Poprosim o kontrolu logu, mierne spomalenie PC

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 18:30

nedavno sa mi spomalil pc, aj nacitavanie windowsu aj spustanie roznych programov....thx =)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:52, on 18. 10. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe

--
End of file - 7932 bytes

Reklama

Damned · Příspěvekod **Damned** » 20 říj 2009 18:42

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 18:54

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 2998
Windows 6.0.6002 Service Pack 2

20. 10. 2009 18:54:27
mbam-log-2009-10-20 (18-54-20).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 89567
Uplynutý cas: 4 minute(s), 29 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 1

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Users\Kobra\AppData\Roaming\Microsoft\winlog.exe (Trojan.Agent) -> No action taken.

Damned · Příspěvekod **Damned** » 20 říj 2009 19:18

Takže spusť znovu MbAM a dej Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Konec

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 19:36

Malwarebytes' Anti-Malware 1.41
Verzia databázy: 2998
Windows 6.0.6002 Service Pack 2

20. 10. 2009 19:35:40
mbam-log-2009-10-20 (19-35-40).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 89567
Uplynutý cas: 4 minute(s), 29 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 1

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\Users\Kobra\AppData\Roaming\Microsoft\winlog.exe (Trojan.Agent) -> Quarantined and deleted successfully.

a na combofix sa hned pustim

ComboFix 09-10-19.04 - Kobra . 10. 2009 19:44.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3070.2073 [GMT 2:00]
Running from: c:\users\Kobra\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\2b402.msi
c:\windows\Installer\68ca23f.msi
c:\windows\system32\sqlite3.dll

.
((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-20 17:50 . 2009-10-20 17:53 -------- d-----w- c:\users\Kobra\AppData\Local\temp
2009-10-20 17:50 . 2009-10-20 17:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\users\Kobra\AppData\Roaming\Malwarebytes
2009-10-20 16:48 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\programdata\Malwarebytes
2009-10-20 16:48 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 18:32 . 2009-10-18 18:32 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-10-18 17:59 . 2009-10-18 17:59 -------- d-----w- c:\program files\Trend Micro
2009-10-17 23:10 . 2009-10-17 23:10 -------- d-----w- c:\users\Kobra\AppData\Local\Monte Cristo
2009-10-17 00:56 . 2009-10-17 00:56 -------- d-----w- c:\programdata\eSellerate
2009-10-17 00:55 . 2009-10-17 01:09 -------- d-----w- c:\program files\NewBlue
2009-10-17 00:53 . 2009-10-17 00:53 -------- d-----w- c:\program files\Pixelan
2009-10-17 00:52 . 2009-10-17 00:52 -------- d-----w- c:\program files\Sonic Foundry
2009-10-17 00:52 . 2009-10-17 00:52 -------- d-----w- c:\program files\Panopticum Lens Pro 3.5 For Vegas
2009-10-17 00:51 . 2004-03-29 13:23 90112 ----a-w- c:\windows\unvise32.exe
2009-10-17 00:31 . 2009-10-17 00:31 -------- d-----w- c:\users\Kobra\AppData\Roaming\Publish Providers
2009-10-17 00:00 . 2009-10-17 00:31 -------- d-----w- c:\users\Kobra\AppData\Roaming\Sony
2009-10-17 00:00 . 2009-10-17 00:01 -------- d-----w- c:\users\Kobra\AppData\Local\Sony
2009-10-16 23:57 . 2009-10-16 23:57 -------- d-----w- c:\programdata\Sony
2009-10-16 23:57 . 2009-10-16 23:57 -------- d-----w- c:\program files\Sony
2009-10-14 23:58 . 2009-10-14 23:58 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-10-14 23:40 . 2009-10-14 23:40 -------- d-----w- c:\windows\system32\drivers\NSS
2009-10-14 23:40 . 2009-10-14 23:40 -------- d-----w- c:\program files\Norton Security Scan
2009-10-14 22:13 . 2009-10-14 22:14 -------- d-----w- c:\programdata\NOS
2009-10-14 22:13 . 2009-10-14 22:13 -------- d-----w- c:\program files\NOS
2009-10-14 22:13 . 2009-09-23 14:37 34112 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-10-14 22:13 . 2009-09-23 14:37 32448 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-10-14 22:13 . 2009-09-23 14:37 22352 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-10-14 21:09 . 2009-10-18 14:14 117760 ----a-w- c:\users\Kobra\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\users\Kobra\AppData\Roaming\SUPERAntiSpyware.com
2009-10-14 21:06 . 2009-10-14 21:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-14 20:57 . 2009-10-14 20:57 -------- d-----w- c:\users\Kobra\AppData\Local\Seven Zip
2009-10-14 20:48 . 2009-10-14 20:48 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-10-14 20:40 . 2009-10-14 20:40 -------- d-----w- c:\windows\system32\Adobe
2009-10-14 18:58 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 18:58 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 18:58 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 18:13 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 18:12 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 18:03 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-14 15:48 . 2009-10-14 15:48 -------- d-----w- c:\users\Kobra\AppData\Roaming\Media Player Classic
2009-10-09 22:19 . 2009-10-09 22:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\Leadertech
2009-10-07 14:02 . 2009-10-07 14:02 2855 ----a-w- c:\users\Kobra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doom 3\v1.3 Online Check Crack.pif
2009-10-07 14:02 . 2009-10-07 14:02 -------- d--h--w- c:\windows\PIF
2009-10-06 11:20 . 2009-10-06 11:20 -------- d-----w- c:\users\Kobra\AppData\Local\Google
2009-10-03 17:16 . 2009-10-03 17:16 -------- d-----w- c:\program files\PocketRAR
2009-09-29 09:52 . 2009-09-29 09:52 -------- d-----w- c:\users\Kobra\AppData\Local\Microsoft Help
2009-09-27 15:44 . 2009-09-27 15:44 -------- d-----w- c:\program files\Eidos
2009-09-25 22:55 . 2009-09-25 22:55 -------- d-----w- c:\users\Kobra\AppData\Roaming\Apple Computer
2009-09-25 22:55 . 2009-09-25 22:55 -------- d-----w- c:\users\Kobra\AppData\Local\Apple Computer
2009-09-25 22:55 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-25 22:55 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\program files\iPod
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\program files\iTunes
2009-09-25 22:53 . 2009-09-25 22:53 -------- d-----w- c:\program files\Bonjour
2009-09-24 20:20 . 2009-09-24 20:20 -------- d-----w- c:\users\Kobra\AppData\Roaming\Allstar
2009-09-24 18:07 . 2009-09-24 18:07 -------- d-----w- c:\users\Kobra\AppData\Roaming\teamspeak2
2009-09-24 18:07 . 2009-09-24 18:07 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-09-22 10:43 . 2009-09-22 10:43 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-09-22 10:42 . 2009-09-22 10:42 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-09-22 10:42 . 2009-09-22 10:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-09-22 10:34 . 2009-09-22 10:35 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-22 10:34 . 2009-09-22 10:44 -------- d-----w- c:\users\Kobra\AppData\Roaming\DAEMON Tools Lite
2009-09-22 00:28 . 2009-09-22 00:28 -------- d-----w- c:\program files\ageye

