0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CEBAF201-8F5F-4393-B320-DBE3B41BEC6B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF3D25D4-9C11-49AF-BAD4-D323E57D2B18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFC89395-DD44-48ED-9A89-394B9E69524B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D11AF903-E6F6-415F-83EC-5A6098C09613}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2018D6A-22F8-4B7F-9FAC-40F0C2D246EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D6A9913F-3A1B-4310-B5DA-8397B63CB1D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7977D3E-3008-43C5-9FE3-5B4D27D533B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8124657-8E06-428B-AB87-64E1B526ADB2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D96E8614-5E12-4C90-8918-9A0125B5AC80}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DCC998F1-25B2-4273-B528-BEB91989E60F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DCD37C1D-47DD-48AD-B54C-DAF7A3499932}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD00834B-9389-495B-BC92-3631028A97D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDB3A462-6789-4A04-9DB9-2590DF259B43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF2FD887-7C5B-404B-B8FF-1F294D74396F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E042A88C-DC98-4943-9AA3-5B820C5948EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1ACF5C8-EFB5-439A-BCD8-34AED423FF57}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E1B9C7AD-8FBB-42C1-BB06-BBF1026B4513}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E24BCF86-BD15-49A6-90A0-21DC48684678}" = protocol=17 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{E27B15F9-76E2-4DED-963F-B17772D0E8D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E2A3E22B-42ED-497D-AE9C-BBE9AB1C1491}" = dir=in | app=c:\users\uzivatel\appdata\roaming\awrepi\voweeql.exe |
"{E3588763-2CD1-4A45-AE75-76A0F4CCFCE2}" = protocol=6 | dir=in | app=c:\program files\icq7.7\icq.exe |
"{E4143E30-3070-4BD7-AD96-14ACAA072B0B}" = protocol=6 | dir=out | app=system |
"{E5B882E8-316C-4DEF-931C-3B70B9C0D691}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6866E12-218E-4D27-A83C-9CCCCB049713}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6DA886C-E0B0-45F5-9DA9-CC6D86A5DAB1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED7A9DA6-B76D-4459-A193-5942B7931166}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDFB6A9B-FD59-4FF7-8064-DA946B20D4E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EF99691D-6995-4DD8-AD44-DC59518DAAC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4ECF77F-5BDA-49F1-A9EF-66300384CAAD}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{F609E0A2-534C-4FBB-BCE3-303B5C49601A}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{F7957EF8-B5C0-4888-87DF-6546A588D01E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA7CD9DF-DB17-4DF5-80BE-4B52E88F9224}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB74E51D-29AB-4725-82A1-EF85AF9B122A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC23EAA8-46C2-41C7-A4AB-9FD318BC8EF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC9758FF-7426-41E7-BED1-9130AD0E1FBD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCCC9980-36E0-4065-AB05-D592AF2691D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FCFF1536-3EC2-4014-93C3-89D6772EE4EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF2B58C5-2A48-4FA1-83F0-5616EE77371E}" = protocol=17 | dir=in | app=c:\program files\pinnacle\studio 14\programs\studio.exe |
"TCP Query User{21234FF1-7E29-44A8-842C-D8C5939BB697}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{22F93773-AB7C-4F72-AACF-AFDBF3AA4DC8}C:\users\uzivatel\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=6 | dir=in | app=c:\users\uzivatel\appdata\local\temp\cprogram filesopera\operaupgrader.exe |
"TCP Query User{3CDC17B4-7683-4C3B-B4F7-63C9B2F223C1}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{419DBA48-2F46-4985-BBA1-0552A2A0F34D}C:\program files\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"TCP Query User{4D8D6D6D-F036-46C9-A92C-D9B149B8BF9E}C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{5C280F5C-A959-4D4E-958A-1D9C0A2FEA73}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5E10D6FB-1DFF-49AC-B774-4A71EED0E087}C:\program files\martview\ieembed.exe" = protocol=6 | dir=in | app=c:\program files\martview\ieembed.exe |
