Prosím o kontrolu logu - prevence+špatný prohlížeč + Vyřešeno

[Asanoth]

========== Files/Folders - Created Within 30 Days ==========

[2013.07.18 18:40:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Asanoth\Desktop\OTL.exe
[2013.07.18 15:27:46 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\Apple Computer
[2013.07.18 12:52:51 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.18 11:43:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.07.18 11:23:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.07.18 11:22:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.07.18 10:20:58 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\Broadcom
[2013.07.18 10:13:45 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\Adobe
[2013.07.18 09:34:41 | 000,559,341 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Asanoth\Desktop\JRT.exe
[2013.07.18 08:14:59 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\yWorks
[2013.07.17 18:32:11 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Asanoth\Desktop\TFC.exe
[2013.07.17 18:15:44 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\Desktop\RK_Quarantine
[2013.07.17 18:15:30 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013.07.17 18:13:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.07.17 18:13:08 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.07.17 18:12:44 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\Programs
[2013.07.17 18:02:46 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\Desktop\Prosím o kontrolu logu -)_soubory
[2013.07.17 18:01:21 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Asanoth\Desktop\mbam-setup-1.75.0.1300.exe
[2013.07.17 16:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Opera x64
[2013.07.17 16:50:14 | 011,587,376 | ---- | C] (Opera Software ASA) -- C:\Users\Asanoth\Desktop\Opera_1216_en_Setup_x64.exe
[2013.07.10 11:37:05 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\.assistant
[2013.07.10 11:33:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QtiPlot
[2013.07.10 10:42:30 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\Opera Software
[2013.07.10 10:42:30 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\Opera Software
[2013.07.10 10:40:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.07.06 20:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
[2013.07.06 11:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gnuplot
[2013.07.05 18:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013.07.05 18:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013.07.04 10:55:15 | 021,717,872 | ---- | C] (Mozilla) -- C:\Users\Asanoth\Desktop\Firefox%20Setup%2022.0.exe
[2013.06.29 13:08:34 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\xm1
[2013.06.28 23:26:12 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker
[2013.06.28 23:26:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
[2013.06.28 19:26:06 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\MiKTeX
[2013.06.28 19:26:05 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\MiKTeX
[2013.06.28 19:21:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
[2013.06.28 19:19:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX
[2013.06.26 17:43:49 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\Documents\EA Games
[2013.06.26 17:37:35 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Local\EA Games
[2013.06.21 13:11:05 | 000,000,000 | ---D | C] -- C:\Users\Asanoth\AppData\Roaming\DownLite
[2011.06.16 11:00:45 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2859.dll
[2011.05.30 14:52:24 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\Asanoth\AppData\Roaming\pcouffin.sys
[2008.08.12 06:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2013.07.18 18:52:44 | 000,555,789 | ---- | M] () -- C:\Users\Asanoth\Desktop\Untitled-1.jpg
[2013.07.18 18:46:11 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 18:46:11 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.18 18:40:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Asanoth\Desktop\OTL.exe
[2013.07.18 18:38:25 | 000,000,438 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2013.07.18 18:37:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.18 18:37:01 | 3054,882,816 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.18 13:32:34 | 000,045,737 | ---- | M] () -- C:\Users\Asanoth\Desktop\Black-Death-(2010,-DVDrip,-ENG).srt
[2013.07.18 09:34:51 | 000,559,341 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Asanoth\Desktop\JRT.exe
[2013.07.18 09:06:47 | 733,239,296 | ---- | M] () -- C:\Users\Asanoth\Desktop\Black-Death-(2010,-DVDrip,-ENG).avi
[2013.07.18 07:32:44 | 000,001,432 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.07.17 23:17:12 | 000,045,891 | ---- | M] () -- C:\Users\Asanoth\Desktop\chat.ods
[2013.07.17 20:22:43 | 000,017,556 | ---- | M] () -- C:\Users\Asanoth\Desktop\Ekonomická bilance.ods
[2013.07.17 18:15:31 | 000,003,017 | ---- | M] () -- C:\Users\Asanoth\Desktop\HiJackThis.lnk
[2013.07.17 18:04:40 | 001,402,880 | ---- | M] () -- C:\Users\Asanoth\Desktop\HiJackThis.msi
[2013.07.17 18:01:31 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Asanoth\Desktop\mbam-setup-1.75.0.1300.exe
[2013.07.17 17:59:35 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Asanoth\Desktop\TFC.exe
[2013.07.17 16:58:31 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.07.17 16:56:49 | 006,505,503 | ---- | M] () -- C:\Users\Asanoth\Desktop\opera.tgz
[2013.07.17 16:53:01 | 000,526,880 | ---- | M] () -- C:\Users\Asanoth\Desktop\osie.zip
[2013.07.17 16:50:20 | 011,587,376 | ---- | M] (Opera Software ASA) -- C:\Users\Asanoth\Desktop\Opera_1216_en_Setup_x64.exe
[2013.07.12 14:36:39 | 000,649,119 | ---- | M] () -- C:\Users\Asanoth\Documents\Fotoškola_ Délka expozice - práce se závěrkou (www.infoglobe.pdf
[2013.07.11 20:47:42 | 002,516,786 | ---- | M] () -- C:\Users\Asanoth\Desktop\IMAG0378m.JPG
[2013.07.11 20:04:53 | 001,576,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.11 20:04:53 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.11 20:04:53 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.11 20:04:53 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.11 20:04:53 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.10 17:10:32 | 000,012,082 | ---- | M] () -- C:\Users\Asanoth\Desktop\Prázdniny.ods
[2013.07.10 11:33:29 | 000,000,825 | ---- | M] () -- C:\Users\Asanoth\Desktop\QtiPlot.lnk
[2013.07.10 11:09:45 | 000,009,588 | ---- | M] () -- C:\Users\Asanoth\Desktop\Movements.ods
[2013.07.10 10:06:07 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.07.10 10:06:07 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.07.10 09:53:47 | 000,110,317 | ---- | M] () -- C:\Users\Asanoth\Desktop\bookmarks.html
[2013.07.09 21:51:20 | 000,055,602 | ---- | M] () -- C:\Users\Asanoth\Desktop\vila.jpg
[2013.07.09 13:05:58 | 002,051,484 | ---- | M] () -- C:\Users\Asanoth\Desktop\Porto Tips and Tricks V3.pdf
[2013.07.08 21:44:09 | 000,002,005 | ---- | M] () -- C:\Users\Asanoth\AppData\Roaming\gnuplot_history
[2013.07.08 20:54:25 | 000,000,052 | ---- | M] () -- C:\Users\Asanoth\Desktop\Graf I.csv
[2013.07.08 17:43:40 | 000,030,860 | ---- | M] () -- C:\Users\Asanoth\Desktop\pg.jpg
[2013.07.08 10:15:33 | 000,158,423 | ---- | M] () -- C:\Users\Asanoth\Desktop\Letenka_faktura.pdf
[2013.07.08 09:43:22 | 000,501,014 | ---- | M] () -- C:\Users\Asanoth\Desktop\01-MEDVED.jpg
[2013.07.08 00:20:06 | 000,005,051 | ---- | M] () -- C:\Users\Asanoth\Desktop\pl.ggb
[2013.07.07 09:05:26 | 004,050,274 | ---- | M] () -- C:\Users\Asanoth\Desktop\obvod1.eps
[2013.07.06 20:45:30 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\yEd Graph Editor.lnk
[2013.07.06 20:21:35 | 000,001,974 | ---- | M] () -- C:\Users\Asanoth\Desktop\Laborky.csv
[2013.07.06 13:43:47 | 000,028,824 | ---- | M] () -- C:\Users\Asanoth\Documents\-
[2013.07.04 10:56:02 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.04 10:55:26 | 021,717,872 | ---- | M] (Mozilla) -- C:\Users\Asanoth\Desktop\Firefox%20Setup%2022.0.exe
[2013.07.04 09:55:36 | 000,113,239 | ---- | M] () -- C:\Users\Asanoth\Desktop\stdpage.zip
[2013.06.28 23:26:12 | 000,000,817 | ---- | M] () -- C:\Users\Asanoth\Desktop\Texmaker.lnk
[2013.06.21 11:59:46 | 000,047,204 | ---- | M] () -- C:\Users\Asanoth\Desktop\math-cry-1366841890.jpg
[2013.06.20 08:28:13 | 077,044,385 | ---- | M] () -- C:\Users\Asanoth\Desktop\čapek.rar