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-20 17:52 . 2009-09-11 12:40 45056 ----a-w- c:\windows\system32\acovcnt.exe
2009-10-20 17:52 . 2009-08-23 18:47 48639 ----a-w- c:\programdata\nvModes.dat
2009-10-20 17:51 . 2009-08-23 17:34 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-10-20 17:51 . 2009-09-11 14:06 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-10-20 17:50 . 2009-08-23 17:40 2263 ----a-w- c:\windows\bthservsdp.dat
2009-10-20 17:48 . 2009-09-14 00:06 46520 ----a-w- c:\windows\system32\perfh01B.dat
2009-10-20 17:48 . 2009-09-14 00:06 11240 ----a-w- c:\windows\system32\perfc01B.dat
2009-10-20 17:42 . 2009-09-19 11:08 -------- d-----w- c:\users\Kobra\AppData\Roaming\Xfire
2009-10-20 17:40 . 2009-09-19 11:08 -------- d-----w- c:\programdata\Xfire
2009-10-20 16:27 . 2009-09-19 11:08 -------- d-----w- c:\program files\Xfire
2009-10-18 16:39 . 2009-09-18 15:06 191304 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-18 15:30 . 2009-09-18 15:06 138352 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-17 23:10 . 2009-09-15 09:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\uTorrent
2009-10-15 01:17 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-15 01:09 . 2009-08-23 17:48 -------- d-----w- c:\programdata\Microsoft Help
2009-10-14 23:40 . 2009-08-23 18:05 -------- d-----w- c:\programdata\Symantec
2009-10-14 23:40 . 2009-08-23 18:04 -------- d-----w- c:\programdata\Norton
2009-10-14 23:40 . 2009-08-23 18:04 -------- d-----w- c:\program files\NortonInstaller
2009-10-14 22:13 . 2009-09-11 14:15 -------- d-----w- c:\program files\ICQ6.5
2009-10-14 20:48 . 2009-09-15 09:08 737280 ----a-w- c:\windows\iun6002.exe
2009-10-14 20:27 . 2009-10-13 12:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-13 12:48 . 2009-10-11 13:57 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2009-10-11 15:59 . 2009-09-14 23:36 -------- d-----w- c:\program files\FreeRapid-0.82
2009-10-11 14:39 . 2009-09-15 09:14 -------- d-----w- c:\program files\QuickTime
2009-10-11 11:53 . 2009-08-23 17:37 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-10-09 22:18 . 2009-08-23 18:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-09 18:00 . 2009-10-13 12:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-09-29 14:15 . 2009-09-16 08:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\HLSW
2009-09-25 22:54 . 2009-09-15 09:13 -------- d-----w- c:\program files\Common Files\Apple
2009-09-25 22:54 . 2009-09-15 09:14 -------- d-----w- c:\programdata\Apple Computer
2009-09-22 17:28 . 2009-09-11 12:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 22:06 . 2009-09-21 22:06 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-09-18 20:19 . 2009-09-18 20:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\The Creative Assembly
2009-09-18 15:06 . 2009-09-18 15:06 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-17 12:08 . 2009-08-23 18:47 -------- d-----w- c:\programdata\NVIDIA
2009-09-17 11:47 . 2009-09-17 11:47 -------- d-----w- c:\program files\GamePark
2009-09-16 20:29 . 2009-09-11 12:40 99864 ----a-w- c:\users\Kobra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-16 20:29 . 2009-09-16 20:29 -------- d-----w- c:\programdata\FLEXnet
2009-09-16 20:18 . 2009-09-16 20:18 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-16 20:07 . 2009-09-14 22:02 -------- d-----w- c:\program files\CCleaner
2009-09-16 19:53 . 2009-09-16 19:53 -------- d-----w- c:\program files\Adobe Media Player
2009-09-16 19:51 . 2009-09-16 19:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-16 19:32 . 2009-09-16 19:22 -------- d-----w- c:\users\Kobra\AppData\Roaming\Nero
2009-09-16 18:28 . 2009-09-16 18:05 -------- d-----w- c:\users\Kobra\AppData\Roaming\Download Manager
2009-09-16 17:37 . 2009-09-16 17:37 -------- d-----w- c:\program files\Razer
2009-09-16 17:37 . 2009-09-16 17:37 -------- d-----w- c:\users\Kobra\AppData\Roaming\InstallShield
2009-09-16 14:21 . 2009-09-16 14:21 -------- d-----w- c:\program files\MSXML 4.0
2009-09-16 08:19 . 2009-09-16 08:19 -------- d-s---w- c:\program files\HLSW
2009-09-15 21:05 . 2009-09-15 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-15 20:53 . 2009-09-15 20:41 -------- d-----w- c:\program files\Common Files\Nero
2009-09-15 20:52 . 2009-09-15 20:41 -------- d-----w- c:\program files\Nero
2009-09-15 20:44 . 2009-09-15 20:41 -------- d-----w- c:\programdata\Nero
2009-09-15 18:20 . 2009-09-15 18:20 -------- d-----w- c:\program files\TC PowerPack
2009-09-15 10:03 . 2009-09-15 10:03 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.temp
2009-09-15 10:02 . 2009-09-15 10:02 -------- d-----w- c:\programdata\Blizzard
2009-09-15 09:41 . 2009-09-15 09:05 -------- d-----w- c:\users\Kobra\AppData\Roaming\Winamp
2009-09-15 09:29 . 2009-09-15 09:28 -------- d-----w- c:\program files\SystemRequirementsLab
2009-09-15 09:26 . 2009-09-15 09:26 -------- d-----w- c:\program files\Windows Mobile Device Handbook
2009-09-15 09:21 . 2009-09-15 09:21 -------- d-----w- c:\program files\uTorrent
2009-09-15 09:16 . 2009-09-15 09:16 -------- d-----w- c:\program files\The KMPlayer
2009-09-15 09:13 . 2009-09-15 09:13 -------- d-----w- c:\programdata\Apple
2009-09-15 09:13 . 2009-09-15 09:13 -------- d-----w- c:\program files\Apple Software Update
2009-09-15 09:06 . 2009-09-15 09:05 -------- d-----w- c:\program files\Winamp
2009-09-15 09:05 . 2009-08-23 18:07 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-09-14 23:42 . 2009-09-14 23:42 -------- d-----w- c:\users\Kobra\AppData\Roaming\VitySoft
2009-09-14 23:39 . 2009-09-14 23:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-14 23:39 . 2009-09-14 23:39 -------- d-----w- c:\program files\Java
2009-09-14 23:24 . 2009-09-14 23:24 -------- d-----w- c:\program files\A4Tech
2009-09-14 23:01 . 2009-09-13 22:53 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-09-13 22:52 . 2009-09-11 12:45 -------- d-----w- c:\program files\Microsoft
2009-09-13 00:42 . 2009-08-23 17:54 -------- d-----w- c:\program files\Microsoft Works
2009-09-12 23:01 . 2009-09-12 23:01 -------- d-----w- c:\programdata\createpart
2009-09-12 22:53 . 2009-09-12 22:53 -------- d-----w- c:\programdata\redistpart
2009-09-12 22:52 . 2009-09-12 22:52 -------- d-----w- c:\programdata\explauncher
2009-09-12 22:52 . 2009-09-12 22:52 -------- d-----w- c:\programdata\launcher
2009-09-12 22:48 . 2009-09-11 12:55 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-09-12 22:47 . 2009-09-12 22:47 -------- d-----w- c:\program files\Paragon Software
2009-09-12 18:19 . 2009-09-11 12:55 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-12 18:19 . 2009-09-11 12:55 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-12 18:19 . 2009-09-11 12:55 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-12 18:19 . 2009-09-11 12:55 -------- d-----w- c:\program files\Symantec
2009-09-11 14:17 . 2009-09-11 14:15 -------- d-----w- c:\users\Kobra\AppData\Roaming\ICQ
2009-09-11 14:05 . 2009-09-11 14:06 56680 ----a-w- c:\windows\system32\rpcnet.exe
2009-09-11 13:46 . 2009-08-23 18:06 -------- d-----w- c:\program files\Google
2009-09-11 13:22 . 2009-09-11 13:22 -------- d-----w- c:\programdata\ASUS
2009-09-11 12:59 . 2009-09-11 12:59 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_N51Vn.alu
2009-09-11 12:47 . 2009-09-11 12:45 -------- d-----w- c:\program files\Windows Live
2009-09-11 12:46 . 2009-09-11 12:46 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-11 12:45 . 2009-09-11 12:45 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-11 12:45 . 2009-09-11 12:45 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-11 12:44 . 2009-09-11 12:44 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-04 15:44 . 2009-09-14 23:55 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44 . 2009-09-14 23:55 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:44 . 2009-09-14 23:55 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\progra~1\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"Habu"="c:\program files\Razer\Habu\razerhid.exe" [2007-05-11 176128]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-14 149280]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]