"TCP Query User{633243CF-D43A-4A97-9A46-B0DCA53AEBE5}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{7F0B998D-BB87-4EF2-AF0C-133DD4906261}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{8741AFAE-E353-4701-A486-F646FA822388}C:\program files\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe" = protocol=6 | dir=in | app=c:\program files\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe |
"TCP Query User{88D257AC-1603-4251-8B8E-051436F6A67A}C:\program files\active webcam\webcam.exe" = protocol=6 | dir=in | app=c:\program files\active webcam\webcam.exe |
"TCP Query User{8BD64E49-92E4-45A8-86B7-21EF0E6E5EE5}C:\program files\sony\vegas pro 9.0\vegsrv90.exe" = protocol=6 | dir=in | app=c:\program files\sony\vegas pro 9.0\vegsrv90.exe |
"TCP Query User{A285F901-C7E0-47D6-B478-72C2A6D09777}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{A79D63D7-4213-4C5A-927C-E62765DFCC8E}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{B92179BA-658D-499A-965F-337727424956}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{BF89282A-D65C-451C-9656-761ABF096A33}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{C2D25EC4-A839-4047-B383-D677E614F511}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{DEAE0A7F-BD28-4169-9558-1EDB5180082A}C:\program files\pspvc\pspvc (server).exe" = protocol=6 | dir=in | app=c:\program files\pspvc\pspvc (server).exe |
"TCP Query User{F99CC9D8-1A67-4262-B616-154322B890B7}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{08312B01-BE79-4B5C-8349-D30C1A141D86}C:\program files\active webcam\webcam.exe" = protocol=17 | dir=in | app=c:\program files\active webcam\webcam.exe |
"UDP Query User{15E56EC7-E780-400B-992C-486426323CB4}C:\program files\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe" = protocol=17 | dir=in | app=c:\program files\gomez\gomezpeer\agents\gozilla\runtime\gozilla.exe |
"UDP Query User{195573E3-8893-4031-AB2B-EB043E03F3C9}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{26AE9EC4-00AF-4FD8-8B70-94772F80ADF1}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{3C61A67F-0E6B-4694-9E92-87ADB056E2F3}C:\program files\sony\vegas pro 9.0\vegsrv90.exe" = protocol=17 | dir=in | app=c:\program files\sony\vegas pro 9.0\vegsrv90.exe |
"UDP Query User{40F735B0-F036-47B2-BED0-A08AF7894519}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{43698607-78C9-4DAC-82E5-4302F2FF5D62}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{50299996-04FB-4479-8C46-A94ABBECFBEA}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{5795E16B-3C11-44E1-B103-5427B96137EC}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{57C8A186-D17A-4AB5-B239-D05A3A0905A8}C:\users\uzivatel\appdata\local\temp\cprogram filesopera\operaupgrader.exe" = protocol=17 | dir=in | app=c:\users\uzivatel\appdata\local\temp\cprogram filesopera\operaupgrader.exe |
"UDP Query User{628BD9D7-A94E-4EA3-B97F-822CCB5D1048}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{7B8B6B78-6BB8-4724-BEAA-AD7E700A062D}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{87DF69A5-6A24-4F6F-9953-CC6B823127B1}C:\program files\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files\orbitdownloader\orbitnet.exe |
"UDP Query User{8F36E825-8D67-4944-A45E-EDF3FE9146F3}C:\program files\pspvc\pspvc (server).exe" = protocol=17 | dir=in | app=c:\program files\pspvc\pspvc (server).exe |
"UDP Query User{92533E8B-ABA3-4612-8671-7DD110A73852}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{A0E72DAA-5752-42E2-A628-EB754345C9DF}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{ABE5AD0E-55A0-487D-81F9-1947E3A0815B}C:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\uzivatel\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{CFE010C6-8BE4-458E-ABC0-53A9AEA9B62E}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{FAF321B7-0BF5-4E89-88CD-B97117A57CDB}C:\program files\martview\ieembed.exe" = protocol=17 | dir=in | app=c:\program files\martview\ieembed.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{085A087C-8559-AC21-F988-9B885923B58B}" = CCC Help Japanese