========== Files Created - No Company Name ==========

[2013.07.18 13:31:45 | 000,045,737 | ---- | C] () -- C:\Users\Asanoth\Desktop\Black-Death-(2010,-DVDrip,-ENG).srt
[2013.07.18 11:23:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.07.18 10:14:26 | 000,555,789 | ---- | C] () -- C:\Users\Asanoth\Desktop\Untitled-1.jpg
[2013.07.18 08:25:56 | 733,239,296 | ---- | C] () -- C:\Users\Asanoth\Desktop\Black-Death-(2010,-DVDrip,-ENG).avi
[2013.07.17 18:15:31 | 000,003,017 | ---- | C] () -- C:\Users\Asanoth\Desktop\HiJackThis.lnk
[2013.07.17 18:04:39 | 001,402,880 | ---- | C] () -- C:\Users\Asanoth\Desktop\HiJackThis.msi
[2013.07.17 16:58:31 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.07.17 16:58:31 | 000,000,942 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.07.17 16:56:36 | 006,505,503 | ---- | C] () -- C:\Users\Asanoth\Desktop\opera.tgz
[2013.07.17 16:53:01 | 000,526,880 | ---- | C] () -- C:\Users\Asanoth\Desktop\osie.zip
[2013.07.12 14:32:50 | 000,649,119 | ---- | C] () -- C:\Users\Asanoth\Documents\Fotoškola_ Délka expozice - práce se závěrkou (www.infoglobe.pdf
[2013.07.11 20:47:37 | 002,516,786 | ---- | C] () -- C:\Users\Asanoth\Desktop\IMAG0378m.JPG
[2013.07.10 11:33:29 | 000,000,825 | ---- | C] () -- C:\Users\Asanoth\Desktop\QtiPlot.lnk
[2013.07.10 11:09:43 | 000,009,588 | ---- | C] () -- C:\Users\Asanoth\Desktop\Movements.ods
[2013.07.10 09:53:46 | 000,110,317 | ---- | C] () -- C:\Users\Asanoth\Desktop\bookmarks.html
[2013.07.09 21:50:46 | 000,055,602 | ---- | C] () -- C:\Users\Asanoth\Desktop\vila.jpg
[2013.07.09 13:05:49 | 002,051,484 | ---- | C] () -- C:\Users\Asanoth\Desktop\Porto Tips and Tricks V3.pdf
[2013.07.08 20:54:25 | 000,000,052 | ---- | C] () -- C:\Users\Asanoth\Desktop\Graf I.csv
[2013.07.08 17:43:37 | 000,030,860 | ---- | C] () -- C:\Users\Asanoth\Desktop\pg.jpg
[2013.07.08 10:15:33 | 000,158,423 | ---- | C] () -- C:\Users\Asanoth\Desktop\Letenka_faktura.pdf
[2013.07.08 09:43:21 | 000,501,014 | ---- | C] () -- C:\Users\Asanoth\Desktop\01-MEDVED.jpg
[2013.07.08 00:20:05 | 000,005,051 | ---- | C] () -- C:\Users\Asanoth\Desktop\pl.ggb
[2013.07.07 09:05:26 | 004,050,274 | ---- | C] () -- C:\Users\Asanoth\Desktop\obvod1.eps
[2013.07.06 20:45:30 | 000,000,861 | ---- | C] () -- C:\Users\Public\Desktop\yEd Graph Editor.lnk
[2013.07.06 20:21:35 | 000,001,974 | ---- | C] () -- C:\Users\Asanoth\Desktop\Laborky.csv
[2013.07.06 13:43:47 | 000,002,005 | ---- | C] () -- C:\Users\Asanoth\AppData\Roaming\gnuplot_history
[2013.07.06 13:42:18 | 000,028,824 | ---- | C] () -- C:\Users\Asanoth\Documents\-
[2013.07.04 09:55:36 | 000,113,239 | ---- | C] () -- C:\Users\Asanoth\Desktop\stdpage.zip
[2013.06.28 23:26:12 | 000,000,817 | ---- | C] () -- C:\Users\Asanoth\Desktop\Texmaker.lnk
[2013.06.21 11:59:44 | 000,047,204 | ---- | C] () -- C:\Users\Asanoth\Desktop\math-cry-1366841890.jpg
[2013.06.19 22:46:19 | 077,044,385 | ---- | C] () -- C:\Users\Asanoth\Desktop\čapek.rar
[2012.12.16 11:18:49 | 001,555,048 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.09 19:16:13 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.10.25 23:57:46 | 000,056,424 | ---- | C] () -- C:\Windows\SysWow64\PrxerNsp.dll
[2012.09.21 11:51:33 | 000,026,507 | ---- | C] () -- C:\Users\Asanoth\AppData\Roaming\Comma Separated Values (Windows).ADR
[2012.08.02 09:04:55 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2012.08.02 09:04:02 | 001,362,460 | ---- | C] () -- C:\Windows\SysWow64\ExpansionHD_Firmware.bin
[2012.07.22 12:11:52 | 000,000,030 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.27 11:48:04 | 000,000,018 | ---- | C] () -- C:\Windows\SysWow64\deck.ini
[2012.01.16 20:23:45 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2012.01.16 20:23:45 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2011.12.29 13:49:47 | 000,000,020 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.11.07 15:31:48 | 000,000,306 | ---- | C] () -- C:\Windows\game.ini
[2011.05.30 14:52:24 | 000,093,696 | ---- | C] () -- C:\Users\Asanoth\AppData\Roaming\ezpinst.exe
[2011.05.30 14:52:24 | 000,007,176 | ---- | C] () -- C:\Users\Asanoth\AppData\Roaming\pcouffin.cat
[2011.05.30 14:52:24 | 000,001,167 | ---- | C] () -- C:\Users\Asanoth\AppData\Roaming\pcouffin.inf
[2010.09.07 20:41:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.27 20:45:00 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.08.24 15:04:57 | 000,000,017 | ---- | C] () -- C:\Users\Asanoth\AppData\Local\resmon.resmoncfg
[2010.08.02 09:33:35 | 000,017,408 | ---- | C] () -- C:\Users\Asanoth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.15 21:02:44 | 000,000,604 | -H-- | C] () -- C:\ProgramData\T2
[2010.07.15 21:02:44 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\STLL Notifier
[2010.04.24 09:56:15 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.04.08 19:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2002.08.29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Asanoth\AppData\Roaming\MafiaSetup.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.08.02 09:12:36 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Ableton
[2012.02.19 22:22:27 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Asus WebStorage
[2012.09.30 16:59:48 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\avidemux
[2011.11.30 18:34:22 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Bioshock
[2012.09.21 11:09:34 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Blackberry Desktop
[2010.11.12 20:32:25 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\DAEMON Tools Lite
[2013.07.18 10:16:01 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\DC++
[2013.06.21 13:11:05 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\DownLite
[2013.04.28 14:48:38 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\EndNote
[2010.07.14 22:05:29 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\ESET
[2012.03.14 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\ImgBurn
[2012.05.19 11:21:47 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\LibreOffice
[2012.10.07 13:01:41 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\LimeWire
[2011.03.28 10:46:50 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Miranda
[2012.01.15 20:06:07 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Mp3tag
[2011.08.17 15:53:15 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\My Battle for Middle-earth Files
[2012.09.21 09:07:00 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\MyPhoneExplorer
[2011.06.16 11:08:23 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Nokia
[2011.01.29 14:11:26 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\OpenOffice.org
[2013.07.17 16:59:22 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Opera
[2013.07.10 10:42:30 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Opera Software
[2012.08.02 09:13:36 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\PACE Anti-Piracy
[2011.06.16 11:08:23 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\PC Suite
[2012.10.25 23:58:31 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Proxifier
[2012.09.29 17:51:45 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\REAPER
[2012.09.21 17:33:47 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Research In Motion
[2012.12.14 08:34:33 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Softland
[2012.07.22 23:05:59 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Subtitle Edit
[2012.11.10 21:06:47 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Thunderbird
[2012.11.02 21:09:16 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Trillian
[2012.06.24 13:08:37 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Ubisoft
[2012.11.01 23:28:50 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Ufasoft
[2013.06.30 23:41:06 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\uTorrent
[2012.01.22 19:19:16 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\VitySoft
[2011.05.30 14:52:24 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Vso
[2013.06.29 13:09:56 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\xm1
[2013.07.18 08:14:59 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\yWorks
[2012.05.26 11:45:50 | 000,000,000 | ---D | M] -- C:\Users\Asanoth\AppData\Roaming\Zynewave