c:\users\Kobra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-10-15 3141008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 22:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):fc,e8,62,15,cf,34,ca,01

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [23. 8. 2009 21:29 15416]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020.00B\SymEFA.sys [12. 9. 2009 20:19 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B\BHDrvx86.sys [12. 9. 2009 20:19 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.00B\cchpx86.sys [12. 9. 2009 20:19 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090916.003\IDSvix86.sys [17. 9. 2009 1:22 342576]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12. 10. 2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12. 10. 2009 21:24 74480]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [12. 9. 2009 20:19 117640]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [7. 4. 2009 19:04 70880]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30. 3. 2009 16:28 1533808]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12. 9. 2009 10:00 102448]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\System32\drivers\L1C60x86.sys [27. 7. 2009 7:12 50688]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [11. 5. 2009 11:49 64544]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\System32\drivers\SRS_PremiumSound_i386.sys [23. 8. 2009 21:45 233128]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B\symndisv.sys [12. 9. 2009 20:19 48688]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [23. 8. 2009 21:16 29736]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11. 9. 2009 14:47 55264]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [8. 12. 2008 17:01 533344]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [21. 1. 2008 4:23 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12. 10. 2009 21:24 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2009-10-18 c:\windows\Tasks\Norton Security Scan for Kobra.job
- c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-10-14 17:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=ASUS
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 19:52
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5800)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\SPBA\upeksvr.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\rpcnet.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\DllHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\ASUS CopyProtect\aspg.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\System32\ACEngSvr.exe
c:\combofix\CF9108.exe
c:\windows\system32\wbem\unsecapp.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Completion time: 2009-10-20 19:56 - machine was rebooted
ComboFix-quarantined-files.txt 2009-10-20 17:56