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC3
"{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = The Sims™ 3 Master Suite Stuff
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17BDCAD2-39E2-A44B-CDCA-6854FA71421E}" = Catalyst Control Center Localization All
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D7DBD8E-4E22-B307-81F4-D55080B16FC7}" = ccc-utility
"{1EE9BBA1-312F-4EC0-9DEA-A8FE22BBABAA}_is1" = 20Dollars2Surf 1.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{31D9C74D-CD7A-4215-B1E4-DF8099AEA997}" = Catalyst Control Center - Branding
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{37D6F9FA-A5F2-3040-AF7B-78BE92957D89}" = CCC Help Thai
"{38CA1644-39F5-44EB-F200-DFC6C5E9C5A8}" = CCC Help Chinese Standard
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D833CF3-A3AE-2863-584B-3AD3A0D70981}" = CCC Help Russian
"{4E868D3D-6EEB-4273-926C-2287236B5B79}" = 3DVIA player 5.0
"{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}" = HP Support Assistant
"{511376F5-7E5A-4EC9-B603-193B1D425BC3}" = HP ESU for Microsoft Windows 7
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{52AD35F5-FDA6-6E74-27E4-5EC2BD8A8B29}" = CCC Help Korean
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{562817EC-0640-4947-9513-570A53D55877}" = Grey's Anatomy
"{565AEE5D-35E5-0A21-02E2-3DC8CEA652FB}" = Catalyst Control Center Graphics Light
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57115A63-203E-8864-8951-4D5864D23956}" = CCC Help Norwegian
"{572964E9-BE64-1F57-B672-4D2B7595FAA1}" = Catalyst Control Center Graphics Full Existing
"{5AE47629-FA38-4747-4CEA-1DD2983FA8BF}" = CCC Help German
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{5C648FDB-0138-4619-B66E-230EF53E8E2C}" = The Sims™ 2 Pro Teenagery Kolekce
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5E984B44-B441-5361-B00B-91441EE7B5B4}" = CCC Help English
"{602C75D1-0C09-D216-D83D-F3126AC24A27}" = CCC Help French
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61356085-6C51-4DC9-99E6-33ED72304690}" = OmmWriter
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{6E17F9751-F056-4335-B718-8AF1B1092AFB}" = The Sims™ 2 IKEA® Domov Kolekce
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = The Sims 2
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7197B8C8-A9CE-4C4C-88E4-32D4ADB59214}_is1" = v1.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76AF1F61-BB44-4694-A0EA-C6830C8BEF41}" = HP Software Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{770D3BDC-19D7-49D0-B60B-C5BB77553FBB}" = Topaz Fusion Express 2
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B20C1C7-2766-DDB8-A02E-D6F9C7341864}" = CCC Help Finnish
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7EFEE754-EA7D-A79B-8DDA-65CADCAF1AB4}" = Catalyst Control Center InstallProxy
"{7FFAA34E-0AA6-BF03-D37C-7AC5C380CF2F}" = CCC Help Chinese Traditional
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{805F8590-510E-74AD-FC88-ADE4224B8854}" = CCC Help Polish
"{8117EA22-035F-4880-86AE-AC7C4F1FA3E2}" = Topaz ReMask 3
"{816F5E94-B7FE-43EF-B4E6-F22D40A4AFCC}" = HP User Guides 0133
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{853403A9-70A9-2C60-9E74-67BDC650E820}" = Catalyst Control Center Core Implementation
"{85E00941-FDFF-4796-A3B8-3ACC766FFCA5}" = Topaz Clean 3
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87CA636B-85B8-4611-A81D-F97E71024AFD}" = HP Common Access Service Library
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = The Sims™ 2 Volný čas
"{8A75B387-6A34-7FBE-3512-89809AF89524}" = CCC Help Hungarian
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E9976D2-E563-43DE-A51F-5AEBC38D1F08}" = Ad-Aware
"{8F0EDF80-31C2-FA10-DEE8-BD435A5F7D61}" = ATI Catalyst Install Manager
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 13.01.13
Prihlásený: 22.01.13
Príspevky: 21
Témy: 1 | 1
Napísal autor témyOffline : 16.01.2013 21:53 | Avast pri pokuse o odstránenie malware zamrzne