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:68B74F5B651BE8DD
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:85AA7074
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:0E08FC17

< End of report >

[Reklama]

[Asanoth]

Extras.txt
OTL Extras logfile created on: 18.7.2013 18:54:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Asanoth\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,79 Gb Total Physical Memory | 2,38 Gb Available Physical Memory | 62,61% Memory free
7,59 Gb Paging File | 5,90 Gb Available in Paging File | 77,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 16,74 Gb Free Space | 14,38% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 19,20 Gb Free Space | 5,77% Space Free | Partition Type: NTFS

Computer Name: ASANOTH-PC | User Name: Asanoth | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- D:\Program Files\Internet\Opera 12_x64\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- D:\Program Files\Internet\Opera 12_x64\Opera.exe (Opera Software)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Internet\Mozilla Firefox 3.6\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Komunikace\Microsoft Outlook\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "D:\Program Files\Internet\Opera 12_x64\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files\Internet\Opera 12_x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\Hudba\Přehrávače\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\Hudba\Přehrávače\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "D:\Program Files\Komunikace\Microsoft Outlook\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
http [open] -- "D:\Program Files\Internet\Opera 12_x64\Opera.exe" "%1" (Opera Software)
https [open] -- "D:\Program Files\Internet\Opera 12_x64\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\Hudba\Přehrávače\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\Hudba\Přehrávače\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0225AE0D-1CA9-4377-B1BF-8CA09AC7F1C9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{05961509-0D8E-4D27-B983-4FF703411FD6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0A0F8117-C31D-42C0-968B-F20F7484056F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0BC73A2F-8C07-4655-AEC2-A96706F16E10}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{14F01CC9-2573-46C3-8803-E9819669DF78}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B0A0AE2-6E71-4366-88CB-E700C3B98635}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2AA245A2-0C8C-48A7-89CF-4ABD50E3C902}" = rport=2869 | protocol=6 | dir=out | app=system |
"{2BA8AB49-8D1B-4538-8625-454949F42696}" = lport=137 | protocol=17 | dir=in | app=system |
"{2E0E78DD-041E-49AA-B52A-E760408954FD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{32970967-73A9-433C-810E-5B0784625508}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4DA6B4BA-E5AC-4221-BE0E-5FE4C3903B7F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{55B9D0D8-8D87-4A81-BCAE-ECFFBF87AFEB}" = rport=139 | protocol=6 | dir=out | app=system |
"{5BB93E14-E014-4AA6-B4C4-A412DD98B833}" = lport=138 | protocol=17 | dir=in | app=system |
"{5BDC6D9A-0285-4F68-A6DB-C96B0DCC986B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{64E311E0-F630-41A9-BEBF-F930C3A4B6D1}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{7AE71DA4-AEC8-4D68-BA0B-B15C27D11F68}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{7E1CD5A0-7907-4423-8C0B-7F83FEDCDC1C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{8B2653DC-63CD-4B76-B713-7A9B9BCC63D2}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{96B7B49C-DF1B-4C0A-98B4-5E43A11C185C}" = rport=138 | protocol=17 | dir=out | app=system |
"{9B74BEB5-BF89-4894-9750-C092F7E90B0D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9EB8C3A6-D096-46CB-9A40-D5B55DEBF471}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A1F40757-0FC5-4470-B7D2-49B24A962640}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A4549482-9733-4161-BEAC-A6729BAA921E}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4EE5996-3CF8-4B9E-9137-0ACC9582BFFB}" = lport=139 | protocol=6 | dir=in | app=system |
"{BAE880DD-0A1E-42AF-BD36-B88CD3300863}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{C2811D1A-1D90-47B7-8F31-ED6F106507A4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C290AF24-5569-4DF4-8DCE-E81736DB3C72}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C7275084-F4ED-4AE3-87E9-39DB0A260115}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D0AE0A98-DDFD-4E7D-A0E9-6E51337B8E75}" = rport=137 | protocol=17 | dir=out | app=system |
"{F1AE7647-0FB9-4582-B42A-E29B5797E429}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC4F1816-9A90-4D75-A48B-D669E153B235}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030D9CE2-DFCD-4399-893E-438B87D78B68}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{03B1563A-2890-4B6B-A45F-456039F55BC0}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{094A487D-63B6-4548-B8A4-4B50973DDAB2}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{0A36BBCA-7777-4AB0-BA0E-0C050FA00035}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0D6DF266-B138-4354-8C0F-862789662130}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicatorcom.exe |
"{1594E2D3-54E2-45A8-98BD-01AB76F0A035}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{15A0831B-7065-43D5-99B3-A61DEF4CBACD}" = protocol=6 | dir=in | app=d:\program files\komunikace\blackberry desktop\rim.desktop.exe |
"{15E9C69E-4FE9-467E-B263-5FAAB894F4CA}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\devicesetup.exe |
"{1A9503A1-6DC7-4E07-9076-9A4F4CC0AA0F}" = protocol=6 | dir=in | app=d:\program files\video\videospin\programs\rm.exe |
"{1CEA5B9F-EC96-4E7C-8052-19177C9B0D8C}" = protocol=17 | dir=in | app=d:\program files\internet\opera 12_x64\pluginwrapper\opera_plugin_wrapper.exe |
"{252C710D-A4A4-4C53-BB32-4DAB03596463}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{25792F31-2CD8-4AFB-B7A6-F4601ADCA2D6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{261619A8-D5FF-4C59-8C69-0706C1139C7B}" = protocol=6 | dir=in | app=d:\program files\p2p\utorrent\utorrent.exe |
"{2CC14931-E802-4508-B991-E5F67C1BF58B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2DC83A6B-200C-42DA-91E4-C67BF7C7BD0D}" = protocol=6 | dir=in | app=d:\program files\internet\opera 10\opera.exe |
"{32C565FE-3800-439E-8BFB-F0936F8CB355}" = protocol=6 | dir=in | app=d:\program files\internet\opera 12_x64\opera.exe |
"{3E427374-ED44-4C22-83E9-C47AFAF3FE48}" = protocol=6 | dir=in | app=d:\program files\internet\opera 12_x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{3EC9FBEB-2BF2-4245-990A-2D4182AB43C6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41A04B78-2CCA-4B79-A466-F3BC482580AF}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{429B2DC7-AF9B-44F5-826A-0AD2C7E83010}" = protocol=17 | dir=in | app=d:\program files\p2p\utorrent\utorrent.exe |
"{441C28D3-7479-468A-8165-428FB45BCEDA}" = protocol=6 | dir=in | app=d:\program files\hry\civilization iv\warlords\civ4warlords.exe |