Pre-Run: 59 863 875 584 bytes free
Post-Run: 59 507 019 776 bytes free

- - End Of File - - 7C3B2F710731C9B8AA60730974644350

Damned · Příspěvekod **Damned** » 20 říj 2009 20:18

Červený soubor zkontroluj na Virustotalu a vlož sem odkaz na výsledek.
Pokud ho nenajdeš, dej si zobrazit skryté a systémové soubory. Pokud ti nabídne, že soubor už kontroloval,
nech ho zkontrolovat znovu, a počkej až se objeví "Dokončeno" a výsledek.Potom sem zkopíruj adresní řádek.

c:\windows\system32\acovcnt.exe
c:\windows\system32\rpcnetp.dll
c:\windows\system32\rpcnetp.exe

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 20:39

1. http://www.virustotal.com/analisis/aaf6 ... 1256063272

2. http://www.virustotal.com/analisis/d1d2 ... 1256063687

3. http://www.virustotal.com/analisis/fc82 ... 1256063820

Damned · Příspěvekod **Damned** » 20 říj 2009 21:19

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

Folder::
c:\program files\DAEMON Tools Toolbar

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 22:00

ComboFix 09-10-19.04 - Kobra . 10. 2009 21:40.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3070.1846 [GMT 2:00]
Running from: c:\users\Kobra\Desktop\ComboFix.exe
Command switches used :: c:\users\Kobra\Desktop\CFScript.txt
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar

.
((((((((((((((((((((((((( Files Created from 2009-09-20 to 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-20 19:46 . 2009-10-20 19:46 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-20 19:46 . 2009-10-20 19:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-20 17:56 . 2009-10-20 19:47 -------- d-----w- c:\users\Kobra\AppData\Local\temp
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\users\Kobra\AppData\Roaming\Malwarebytes
2009-10-20 16:48 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-20 16:48 . 2009-10-20 16:48 -------- d-----w- c:\programdata\Malwarebytes
2009-10-20 16:48 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-18 18:32 . 2009-10-18 18:32 -------- d-----w- c:\programdata\Blizzard Entertainment
2009-10-18 17:59 . 2009-10-18 17:59 -------- d-----w- c:\program files\Trend Micro
2009-10-17 23:10 . 2009-10-17 23:10 -------- d-----w- c:\users\Kobra\AppData\Local\Monte Cristo
2009-10-17 00:56 . 2009-10-17 00:56 -------- d-----w- c:\programdata\eSellerate
2009-10-17 00:55 . 2009-10-17 01:09 -------- d-----w- c:\program files\NewBlue
2009-10-17 00:53 . 2009-10-17 00:53 -------- d-----w- c:\program files\Pixelan
2009-10-17 00:52 . 2009-10-17 00:52 -------- d-----w- c:\program files\Sonic Foundry
2009-10-17 00:52 . 2009-10-17 00:52 -------- d-----w- c:\program files\Panopticum Lens Pro 3.5 For Vegas
2009-10-17 00:51 . 2004-03-29 13:23 90112 ----a-w- c:\windows\unvise32.exe
2009-10-17 00:31 . 2009-10-17 00:31 -------- d-----w- c:\users\Kobra\AppData\Roaming\Publish Providers
2009-10-17 00:00 . 2009-10-17 00:31 -------- d-----w- c:\users\Kobra\AppData\Roaming\Sony
2009-10-17 00:00 . 2009-10-17 00:01 -------- d-----w- c:\users\Kobra\AppData\Local\Sony
2009-10-16 23:57 . 2009-10-16 23:57 -------- d-----w- c:\programdata\Sony
2009-10-16 23:57 . 2009-10-16 23:57 -------- d-----w- c:\program files\Sony
2009-10-14 23:58 . 2009-10-14 23:58 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-10-14 23:40 . 2009-10-14 23:40 -------- d-----w- c:\windows\system32\drivers\NSS
2009-10-14 23:40 . 2009-10-14 23:40 -------- d-----w- c:\program files\Norton Security Scan
2009-10-14 22:13 . 2009-10-14 22:14 -------- d-----w- c:\programdata\NOS
2009-10-14 22:13 . 2009-10-14 22:13 -------- d-----w- c:\program files\NOS
2009-10-14 22:13 . 2009-09-23 14:37 34112 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
2009-10-14 22:13 . 2009-09-23 14:37 32448 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
2009-10-14 22:13 . 2009-09-23 14:37 22352 ----a-w- c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
2009-10-14 21:09 . 2009-10-18 14:14 117760 ----a-w- c:\users\Kobra\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-14 21:07 . 2009-10-14 21:07 -------- d-----w- c:\users\Kobra\AppData\Roaming\SUPERAntiSpyware.com
2009-10-14 21:06 . 2009-10-14 21:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-14 20:57 . 2009-10-14 20:57 -------- d-----w- c:\users\Kobra\AppData\Local\Seven Zip
2009-10-14 20:48 . 2009-10-14 20:48 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-10-14 20:40 . 2009-10-14 20:40 -------- d-----w- c:\windows\system32\Adobe
2009-10-14 18:58 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 18:58 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 18:58 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 18:13 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 18:12 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 18:03 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-14 15:48 . 2009-10-14 15:48 -------- d-----w- c:\users\Kobra\AppData\Roaming\Media Player Classic
2009-10-09 22:19 . 2009-10-09 22:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\Leadertech
2009-10-07 14:02 . 2009-10-07 14:02 2855 ----a-w- c:\users\Kobra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doom 3\v1.3 Online Check Crack.pif
2009-10-07 14:02 . 2009-10-07 14:02 -------- d--h--w- c:\windows\PIF
2009-10-06 11:20 . 2009-10-06 11:20 -------- d-----w- c:\users\Kobra\AppData\Local\Google
2009-10-03 17:16 . 2009-10-03 17:16 -------- d-----w- c:\program files\PocketRAR
2009-09-29 09:52 . 2009-09-29 09:52 -------- d-----w- c:\users\Kobra\AppData\Local\Microsoft Help
2009-09-27 15:44 . 2009-09-27 15:44 -------- d-----w- c:\program files\Eidos
2009-09-25 22:55 . 2009-09-25 22:55 -------- d-----w- c:\users\Kobra\AppData\Roaming\Apple Computer
2009-09-25 22:55 . 2009-09-25 22:55 -------- d-----w- c:\users\Kobra\AppData\Local\Apple Computer
2009-09-25 22:55 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-25 22:55 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\program files\iPod
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-25 22:54 . 2009-09-25 22:54 -------- d-----w- c:\program files\iTunes
2009-09-25 22:53 . 2009-09-25 22:53 -------- d-----w- c:\program files\Bonjour
2009-09-24 20:20 . 2009-09-24 20:20 -------- d-----w- c:\users\Kobra\AppData\Roaming\Allstar
2009-09-24 18:07 . 2009-09-24 18:07 -------- d-----w- c:\users\Kobra\AppData\Roaming\teamspeak2
2009-09-24 18:07 . 2009-09-24 18:07 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-09-22 10:43 . 2009-09-22 10:43 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-09-22 10:42 . 2009-09-22 10:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-09-22 10:34 . 2009-09-22 10:35 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-09-22 10:34 . 2009-09-22 10:44 -------- d-----w- c:\users\Kobra\AppData\Roaming\DAEMON Tools Lite
2009-09-22 00:28 . 2009-09-22 00:28 -------- d-----w- c:\program files\ageye