pokračovanie

"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96FE1BDC-6A66-470B-86A9-75A2966C92BF}" = TitleExtreme
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9E4FC4A7-E9E1-1EF1-104B-ECFB738A1824}" = CCC Help Italian
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{9EE30AB4-1D07-7C32-106D-7AE7CEEFD1EC}" = CCC Help Spanish
"{A20A58C4-6784-4B4B-86CC-94E2E3671051}" = Nero 7 Ultra Edition
"{A45AF5E2-3648-EA45-2A62-C3EA975D57D9}" = Catalyst Control Center Graphics Full New
"{A657B744-4F40-6973-D177-5FD028712702}" = ccc-core-static
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AADD1C8F-D59F-4D55-A726-768C71A205A8}" = Pinnacle Studio 14
"{AC76BA86-7AD7-1029-7B44-A95000000001}" = Adobe Reader 9.5.1 - Czech
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = The Sims™ 2 Život v bytě
"{B7EB8FB7-F89E-480B-952D-813F413653BE}" = Topaz B&W Effects
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BA728FCC-0B8C-6F7F-B29C-583829D1E8BB}" = CCC Help Dutch
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C09F1573-6262-47F2-8B90-5B2290A58B12}" = MAGIX Speed 2 (MSI)
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C57869EA-8211-40A8-BF0C-EE16485BF824}_is1" = Revelation Natural Art verzia 1.5
"{C921D7C4-24D7-4210-AEE9-DFC5DDC78428}" = Topaz Detail 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}" = HP Setup
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D41922D2-8272-48EE-B863-BE7EFF34A362}" =
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{D796ABCD-73D4-F18D-CF80-9BA1BE403933}" = CCC Help Swedish
"{D858827F-DF38-4D1B-8D1A-C821C2A6C646}_is1" = Any Game Starter 3 Version 2.6
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}" = COWON Media Center - jetAudio Basic VX
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = The Sims™ 2 Roční období
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48D0275-B2E0-C879-4B86-506757A16DC7}" = CCC Help Turkish
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}" = Windows 7 Default Setting
"{E9B0164A-27EA-4C31-5526-867C6882B60D}" = CCC Help Czech
"{EA891D60-C20D-03C4-88CB-E4597A1753AA}" = CCC Help Portuguese
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = CPQ Wallpaper
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3818CCA-B7E4-2B53-F86E-2D4F195F66F3}" = CCC Help Danish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = The Sims 2 Noční život
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"AnyGameStarter_is1" = AnyGameStarter
"avast" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"CEP - Colour Enable Packages_is1" = CEP (Color Enable Package) v.9.2 (beta)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DVDFab 8_is1" = DVDFab 8.0.0.5 (MATOZ REPACK)
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Freecorder4.1" = Freecorder
"HijackThis" = HijackThis 2.0.2
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.0 (Basic)
"LSI Soft Modem" = LSI HDA Modem
"Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas
"MAGIX Screenshare UK" = MAGIX Screenshare
"MAGIX Screenshare US" = MAGIX Screenshare
"MAGIX Speed burnR UK" = MAGIX Speed burnR
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.70.0.1100
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MixPad" = MixPad Audio Mixer
"Mozilla Firefox 18.0 (x86 sk)" = Mozilla Firefox 18.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NewBlue Art Blends 2.0 for Vegas" = NewBlue Art Blends 2.0 for Vegas
"NewBlue Art Effects 2.0 for Vegas" = NewBlue Art Effects 2.0 for Vegas
"NewBlue Film Effects for Vegas" = NewBlue Film Effects for Vegas
"NewBlue Motion Blends 2.0 for Vegas" = NewBlue Motion Blends 2.0 for Vegas
"NewBlue Motion Effects 2.0 for Vegas" = NewBlue Motion Effects 2.0 for Vegas
"Opera 12.12.1707" = Opera 12.12
"PDF Complete" = PDF Complete Special Edition
"PhotoScape" = PhotoScape
"PluginPac" = DebugMode PluginPac (remove only)
"PROHYBRIDR" = 2007 Microsoft Office system
"PSPad_is1" = PS Pad
"QUICKfind" = QUICKfind server v1.1
"SoundTap" = SoundTap Streaming Audio Recorder
"Speccy" = Speccy
"SpiceMASTER 2.5 PRO for Vegas" = SpiceMASTER 2.5 PRO for Vegas
"Switch" = Switch Sound File Converter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Topaz B&W Effects" = Topaz B&W Effects
"Topaz Clean 3" = Topaz Clean 3
"Topaz DeNoise 5" = Topaz DeNoise 5
"Topaz Detail 2" = Topaz Detail 2
"Topaz Fusion Express 2" = Topaz Fusion Express 2
"Topaz ReMask 3" = Topaz ReMask 3
"Uninstall_is1" = Uninstall 1.0.0.0
"uTorrent" = µTorrent
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"WavePad" = WavePad Sound Editor
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-337455947-473087927-4221467448-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"PhotoFiltre" = PhotoFiltre
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/15/2013 12:09:51 PM | Computer Name = uzivatel-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: PSPAD.EXE, verzia: 3.2.0.950, časová značka:
0x2a425e19 Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód
výnimky: 0x00000000 Odstup chyby: 0x00000000 Identifikácia chybného procesu: 0x1088
Čas
spustenia chybnej aplikácie: 0x01cdf33abdf5387f Cesta chybnej aplikácie: C:\Program
Files\PSPad\PSPAD.EXE Cesta chybného modulu: unknown Identifikácia hlásenia: fd5c8376-5f2d-11e2-91d7-18a9058a09ae