"{4CC1B138-4813-4991-B382-95FEF17CAE16}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{4D7D8C15-4A83-45AA-AC08-179C79E7B692}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4ECD67DC-BBA4-4B66-AC51-CB1DA2FAE0A0}" = protocol=6 | dir=in | app=d:\program files\video\videospin\programs\umi.exe |
"{56704878-52A2-41E5-908E-FC93D381D06E}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 2050 j510 series\bin\usbsetup.exe |
"{61D860EB-9A18-4377-810D-02A9DBA1A99B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{66EC9862-D176-4802-B6C4-7244389A14DD}" = protocol=17 | dir=in | app=d:\program files\video\videospin\programs\videospin.exe |
"{671CE69B-F89C-4D0E-AAE9-D3567262EA4A}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{699F9484-4AC2-4A36-84BD-913C59557EA3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{6FAEA3E6-5107-4422-95B5-D08DDF334897}" = protocol=17 | dir=in | app=d:\program files\internet\opera 10\opera.exe |
"{76DCC6AC-AF9D-4525-8CF2-98AA370BA6EC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{774EB3E5-C598-4BAF-BB3C-A46AB0B4007D}" = protocol=17 | dir=in | app=d:\program files\hry\civilization iv\beyond the sword\civ4beyondsword.exe |
"{8527221B-AB17-44B8-ACB9-B6CEE4D6A7D7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{87370097-CFD2-48B2-928D-5F8B30485834}" = protocol=6 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_launcher.exe |
"{89771EF7-66C4-4DE3-B3EF-3C2070667CB6}" = protocol=17 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_dx10.exe |
"{899DD19F-2236-4437-AE40-61096C9AE0F3}" = protocol=17 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_dx9.exe |
"{8CED5E03-878C-49A0-B948-2CE3E0EE002F}" = protocol=17 | dir=in | app=d:\program files\video\videospin\programs\rm.exe |
"{980BDAF8-F8D7-4238-ADCB-1FB282BFCC03}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{98EBE1F1-B234-4CDA-AD0D-26157667EC8E}" = protocol=17 | dir=in | app=d:\program files\hry\steam\steam.exe |
"{9E854A51-AC60-4472-8EB2-409C8EFA4F78}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A232D894-18CC-499E-A130-F4E46276EB94}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A2A91A66-8007-4B4A-B6B1-9C8831C96F84}" = protocol=17 | dir=in | app=d:\program files\hry\civilization iv\civilization4.exe |
"{A85E0EFD-8E4A-4383-AD87-EAF4E3A4E892}" = dir=in | app=c:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{A8B02E24-A0D1-483F-8C76-C041533C1E3A}" = protocol=6 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_dx10.exe |
"{AACA0690-4A1C-4E83-8ABB-61952EFF7F3C}" = protocol=6 | dir=in | app=d:\program files\hry\steam\steam.exe |
"{B7AB9618-CFC6-49F7-86E1-73E6ABCF9A03}" = protocol=17 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_launcher.exe |
"{BDC284CA-3CEE-4EB1-89F5-D969F2A9AF31}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{C61B3194-B243-4222-849B-F957464873E2}" = protocol=6 | dir=in | app=d:\program files\hry\assassin's creed\assassinscreed_dx9.exe |
"{C8F3F012-842A-4FA9-9413-DB4A3132D2EC}" = protocol=6 | dir=in | app=d:\program files\hry\civilization iv\beyond the sword\civ4beyondsword.exe |
"{CAB17AB8-5543-4BE6-AB35-333BCF452865}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CF355C6F-2461-4B34-8D66-AA5AA2B92041}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D297B2CD-A01B-41E5-A0AC-5FF25AAA1036}" = protocol=6 | dir=in | app=d:\program files\hry\battle for middle-earth\game.dat |
"{D3541AE0-EFEB-432F-B395-373176887E0A}" = protocol=17 | dir=in | app=d:\program files\internet\opera 12_x64\opera.exe |
"{D443FAA3-9D75-429A-8A39-F8EF2A344FD5}" = protocol=6 | dir=in | app=d:\program files\video\videospin\programs\videospin.exe |
"{D7C213A9-8D18-444A-B783-B420E234A4A8}" = protocol=6 | dir=in | app=d:\program files\hry\civilization iv\civilization4.exe |
"{D9ED5459-F163-469C-AEE5-5734839D4E9D}" = protocol=17 | dir=in | app=d:\program files\hry\battle for middle-earth\game.dat |
"{DC95992A-443F-4DFE-98AC-A9B7F1A1D058}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DF6CDD24-1FBF-40F5-8BDD-936F96408F28}" = protocol=17 | dir=in | app=d:\program files\internet\opera 12_x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{E72A6075-307A-4A6C-A8B5-3ACC159CAD9A}" = protocol=6 | dir=in | app=d:\program files\internet\opera 12_x64\pluginwrapper\opera_plugin_wrapper.exe |
"{E8703DC7-0ACC-4B28-A674-59C32F66DF6E}" = protocol=17 | dir=in | app=d:\program files\video\videospin\programs\umi.exe |
"{ED2C87EC-23B3-4AB5-86FA-D8A7BF9BC807}" = protocol=17 | dir=in | app=d:\program files\komunikace\blackberry desktop\rim.desktop.exe |
"{F839D740-11D1-4E13-8422-348B5770BBBC}" = dir=in | app=c:\program files\hp\hp deskjet 2510 series\bin\usbsetup.exe |
"{FF4067A2-2611-45F5-ACD3-60E6857E72A9}" = protocol=17 | dir=in | app=d:\program files\hry\civilization iv\warlords\civ4warlords.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11098269-77D1-46B3-B66F-9CEC255DA6FC}" = ESET Smart Security
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5F611ADA-B98C-4DBB-ADDE-414F08457ECF}" = Windows Live Family Safety
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{73089240-023C-11E0-9AE3-2BA1DFD72085}" = M-Audio FastTrackPro Driver 6.0.7 (x64)
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{88FD4472-F950-4083-A6FA-A829AC785B04}" = Studie zlepšení produktu HP Deskjet 2050 J510 series
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFA3ECF9-BCCC-4FDE-87E4-AA1D490978AF}" = Ufasoft SocksChain
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8B7EFDF-28EA-4A17-B89A-C03317E3B5CF}" = HP Deskjet 2510 series Basic Device Software
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{D7716C7E-75F1-4C51-A2D5-C6A1E8311D53}" = Základní software zařízení HP Deskjet 2050 J510 series
"{E520AF6F-F5E5-4307-B970-84E3B9B6A2B0}" = Základní software zařízení HP Deskjet 3050A J611 series
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"6DA48AFDE796708D5A4C9121A83E7617A63A9A15" = Balíček ovladače systému Windows - Nokia Modem (10/07/2010 4.6)
"ASUS WebStorage" = ASUS WebStorage
"A-WIN-Extras 8.0.4 2615434_is1" = Mathematica Extras 8.0 (2615434)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Defraggler" = Defraggler
"doPDF 7 printer_is1" = doPDF 7.3 printer
"E5372C32E8562C76C24DBA6525002B1031495F34" = Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.
"Elantech" = ETDWare PS/2-x64 7.0.5.10_WHQL
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MiKTeX 2.9" = MiKTeX 2.9
"M-WIN-G 8.0.4 2615565_is1" = Wolfram Mathematica 8 for Students (M-WIN-G 8.0.4 2615565)
"Opera 12.16.1860" = Opera 12.16
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00476F3E-3C4D-4E02-B8BB-125350157EB9}" = Windows Live Mail
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}" = OpenOffice.org 3.4.1
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C70D19-6DE9-43EF-BFA3-342F4A11B727}" = LibreOffice 3.5
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3A9ECD64-DE00-4779-A89E-C878513B2B37}" = Windows Live Writer Resources
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4216D328-0FE8-48B8-85B8-BD300E6F080F}" = Nokia Connectivity Cable Driver