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-20 18:06 . 2009-09-14 00:06 46520 ----a-w- c:\windows\system32\perfh01B.dat
2009-10-20 18:06 . 2009-09-14 00:06 11240 ----a-w- c:\windows\system32\perfc01B.dat
2009-10-20 18:00 . 2009-08-23 18:47 48639 ----a-w- c:\programdata\nvModes.dat
2009-10-20 17:59 . 2009-08-23 17:34 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2009-10-20 17:59 . 2009-09-11 14:06 56680 ----a-w- c:\windows\system32\rpcnet.dll
2009-10-20 17:58 . 2009-08-23 17:40 2263 ----a-w- c:\windows\bthservsdp.dat
2009-10-20 17:52 . 2009-09-11 12:40 45056 ----a-w- c:\windows\system32\acovcnt.exe
2009-10-20 17:42 . 2009-09-19 11:08 -------- d-----w- c:\users\Kobra\AppData\Roaming\Xfire
2009-10-20 17:40 . 2009-09-19 11:08 -------- d-----w- c:\programdata\Xfire
2009-10-20 16:27 . 2009-09-19 11:08 -------- d-----w- c:\program files\Xfire
2009-10-18 16:39 . 2009-09-18 15:06 191304 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-18 15:30 . 2009-09-18 15:06 138352 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-17 23:10 . 2009-09-15 09:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\uTorrent
2009-10-15 01:17 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-10-15 01:09 . 2009-08-23 17:48 -------- d-----w- c:\programdata\Microsoft Help
2009-10-14 23:40 . 2009-08-23 18:05 -------- d-----w- c:\programdata\Symantec
2009-10-14 23:40 . 2009-08-23 18:04 -------- d-----w- c:\programdata\Norton
2009-10-14 23:40 . 2009-08-23 18:04 -------- d-----w- c:\program files\NortonInstaller
2009-10-14 22:13 . 2009-09-11 14:15 -------- d-----w- c:\program files\ICQ6.5
2009-10-14 20:48 . 2009-09-15 09:08 737280 ----a-w- c:\windows\iun6002.exe
2009-10-14 20:27 . 2009-10-13 12:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-10-13 12:48 . 2009-10-11 13:57 -------- d-----w- c:\program files\ACE Mega CoDecS Pack
2009-10-11 15:59 . 2009-09-14 23:36 -------- d-----w- c:\program files\FreeRapid-0.82
2009-10-11 14:39 . 2009-09-15 09:14 -------- d-----w- c:\program files\QuickTime
2009-10-11 11:53 . 2009-08-23 17:37 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2009-10-09 22:18 . 2009-08-23 18:03 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-09 18:00 . 2009-10-13 12:50 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-09-29 14:15 . 2009-09-16 08:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\HLSW
2009-09-25 22:54 . 2009-09-15 09:13 -------- d-----w- c:\program files\Common Files\Apple
2009-09-25 22:54 . 2009-09-15 09:14 -------- d-----w- c:\programdata\Apple Computer
2009-09-22 17:28 . 2009-09-11 12:42 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 22:06 . 2009-09-21 22:06 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-09-18 20:19 . 2009-09-18 20:19 -------- d-----w- c:\users\Kobra\AppData\Roaming\The Creative Assembly
2009-09-18 15:06 . 2009-09-18 15:06 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-09-17 12:08 . 2009-08-23 18:47 -------- d-----w- c:\programdata\NVIDIA
2009-09-17 11:47 . 2009-09-17 11:47 -------- d-----w- c:\program files\GamePark
2009-09-16 20:29 . 2009-09-11 12:40 99864 ----a-w- c:\users\Kobra\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-16 20:29 . 2009-09-16 20:29 -------- d-----w- c:\programdata\FLEXnet
2009-09-16 20:18 . 2009-09-16 20:18 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-16 20:07 . 2009-09-14 22:02 -------- d-----w- c:\program files\CCleaner
2009-09-16 19:53 . 2009-09-16 19:53 -------- d-----w- c:\program files\Adobe Media Player
2009-09-16 19:51 . 2009-09-16 19:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-16 19:32 . 2009-09-16 19:22 -------- d-----w- c:\users\Kobra\AppData\Roaming\Nero
2009-09-16 18:28 . 2009-09-16 18:05 -------- d-----w- c:\users\Kobra\AppData\Roaming\Download Manager
2009-09-16 17:37 . 2009-09-16 17:37 -------- d-----w- c:\program files\Razer
2009-09-16 17:37 . 2009-09-16 17:37 -------- d-----w- c:\users\Kobra\AppData\Roaming\InstallShield
2009-09-16 14:21 . 2009-09-16 14:21 -------- d-----w- c:\program files\MSXML 4.0
2009-09-16 08:19 . 2009-09-16 08:19 -------- d-s---w- c:\program files\HLSW
2009-09-15 21:05 . 2009-09-15 17:29 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-09-15 20:53 . 2009-09-15 20:41 -------- d-----w- c:\program files\Common Files\Nero
2009-09-15 20:52 . 2009-09-15 20:41 -------- d-----w- c:\program files\Nero
2009-09-15 20:44 . 2009-09-15 20:41 -------- d-----w- c:\programdata\Nero
2009-09-15 18:20 . 2009-09-15 18:20 -------- d-----w- c:\program files\TC PowerPack
2009-09-15 10:03 . 2009-09-15 10:03 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.temp
2009-09-15 10:02 . 2009-09-15 10:02 -------- d-----w- c:\programdata\Blizzard
2009-09-15 09:41 . 2009-09-15 09:05 -------- d-----w- c:\users\Kobra\AppData\Roaming\Winamp
2009-09-15 09:29 . 2009-09-15 09:28 -------- d-----w- c:\program files\SystemRequirementsLab