Error - 1/15/2013 12:13:04 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/15/2013 12:13:05 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/15/2013 4:01:40 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/15/2013 4:01:40 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/15/2013 4:10:39 PM | Computer Name = uzivatel-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: PSPAD.EXE, verzia: 3.2.0.950, časová značka:
0x2a425e19 Názov chybového modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód
výnimky: 0x00000000 Odstup chyby: 0x00000000 Identifikácia chybného procesu: 0x5d8
Čas
spustenia chybnej aplikácie: 0x01cdf35c6288bfaa Cesta chybnej aplikácie: C:\Program
Files\PSPad\PSPAD.EXE Cesta chybného modulu: unknown Identifikácia hlásenia: a11e9185-5f4f-11e2-b455-18a9058a09ae

Error - 1/15/2013 4:13:43 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/15/2013 4:13:43 PM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/16/2013 9:54:16 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 1/16/2013 9:54:17 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ Hewlett-Packard Events ]
Error - 5/4/2011 6:50:26 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 5/4/2011 6:50:32 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Exception has been thrown by the target of an invocation. mscorlib

at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)

at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)

at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.

Error - 11/9/2011 8:03:56 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 11/16/2011 8:10:09 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 1/18/2012 7:55:43 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 2/15/2012 7:56:16 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 3/14/2012 7:48:51 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 3/14/2012 7:49:48 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Exception has been thrown by the target of an invocation. mscorlib

at System.RuntimeMethodHandle._InvokeMethodFast(Object target, Object[] arguments,
SignatureStruct& sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)

at System.RuntimeMethodHandle.InvokeMethodFast(Object target, Object[] arguments,
Signature sig, MethodAttributes methodAttributes, RuntimeTypeHandle typeOwner)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr,
Binder binder, Object[] parameters, CultureInfo culture, Boolean skipVisibilityChecks)

at System.Delegate.DynamicInvokeImpl(Object[] args) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Object
reference not set to an instance of an object.