"{42B6C7E0-0DAE-488D-8DAF-838898102F19}" = Windows Live Writer
"{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}" = EZdrummer
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45BB4322-1037-4E54-9728-1BA5F9B7100F}" = LibreOffice 3.5 Help Pack (Czech)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}" = Windows Live Sync
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = The Saboteur™
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66DB6D91-BF91-480B-933D-7CB8B1E64D74}" = Windows Live Messenger
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}" = Windows Live Essentials
"{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}" = HP Deskjet 2050 J510 series Nápověda
"{7EF15AAF-42AC-4CF6-B4B4-C4F0D1D92122}" = Far Cry (Patch 1.4)
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-1173957}" = Piggly FREE
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117396510}" = Smileyville FREE
"{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}" = BlackBerry Desktop Software 6.0.1
"{86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}" = EndNote X6
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86DDAB11-AC32-45E8-B346-FBEF11F21073}" = BlackBerry Theme Studio 6.0
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8C453F13-6877-4D34-8816-009ABDE306DB}" = Prince of Persia The Sands of Time
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90E00409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}" = Microsoft Games for Windows - LIVE Redistributable
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{95D78710-DEE9-4577-9FC6-35BE431898DC}" = Windows Live Family Safety
"{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}" = JMicron Ethernet Adapter NDIS Driver
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A035950F-15BA-41C0-9D8F-165FC0536012}" = Movie Maker
"{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}" = Fotogalerie
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8E9FAEE-4AC2-4A38-99D9-55D1F26F8163}" = TOEFL Sample Questions
"{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1" = gnuplot 4.6.3
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Czech
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1" = AMR to MP3 Converter 1.4
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}" = PC Connectivity Solution
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}" = EZXDfh
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}" = Prince of Persia T2T
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18F981B-401C-4D90-BC57-D8903564D558}" = Windows Live UX Platform Language Pack
"{E3216948-F211-411C-955E-BCCB5CEA32A6}" = BlackBerry App World Browser Plugin
"{E4DCFD0F-7B68-4C44-B208-99027AD1AC69}" = keFIR VST plugin
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EB91007A-0110-42A6-B869-2709955A9B2A}" = Photo Common
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE5BC0BB-9EDA-423C-8276-48857B735D68}" = Prince of Persia Warrior Within
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F38FD0E4-B991-462B-873D-F2115EADD093}" = Nokia PC Suite
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3309-7404-0599-8908" = yEd Graph Editor 3.11
"Absolute MP3 Recorder" = Absolute MP3 Recorder
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Advanced FretPro" = FretPro V.2.00
"Apollo DVD Copy_is1" = Apollo DVD Copy 4.8.2
"ASUS AP Bank_is1" = ASUS AP Bank
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 1.2.3
"Avidemux 2.5" = Avidemux 2.5
"BatteryMon_is1" = BatteryMon V2.1
"BECHEROVKA MARIÁŠ_is1" = BECHEROVKA MARIÁŠ
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.1
"DC++" = DC++ 0.802
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Flick_is1" = DVD Flick 1.3.0.7
"DVD Shrink_is1" = DVD Shrink 3.2
"EAX Unified" = EAX Unified
"Eusing Free Video Converter" = Eusing Free Video Converter
"Extra Video to Audio MP3 Converter Free_is1" = Extra Video to Audio MP3 Converter Free 4.5
"Finale 2006" = Finale 2006
"Fish Fillets" = Fish Fillets
"FL Studio 10" = FL Studio 10
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Gothic" = Gothic
"Gothic II" = Gothic II
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HandBrake" = HandBrake 0.9.3
"Heroes of Might and Magic III Complete" = Heroes of Might and Magic III Complete
"IL Download Manager" = IL Download Manager
"ImgBurn" = ImgBurn
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"K_Series_ScreenSaver_EN" = K_Series_ScreenSaver_EN
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.3.0
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LimeWire" = LimeWire 4.12.6
"Live 6.0.1" = Live 6.0.1
"Longman Student 3.0" = Longman Student 3.0
"Mafia Game" = Mafia Game
"Machinarium" = Machinarium
"mailFISH POP3/SMTP Proxy" = mailFISH POP3/SMTP Proxy
"MainApp.exe_is1" = CloneDVD 4.1.0.23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Miranda IM" = Miranda IM 0.10.8
"Mortal Kombat Gold (nullDC 1.0.4 emulation)" = Mortal Kombat Gold (nullDC 1.0.4 emulation)
"Mozilla Firefox 22.0 (x86 cs)" = Mozilla Firefox 22.0 (x86 cs)
"Mozilla Thunderbird 16.0.2 (x86 cs)" = Mozilla Thunderbird 16.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.49
"MPE" = MyPhoneExplorer
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA.Updatus" = NVIDIA Updatus
"PDFTools_is1" = PDFTools Version 1.2 (09/28/2006)
"PitchPerfect" = PitchPerfect Musical Instrument Tuner
"Proxifier_is1" = Proxifier version 3.15
"QtiPlot_is1" = QtiPlot 0.9.8.9 demo
"REAPER" = REAPER
"ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
"Rockstar Games Social Club" = Rockstar Games Social Club
"Scorpions WinCheater 2.07 (s databází 114)_is1" = Scorpions WinCheater
"Servant Salamander 2.5 RC2" = Servant Salamander 2.5 RC2
"Sibelius 4" = Sibelius 4
"Spec Ops The Line_is1" = Spec Ops The Line
"SubtitleEdit_is1" = Subtitle Edit 3.2.6
"Supertintin Skype Video Call Recorder_is1" = Supertintin 1.2.0.9
"Syberia 1 1.00" = Syberia 1 1.00
"Texmaker" = Texmaker
"Totalcmd" = Total Commander (Remove or Repair)
"Trillian" = Trillian
"UltraISO_is1" = UltraISO Premium V9.36
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.3
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinX DVD Ripper_is1" = WinX DVD Ripper 4.1.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"dbbdf72d208dcee9" = MIDI File Mapper
"GCalc 3" = GCalc 3
"Mozilla Thunderbird 17.0.7 (x86 cs)" = Mozilla Thunderbird 17.0.7 (x86 cs)
"QIP 2012" = QIP 2012 4.0.8828
"Star Wars Movie Duels 2" = Star Wars Movie Duels 2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.7.2013 7:05:02 | Computer Name = Asanoth-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FBAgent.exe, verze: 1.0.5.4, časové razítko:
0x4b1cb992 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec4b137 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000515b0 ID chybujícího
procesu: 0x588 Čas spuštění chybující aplikace: 0x01ce83a699d5a526 Cesta k chybující
aplikaci: C:\Windows\system32\FBAgent.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: e46ec98f-ef99-11e2-b72a-8d4c76918996