2009-09-15 09:26 . 2009-09-15 09:26 -------- d-----w- c:\program files\Windows Mobile Device Handbook
2009-09-15 09:21 . 2009-09-15 09:21 -------- d-----w- c:\program files\uTorrent
2009-09-15 09:16 . 2009-09-15 09:16 -------- d-----w- c:\program files\The KMPlayer
2009-09-15 09:13 . 2009-09-15 09:13 -------- d-----w- c:\programdata\Apple
2009-09-15 09:13 . 2009-09-15 09:13 -------- d-----w- c:\program files\Apple Software Update
2009-09-15 09:06 . 2009-09-15 09:05 -------- d-----w- c:\program files\Winamp
2009-09-15 09:05 . 2009-08-23 18:07 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-09-14 23:42 . 2009-09-14 23:42 -------- d-----w- c:\users\Kobra\AppData\Roaming\VitySoft
2009-09-14 23:39 . 2009-09-14 23:40 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-09-14 23:39 . 2009-09-14 23:39 -------- d-----w- c:\program files\Java
2009-09-14 23:24 . 2009-09-14 23:24 -------- d-----w- c:\program files\A4Tech
2009-09-14 23:01 . 2009-09-13 22:53 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-09-14 00:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-09-13 22:52 . 2009-09-11 12:45 -------- d-----w- c:\program files\Microsoft
2009-09-13 00:42 . 2009-08-23 17:54 -------- d-----w- c:\program files\Microsoft Works
2009-09-12 23:01 . 2009-09-12 23:01 -------- d-----w- c:\programdata\createpart
2009-09-12 22:53 . 2009-09-12 22:53 -------- d-----w- c:\programdata\redistpart
2009-09-12 22:52 . 2009-09-12 22:52 -------- d-----w- c:\programdata\explauncher
2009-09-12 22:52 . 2009-09-12 22:52 -------- d-----w- c:\programdata\launcher
2009-09-12 22:48 . 2009-09-11 12:55 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-09-12 22:47 . 2009-09-12 22:47 -------- d-----w- c:\program files\Paragon Software
2009-09-12 18:19 . 2009-09-11 12:55 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-09-12 18:19 . 2009-09-11 12:55 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-09-12 18:19 . 2009-09-11 12:55 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-09-12 18:19 . 2009-09-11 12:55 -------- d-----w- c:\program files\Symantec
2009-09-11 14:17 . 2009-09-11 14:15 -------- d-----w- c:\users\Kobra\AppData\Roaming\ICQ
2009-09-11 14:05 . 2009-09-11 14:06 56680 ----a-w- c:\windows\system32\rpcnet.exe
2009-09-11 13:46 . 2009-08-23 18:06 -------- d-----w- c:\program files\Google
2009-09-11 13:22 . 2009-09-11 13:22 -------- d-----w- c:\programdata\ASUS
2009-09-11 12:59 . 2009-09-11 12:59 0 ----a-w- c:\windows\system32\drivers\1043_ASUSTeK_N51Vn.alu
2009-09-11 12:47 . 2009-09-11 12:45 -------- d-----w- c:\program files\Windows Live
2009-09-11 12:46 . 2009-09-11 12:46 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-09-11 12:45 . 2009-09-11 12:45 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-09-11 12:45 . 2009-09-11 12:45 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-11 12:44 . 2009-09-11 12:44 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-04 15:44 . 2009-09-14 23:55 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-09-04 15:44 . 2009-09-14 23:55 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-09-04 15:44 . 2009-09-14 23:55 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-10-20_17.52.55 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-10-20 18:01 40274 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-10-20 18:01 96822 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-09-12 03:32 . 2009-10-20 16:24 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-09-12 03:32 . 2009-10-20 19:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-09-12 03:32 . 2009-10-20 19:13 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-09-12 03:32 . 2009-10-20 16:24 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-09-12 03:32 . 2009-10-20 19:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-09-12 03:32 . 2009-10-20 16:24 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-09-11 12:42 . 2009-10-20 18:01 7014 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1659499902-571405069-1291439205-1000_UserData.bin
- 2009-10-20 17:51 . 2009-10-20 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-10-20 17:59 . 2009-10-20 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-10-20 17:51 . 2009-10-20 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-10-20 17:59 . 2009-10-20 17:59 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2009-10-20 18:06 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-10-20 17:48 587178 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-10-20 18:06 101250 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-10-20 17:48 101250 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\progra~1\ICQ6.5\ICQ.exe" [2009-03-01 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-07 1029416]
"Habu"="c:\program files\Razer\Habu\razerhid.exe" [2007-05-11 176128]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-14 149280]