Error - 7/11/2012 5:56:33 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.AnimatedRenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


Error - 8/1/2012 11:04:51 AM | Computer Name = uzivatel-PC | Source = Hewlett-Packard | ID = 0
Description = sk-SK Object reference not set to an instance of an object. HPSF at
HPAssistant.Pages.MaintainAnalyzing.MaintainAnalyzing_Unloaded(Object sender, RoutedEventArgs
e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object target, RoutedEventArgs
routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object source,
RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject
sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs
e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,
RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastUnloadedEvent(Object
root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()

at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object
resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object
resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate
callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)


[ Media Center Events ]
Error - 4/20/2010 10:49:42 AM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 16:49:42 - Chyba pripájania na Internet. 16:49:42 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 10:50:19 AM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 16:50:12 - Chyba pripájania na Internet. 16:50:12 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 11:53:21 AM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 17:53:20 - Chyba pripájania na Internet. 17:53:20 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 11:53:57 AM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 17:53:50 - Chyba pripájania na Internet. 17:53:50 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 1:25:52 PM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 19:25:52 - Chyba pripájania na Internet. 19:25:52 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 1:26:30 PM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 19:26:21 - Chyba pripájania na Internet. 19:26:21 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 2:59:43 PM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 20:59:43 - Chyba pripájania na Internet. 20:59:43 - Nebolo možné
spojiť sa so serverom..

Error - 4/20/2010 3:00:18 PM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 21:00:12 - Chyba pripájania na Internet. 21:00:12 - Nebolo možné
spojiť sa so serverom..

Error - 4/25/2010 12:29:32 PM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 18:29:29 - Nepodarilo sa načítať položku MCEClientUX (chyba: The request
failed with HTTP status 503: Service Unavailable.)

Error - 5/2/2010 3:01:37 AM | Computer Name = uzivatel-PC | Source = MCUpdate | ID = 0
Description = 9:01:24 - Chyba pripájania na Internet. 9:01:24 - Nebolo možné
spojiť sa so serverom..

[ OSession Events ]
Error - 4/29/2011 5:00:26 PM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/29/2011 5:00:55 PM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/30/2011 11:05:09 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.

Error - 5/20/2011 11:06:29 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.

Error - 6/19/2011 6:15:08 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/8/2011 11:25:19 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/14/2011 3:08:28 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/27/2011 7:29:39 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/30/2011 5:12:34 PM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/14/2011 8:46:26 AM | Computer Name = uzivatel-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 1/16/2013 9:45:33 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Modul WLAN Extensibility Module sa nepodarilo spustiť. Cesta k modulu:
C:\windows\System32\bcmihvsrv.dll Kód chyby: 21

Error - 1/16/2013 9:47:02 AM | Computer Name = uzivatel-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 1/16/2013 9:47:02 AM | Computer Name = uzivatel-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 1/16/2013 9:47:11 AM | Computer Name = uzivatel-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!

Error - 1/16/2013 9:47:14 AM | Computer Name = uzivatel-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 1/16/2013 9:47:14 AM | Computer Name = uzivatel-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 1/16/2013 9:47:19 AM | Computer Name = uzivatel-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby adfs zlyhalo kvôli nasledujúcej chybe: %%2

Error - 1/16/2013 9:47:32 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 0 The details view of this entry
contains further information.

Error - 1/16/2013 9:47:32 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 0 The details view of this entry
contains further information.

Error - 1/16/2013 9:47:32 AM | Computer Name = uzivatel-PC | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = A fatal hardware error has occurred. Reported by component: Processor
Core Error Source: 3 Error Type: 256 Processor ID: 1 The details view of this entry
contains further information.