Error - 18.7.2013 9:47:42 | Computer Name = Asanoth-PC | Source = EventSystem | ID = 4621
Description =

Error - 18.7.2013 12:37:40 | Computer Name = Asanoth-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: FBAgent.exe, verze: 1.0.5.4, časové razítko:
0x4b1cb992 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16915, časové razítko:
0x4ec4b137 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000000515b0 ID chybujícího
procesu: 0x594 Čas spuštění chybující aplikace: 0x01ce83d50dfe0a76 Cesta k chybující
aplikaci: C:\Windows\system32\FBAgent.exe Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID
zprávy: 5c8f92b2-efc8-11e2-b1a4-d56791461596

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 10.1.2013 5:25:21 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::getDARTInstallDir File: .\mainfrm.cpp Line: 4618
Invoked
Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: Žádná další
data nejsou k dispozici.

Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: CSocketTransport::connectTransport File: .\IPC\SocketTransport.cpp
Line:
732 Invoked Function: ::WSAConnect Return Code: 10061 (0x0000274D) Description: Nemohlo
být vytvořeno žádné připojení, protože cílový počítač je aktivně odmítl.

Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: CIpcTransport::connectIpc File: .\IPC\IPCTransport.cpp Line:
246 Invoked Function: CSocketTransport::connectTransport Return Code: -31522804 (0xFE1F000C)
Description:
SOCKETTRANSPORT_ERROR_CONNECT

Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: CIpcTransport::terminateIpcConnection File: .\IPC\IPCTransport.cpp
Line:
384 Invoked Function: CSocketTransport::writeSocketBlocking Return Code: -31522783
(0xFE1F0021) Description: SOCKETTRANSPORT_ERROR_NOT_CONNECTED

Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: ApiIpc::initIpc File: .\ApiIpc.cpp Line: 326 Invoked Function:
CIpcTransport::connectIpc Return Code: -31522804 (0xFE1F000C) Description: SOCKETTRANSPORT_ERROR_CONNECT


Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: ApiIpc::initiateAgentConnection File: .\ApiIpc.cpp Line: 238
Invoked
Function: ApiIpc::initIpc Return Code: -31522804 (0xFE1F000C) Description: SOCKETTRANSPORT_ERROR_CONNECT


Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: ApiIpc::run File: .\ApiIpc.cpp Line: 431 Invoked Function:
ApiIpc::initiateAgentConnection Return Code: -31522804 (0xFE1F000C) Description: SOCKETTRANSPORT_ERROR_CONNECT


Error - 10.1.2013 5:25:22 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108865
Description = Function: ClientIfcBase::attach File: .\ClientIfcBase.cpp Line: 502 Client
failed to attach.

Error - 10.1.2013 5:25:26 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108866
Description = Function: CMainFrame::OnCreate File: .\mainfrm.cpp Line: 362 Invoked
Function: The VPN service is not responding or available. Return Code: -33554423
(0xFE000009) Description: GLOBAL_ERROR_UNEXPECTED

Error - 10.1.2013 5:25:28 | Computer Name = Asanoth-PC | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
1086 NULL object. Cannot establish a connection at this time.