c:\users\Kobra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-10-15 3141008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 22:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
backup=c:\windows\pss\FancyStart daemon.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):fc,e8,62,15,cf,34,ca,01

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [23. 8. 2009 21:29 15416]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020.00B\SymEFA.sys [12. 9. 2009 20:19 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B\BHDrvx86.sys [12. 9. 2009 20:19 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.00B\cchpx86.sys [12. 9. 2009 20:19 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090916.003\IDSvix86.sys [17. 9. 2009 1:22 342576]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12. 10. 2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12. 10. 2009 21:24 74480]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [12. 9. 2009 20:19 117640]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [7. 4. 2009 19:04 70880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12. 9. 2009 10:00 102448]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\System32\drivers\L1C60x86.sys [27. 7. 2009 7:12 50688]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [11. 5. 2009 11:49 64544]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\System32\drivers\SRS_PremiumSound_i386.sys [23. 8. 2009 21:45 233128]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B\symndisv.sys [12. 9. 2009 20:19 48688]
S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE [30. 3. 2009 16:28 1533808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [23. 8. 2009 21:16 29736]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [11. 9. 2009 14:47 55264]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [8. 12. 2008 17:01 533344]
S3 getPlusHelper;getPlus(R) Helper;c:\windows\System32\svchost.exe -k getPlusHelper [21. 1. 2008 4:23 21504]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12. 10. 2009 21:24 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder

2009-10-18 c:\windows\Tasks\Norton Security Scan for Kobra.job
- c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe [2009-10-14 17:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
mStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=ASUS
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Kobra\AppData\Roaming\Mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 21:47
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5168)
c:\program files\Xfire\xfire_toucan_39729.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
c:\users\Kobra\AppData\Local\Temp\catchme.dll
.
Completion time: 2009-10-20 21:50
ComboFix-quarantined-files.txt 2009-10-20 19:49
ComboFix2.txt 2009-10-20 17:56

Pre-Run: 59 545 796 608 bytes free
Post-Run: 59 506 315 264 bytes free

- - End Of File - - 333DE070F16AF1EE89C98F023E475B4C

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:52, on 18. 10. 2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Xfire\Xfire.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Razer\Habu\razertra.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ICQ] "C:\PROGRA~1\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe

--
End of file - 7932 bytes

a zistil som ze mi v poslednej dobe velmi kolise rychlost pripojenia na net....teraz mi to islo cca 220 kbit/s a teoreticky by to malo ist 11Mbit/s....je to sice cez wifi....ale aj tak je to dost malo a pomale...od wifi ma deli jedna stena, ale predty mi to slo aspon 8mbit/s...

Damned · Příspěvekod **Damned** » 20 říj 2009 22:17

Z mého hlediska je to v pořádku. Jen tyto čtyři soubory:
c:\windows\system32\rpcnetp.exe
c:\windows\system32\rpcnet.dll
c:\windows\system32\rpcnetp.dll
c:\windows\system32\rpcnet.exe

Někde je odstraňují, někde píší, že jsou nutnou součástí. Ale identifikují je jen 2 AV, a to ještě takové, že bych je neinstaloval ani na PMD-1.

Dal si mi sem starej HJT, tak si spusť HJT a pokud tam máš, tak fixni:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
*****************************************************************************************************************************************
Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

Vyčisti systém CCleanerem a použij i T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 23:06

ten t-cleaner mi vyhodi nejaky error a zmizne....