< End of report >


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 14.09.16
Príspevky: 618
Témy: 2 | 2

Znovu spusť OTL
Do spodného okna skenovanie/opravy (Custom Scans/Repairs) vlož nasledujúce

Kód:
:otl
SRV - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\ldisk.sys -- (ldisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\CFcatchme.sys -- (CFcatchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\uzivatel\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (aszio7kl)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\uzivatel\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
FF - prefs.js..network.proxy.http: "83.157.174.237"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-337455947-473087927-4221467448-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[purity]
[emptytemp]
[resethosts]
[emptyflash]
[Reboot]

Stlač tlačidlo Opraviť (RUN fix)
OTL vykoná prikazy zo scriptu reštartuje sa PC vyskoči log ten sem vlož .


 [ Príspevkov: 36 ] 1, 2


Avast pri pokuse o odstránenie malware zamrzne



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

AVAST mi blokuje URL Malware počas surfovania na nete

v Antivíry a antispywary

4

245

10.12.2013 15:25

Mandy

V tomto fóre nie sú ďalšie neprečítané témy.

Padanie pri pokuse ulozit na disk ?

v Pevné disky a radiče

5

303

02.12.2009 19:57

Tech

V tomto fóre nie sú ďalšie neprečítané témy.

vypina pc pri pokuse o boot windowsu

v Operačné systémy Microsoft

8

567

26.03.2011 21:19

mirom

V tomto fóre nie sú ďalšie neprečítané témy.

FD 1,44 system type(06) pri pokuse nainstalovat SUSE 10.1

v Operačné systémy Unix a Linux

14

596

16.08.2006 10:48

Josko

V tomto fóre nie sú ďalšie neprečítané témy.

NB pri spusteni zamrzne

v Operačné systémy Microsoft

13

920

20.06.2010 17:34

Lowerik23

V tomto fóre nie sú ďalšie neprečítané témy.

Zamrzne PC pri odpájani...

v Operačné systémy Microsoft

2

172

24.02.2010 19:56

centauri

V tomto fóre nie sú ďalšie neprečítané témy.

Pri uploade zamrzne PC

v Siete

2

166

27.08.2012 16:48

Mike_99

V tomto fóre nie sú ďalšie neprečítané témy.

Xubuntu pri štarte zamrzne

v Operačné systémy Unix a Linux

3

285

19.02.2012 14:09

programmer

V tomto fóre nie sú ďalšie neprečítané témy.

Pri prehrávaní zvuku zamrzne Win_XP_Pro

v Operačné systémy Microsoft

6

205

23.08.2008 13:25

FERDA23

V tomto fóre nie sú ďalšie neprečítané témy.

Windows XP zamrzne pri štarte?

v Operačné systémy Microsoft

7

934

30.11.2007 6:43

dsljohn

V tomto fóre nie sú ďalšie neprečítané témy.

pri stahovani sietou pc zamrzne

v Bezpečnosť a firewally

0

361

13.02.2010 13:17

tommy9467

V tomto fóre nie sú ďalšie neprečítané témy.

Pri štarte windows, zamrzne pc.

v Notebooky a netbooky

8

527

07.04.2014 22:25

Johny777

V tomto fóre nie sú ďalšie neprečítané témy.

Tarr chronicles zamrzne pri starte

v Počítačové hry

3

184

17.09.2010 22:25

incredible

V tomto fóre nie sú ďalšie neprečítané témy.

windows xp...zamrzne pri nacitani

v Operačné systémy Microsoft

2

446

15.10.2009 8:32

ac.milan

V tomto fóre nie sú ďalšie neprečítané témy.

Windows 7 zamrzne pri instalacii...

v Biosy a ladenie výkonu

12

2244

11.02.2011 13:42

rix

V tomto fóre nie sú ďalšie neprečítané témy.

windows zamrzne pri nacitavani settingov

v Operačné systémy Microsoft

0

205

21.06.2011 23:42

darkport



© 2005 - 2017 PCforum, edited by JanoF