[ System Events ]
Error - 18.7.2013 9:09:10 | Computer Name = Asanoth-PC | Source = ipnathlp | ID = 31004
Description =

Error - 18.7.2013 12:37:00 | Computer Name = Asanoth-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\drivers\prodrv04.sys bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 18.7.2013 12:37:34 | Computer Name = Asanoth-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: prodrv04

Error - 18.7.2013 12:37:47 | Computer Name = Asanoth-PC | Source = Service Control Manager | ID = 7034
Description = Služba AFBAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 18.7.2013 12:38:23 | Computer Name = Asanoth-PC | Source = ipnathlp | ID = 31004
Description =

Error - 18.7.2013 12:38:23 | Computer Name = Asanoth-PC | Source = ipnathlp | ID = 31004
Description =

Error - 18.7.2013 12:38:25 | Computer Name = Asanoth-PC | Source = ipnathlp | ID = 34001
Description =

Error - 18.7.2013 12:38:25 | Computer Name = Asanoth-PC | Source = ipnathlp | ID = 30013
Description =

Error - 18.7.2013 12:39:34 | Computer Name = Asanoth-PC | Source = Service Control Manager | ID = 7038
Description = Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s
aktuálně konfigurovaným heslem z důvodu následující chyby: %%1330 Chcete-li zajistit
správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management
Console (MMC).

Error - 18.7.2013 12:39:34 | Computer Name = Asanoth-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{E074CCBE-EE3F-41C5-B467-063D02C07F86}: "URL" = http://search.centrum.cz/index.php?q={searchTerms}&toolbar=centrum-1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}:6.0.32
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2010.07.16 21:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions
[2010.07.16 21:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.07.17 17:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions
[2013.04.24 10:38:25 | 000,066,808 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\beta@linkdiagnosis.com.xpi
[2013.07.17 17:43:17 | 000,009,689 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\info@skymeissner.com.xpi
[2013.06.06 19:06:40 | 000,534,431 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.07.17 17:42:55 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.07.16 21:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions
[2010.07.16 21:51:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2013.07.17 17:43:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions
[2013.04.24 10:38:25 | 000,066,808 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\beta@linkdiagnosis.com.xpi
[2013.07.17 17:43:17 | 000,009,689 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\info@skymeissner.com.xpi
[2013.06.06 19:06:40 | 000,534,431 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
[2013.07.17 17:42:55 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O3 - HKLM\..\Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKCU..\Run: [supertintin_skype] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Value error.)
O18:64bit: - Protocol\Handler\http\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\http\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\https\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\https\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - AutoRun File - [2012.05.28 10:31:06 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2012.05.28 10:31:06 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ]
[2013.07.11 20:04:53 | 000,666,444 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2013.07.11 20:04:53 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.11 20:04:53 | 000,140,108 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2013.07.11 20:04:53 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
@Alternate Data Stream - 24 bytes -> C:\Windows:68B74F5B651BE8DD
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:85AA7074
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:4CF61E54
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2F370DA6
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:115CEE00
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:A724744F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:0E08FC17

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\NIRCMD.exe
C:\Qoobox
C:\Users\Asanoth\Desktop\RK_Quarantine
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\Windows\grep.exe
C:\Users\Asanoth\AppData\Roaming\ezpinst.exe
C:\ProgramData\ezsidmv.dat
C:\Users\Asanoth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\FullRemove.exe
ipconfig /flushdns /c

:Reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AutoUpdateDisableNotify" =-

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\ProgramData\hpe2859.dll
C:\Program Files (x86)\Common Files\CPInstallAction.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

10.100.251.2 85.239.225.194
147.33.226.11 147.33.86.11
znáš ty IP adresy?

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Drive C: | 116,44 Gb Total Space | 16,74 Gb Free Space | 14,38% Space Free | Partition Type: NTFS
Uvolni si nějaké místo na syst. disku ( vždy alespoň 15% volného místa pro chod windows.

[Asanoth]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E074CCBE-EE3F-41C5-B467-063D02C07F86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E074CCBE-EE3F-41C5-B467-063D02C07F86}\ not found.
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 removed from extensions.enabledAddons
Prefs.js: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}:6.0.32 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35 removed from extensions.enabledItems
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28 removed from extensions.enabledItems
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions folder moved successfully.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\beta@linkdiagnosis.com.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\info@skymeissner.com.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
Folder C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\ not found.
Folder C:\Users\Asanoth\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
Folder C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\ not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\beta@linkdiagnosis.com.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\info@skymeissner.com.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi not found.
File C:\Users\Asanoth\AppData\Roaming\Mozilla\Firefox\Profiles\vdgky2ip.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\supertintin_skype deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Office Excel\ deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\Windows\Downloaded Program Files\swflash64.inf moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\0x00000001\ deleted successfully.
File Protocol\Handler\http\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\http\oledb\ deleted successfully.
File Protocol\Handler\http\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\0x00000001\ deleted successfully.
File Protocol\Handler\https\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\https\oledb\ deleted successfully.
File Protocol\Handler\https\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\0x00000001\ not found.
File Protocol\Handler\ipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\0x00000001\ not found.
File Protocol\Handler\msdaipp\0x00000001 - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\oledb\ not found.
File Protocol\Handler\msdaipp\oledb - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-itss\ deleted successfully.
File Protocol\Handler\ms-itss - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File Protocol\Handler\skype-ie-addon-data - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ not found.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ not found.
File Protocol\Handler\msdaipp - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
File not found.
File not found.
C:\Windows\SysNative\perfh005.dat moved successfully.
C:\Windows\SysNative\perfh009.dat moved successfully.
C:\Windows\SysNative\perfc005.dat moved successfully.
C:\Windows\SysNative\perfc009.dat moved successfully.
ADS C:\Windows:68B74F5B651BE8DD deleted successfully.
ADS C:\ProgramData\Temp:85AA7074 deleted successfully.
ADS C:\ProgramData\Temp:4CF61E54 deleted successfully.
ADS C:\ProgramData\Temp:2F370DA6 deleted successfully.
ADS C:\ProgramData\Temp:115CEE00 deleted successfully.
ADS C:\ProgramData\Temp:A724744F deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:0E08FC17 deleted successfully.
File sethosts] not found.
File rity] not found.
File ptytemp] not found.
File PTYFLASH] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07192013_113603

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

________________________________________________________________
https://www.virustotal.com/cs/file/45a2 ... 374226895/
https://www.virustotal.com/cs/file/0fc1 ... 374226938/
________________________________________________________________

Ty první dvě IP mi nic neříkají(ta druhá vypadá povědomě), ale to nemusí nic znamenat.
Druhý řádek vypadá jako proxy server VŠCHT, ale to si nejsem jistý(můžu ověřit až přijedu v neděli na kolej). edit: ano, 147.33. začínají adresy VŠCHT.

________________________________________________________________

Java aktualizována.
Má nějaký význam nechávat víc místa i na nesystémových discích?

[jaro3]

Na nesystémových discích bys nějaké místo měl mít , neměl bys tam mít úplnou nulu volného místa.

Udělej ještě jednou OTL script s tímto:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Windows\NIRCMD.exe
C:\Qoobox
C:\Users\Asanoth\Desktop\RK_Quarantine
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\Windows\grep.exe
C:\Users\Asanoth\AppData\Roaming\ezpinst.exe
C:\ProgramData\ezsidmv.dat
C:\Users\Asanoth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\FullRemove.exe
C:\ProgramData\hpe2859.dll
C:\Windows\wininit.ini
ipconfig /flushdns /c

:Reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AutoUpdateDisableNotify" =-

:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Zkopíruj to celé , je tam vpravo posuvník.

Ty IP adresy , ještě dej vědět.

[Asanoth]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
File sethosts] not found.
File rity] not found.
File ptytemp] not found.
File PTYFLASH] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07202013_084652

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Co se týče IP, tak problém je, že nemám ponětí, jaký IP(kromě tý 147.33) znamenají co a kde by se měly pohybovat.
85.239.225.x jsou registrovaný na ns.netway.cz na Praze 4. Je možný, že je to nějakej původní zprostředkovatel internetu(mám pravidelně UVT Jesenice a tu VŠCHT).
http://db-ip.com/85.239.225.194
Ta druhá je někde z Californie, vůbec mě nenapadá, co by měla znamenat.
http://db-ip.com/10.100.251.2

[jaro3]

Tak ještě jeden script v OTL:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.100.251.2 85.239.225.194
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0859D407-0FF0-4571-A9E2-C41F95BC8276}: DhcpNameServer = 10.100.251.2 85.239.225.194

:Files
C:\Windows\NIRCMD.exe
C:\Qoobox
C:\Users\Asanoth\Desktop\RK_Quarantine
C:\Windows\SysNative\drivers\etc\hosts.ics
C:\Windows\grep.exe
C:\Users\Asanoth\AppData\Roaming\ezpinst.exe
C:\ProgramData\ezsidmv.dat
C:\Users\Asanoth\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\FullRemove.exe
C:\ProgramData\hpe2859.dll
C:\Windows\wininit.ini
ipconfig /flushdns /c

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[Asanoth]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer| /E : value set successfully!
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0859D407-0FF0-4571-A9E2-C41F95BC8276}\\DhcpNameServer| /E : value set successfully!
File rity] not found.
File ptytemp] not found.
File art explorer] not found.
File boot] not found.

OTL by OldTimer - Version 3.2.69.0 log created on 07202013_115626

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Co problémy?

[Asanoth]

Opera pořád žere stejně, ale asi je to holt vlastnost novýho buildu. FF nefungoval asi kvuli špatný komunikaci s proxy, protože jak jsem ve čtvrtek přijel domů, všechno šlo jako na drátkách(pro zajímavost mi předtím vůbec nešel třeba skyscanner).
Co se týče rychlosti chodu/spouštění PC, žádný rozdíl jsem nezaznamenal.
Ještě přikládám log z HJT, ve kterém jsem zatím nic nefixoval:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:41:58, on 21.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
D:\Program Files\Bezpečnost\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vscht.cz:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;*.vscht.cz;*;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\Hudba\Přehrávače\Quick Time 7\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\KOMUNI~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O18 - Filter hijack: deflate - (no CLSID) - (no file)
O18 - Filter hijack: gzip - (no CLSID) - (no file)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\bezpečnostT\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - d:\Program Files\komunikace\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12132 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\Hudba\Přehrávače\Quick Time 7\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O18 - Filter hijack: deflate - (no CLSID) - (no file)
O18 - Filter hijack: gzip - (no CLSID) - (no file)

Spusť OTL a klikni na Vyčisti.

Stáhni si na svojí plochu StartupLite .exe by MalwareBytes

Tento program identifikuje a dává volbu k odstranění nepotřebných položek k vyprázdnění paměti.
Poklepej na ikonu StartupLite.exe (by MalwareBytes ) ke spuštění programu. Ve vistě a windows 7 spusť jako správce (pravým klik na ikonu a vyber-spustit jako správce).Vytvoří se list nepotřebných vstupů po spuštění. Nech všechny položky jako deaktivované a klikni na Continue . Restartuj PC.

Stáhněte si Ads Spy

a spusťte jej. Pokud byste chtěli jen skenovat adresář Windows, pak klikněte na tlačítko System Scan to bude testovat Váš Windows adresář Alternativní souborů datového toku. Ty pak mají možnost vybrat ty, které chcete odstranit, a stiskněte tlačítko „Remove“ (Odstranit). Pokud chcete skenovat celý pevný disk pro reklamy souborů, zrušte zaškrtnutí políčka „Quick Check“ (Rychlá kontrola).

Stáhni si Registry Defrag

na svojí plochu a spusť ho. Program se nainstaluje a potom se spustí.
Zavři si nejprve všechny ostatní programy a prohlížeče a deaktivuj antivir.

Klikni na „Next“.
Program proskenuje registry a vytvoří nový bod obnovy. Poté restartuje PC. Po restartu program můžeš zavřít.

Stáhni Kaspersky VRT
na svojí plochu.
Spusť program Kaspersky VRT, .Program se nainstaluje.
Potvrď licenci a klikni na „Start“ . Pokud program nabídne aktualizaci , klikni dole na na „Download Now“.
- Klikni na ozubené kolečko v pravém horním rohu. V okně vyber kromě již zatržených , svojí jednotku disku , pokud jich máš víc , můžeš zatrhnout všechny.
- zvol „Automatic Scan“ nahoře vlevo. a stiskni tlačítko „Start Scanning“
- Program začne skenovat zatržené jednotky

Zaškrtnuté :
Hidden startup objects
System Memory
Disk boot sectors

Nezašrkrtnuté:
Dokumenty
My email
Počítač
Místní disk C
Místní disk D
Jednotka DVD-Rom (E)
Jednotka BD-ROM (G)
Disketová jednotka
A jiné , např. Flash disky , které máš připojeny.

- povol programu Virus Removal Tool odstranit všechny nalezené infekce
- jakmile sken skončí ,zvol záložku „Report“ , vpravo nahoře (vedle ozubeného kolečka)
- klikni na „Detected Threads“ a klikni na obrázek diskety („Save“)
- ulož do počítače zprávu a vložit ji sem do příspěvku

[Asanoth]

Díky, jen moc nevím, co dělat s tím ADS. Našlo to teda všechny mailový soubory, co mám v počítači, pár věcí na systémovym disku a na druhym disku jedno video(který jsem dělal asi 5 let zpátky), která když jsem dal smazat, tak všechno zmizelo. Vytváří to nějakej log?
Kaspersky nechám proběhnout přes noc, předpokládaná doba trvání je 9 hodin.