OTL Extras logfile created on: 20. 10. 2009 22:31:44 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Kobra\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 84,41% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 126,16 Gb Total Space | 55,74 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 152,95 Gb Free Space | 69,16% Space Free | Partition Type: NTFS
Drive E: | 106,71 Gb Total Space | 59,64 Gb Free Space | 55,89% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KOBRA-PC
Current User Name: Kobra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A004FBB-357C-401C-A6FA-AC62A21BD35C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{12E75A6E-8363-4E2E-8479-C32C2E59415E}" = lport=137 | protocol=17 | dir=in | app=system |
"{2CC60CA3-3E1F-4CA2-8D93-79667E8A39F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{33DD0E7B-F124-4FA0-99D3-AF072668170E}" = lport=138 | protocol=17 | dir=in | app=system |
"{3405CFC3-188F-41BC-A88D-AD12AFAE6042}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{37F9E36F-D980-4A14-8150-ED5EE50E8ED9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3E8B9558-6D03-4D0A-8850-CBA0D1711E75}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{56F3ED74-5AB4-4FF3-8C68-667848867968}" = rport=445 | protocol=6 | dir=out | app=system |
"{5C9E4865-16FF-42EB-97C9-ADC5CF502EA0}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{7172FA7C-17B3-4CE8-BEDA-506513C39F29}" = rport=137 | protocol=17 | dir=out | app=system |
"{72252098-1001-4CD2-A7C0-F325B0C91BF5}" = lport=445 | protocol=6 | dir=in | app=system |
"{845A2979-A6C3-4742-8178-17A2EF0A334F}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{86A1A634-2B13-4AC2-AFAB-AE8A951C78A0}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8FC44CC3-C7EF-4F35-9319-919ACAA2589C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{94202F6A-D127-4F81-9399-3AA78107946E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{9C10F6D4-8247-4E60-A747-F35399BC17F5}" = lport=139 | protocol=6 | dir=in | app=system |
"{A464C759-E86D-418F-B928-F3F153162BE2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C4B348FC-E774-4D01-AD92-083CC56D8E5F}" = rport=139 | protocol=6 | dir=out | app=system |
"{DAE30D9D-3C84-4952-9E81-032B920FF1B9}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{FAE1C3AC-8944-4E92-A49E-DCCD57C97FE5}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EB89C3B-3208-416F-BF69-0A53E4674705}" = protocol=17 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{0F36709F-9B79-4D04-A250-B4224B42045C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1B175D9B-C6B6-4476-9740-CDA0259A8338}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{24ECFDB9-6C3E-4046-AB2D-E79958B365DD}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{29A611BE-CDE9-4D6E-91A8-3E9AE6F6AA66}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2E662BED-FA75-4AAF-8DCF-20D33AAA81D8}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3404B9EE-9B39-42F5-A87B-1CF511CF32F3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4AAD97CA-204D-40AB-8243-51C618970182}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4CB60E99-8760-4561-927B-BC4FD4F26AF3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{53585D54-4A5F-4745-98FD-0B2084C1D42F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{56F66997-EA30-442D-BFCF-F78547F6F8F7}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5850E3B0-D6F2-469D-9897-02E7281192FE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5F7A24DC-611E-42AD-8E6E-36F0C434B450}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6E876005-5098-45D5-811B-19FD125602E9}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{6EBB27DA-06FF-465C-8798-562663C59611}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7B0C9668-893B-42E1-A329-EEEF62D6BCD4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7BC2618F-3178-4729-A008-228730262276}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{83AC4BBC-6FE5-4969-BB24-1856615F51D7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{86959AC2-94C1-49FD-93EA-BE4F4004D2F8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{88837365-89F0-4694-948B-D921564D1693}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8B1129FE-B496-4A7A-AAB2-239B642BBE93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8C6E218C-F56D-499B-AFC7-1ED0B126E52A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{8E249E28-1006-49F5-BCA1-B3F99ED4EE2D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{904F5F1E-7AEF-43A8-877C-870932502CE1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9B07730F-7FEF-4578-989C-C4FDC2B933B5}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{BD3A7979-B3C9-4EA1-83CA-6D9240D64541}" = protocol=6 | dir=in | app=c:\program files\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{C87B8713-6A27-4427-B207-BD75DB452E8F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CBC0D1C4-F4C2-4946-97A8-1DB4009D9556}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D1956D94-14CB-40E3-9ECF-2C5212687C00}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D56C171E-54E0-4542-97EA-4446AA49AFCD}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EC5D9091-6D2D-435A-90A3-E722C6C1C332}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F0750E4C-11AB-4A45-9EA7-870E66B6FF57}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F8C80F2A-F406-4B5D-BDB1-5315CDBD7286}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F92A9354-44F3-43A0-821B-545750818EA4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Asistent pri prihlasovaní v konte Windows Live ID
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Odovzdávací nástroj lokality Windows Live
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25941F8E-15EA-4C0A-B993-54CE71709450}" = Windows Live Toolbar
"{26143099-021f-4244-9848-f8952cfafa97}" = Nero 9
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{32CF189D-52BB-4C1C-8F93-97E8F3CDDC95}" = Razer Habu Config
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3D5BD9A0-F790-467A-9940-B26927F77C01}" = Windows Live Messenger
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module
"{3FEA0DCC-011C-4001-BEE5-D8017CE81962}" = Windows Live Movie Maker Beta
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{67101EAB-B558-45B1-A902-28290F15CC75}" = Windows Live Essentials
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6F238EFB-D502-4164-9D32-A98E96F092F6}" = Windows Live Mail
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{754F35A5-CFC3-4D30-9B7F-BC74E6C3CB8C}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7FF19D53-CC31-4062-AE1D-5F398407E635}" = Windows Live Fotogaléria
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{85BF74AC-C633-478E-A865-A73062148CD0}" = Bezpečnosť rodiny v službe Windows Live
"{865CD808-6D31-4269-9D36-693CFE75D26A}" = Express Gate
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0418-0000-0000000FF1CE}" = Microsoft Office Access MUI (Romanian) 2007
"{90120000-0015-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0015-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0418-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Romanian) 2007
"{90120000-0016-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0418-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Romanian) 2007
"{90120000-0018-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0418-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Romanian) 2007
"{90120000-0019-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0418-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Romanian) 2007
"{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{C913F31D-FF3E-47F6-95E6-7E417D37A76E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0418-0000-0000000FF1CE}" = Microsoft Office Word MUI (Romanian) 2007
"{90120000-001B-0418-0000-0000000FF1CE}_PROHYBRIDR_{3DFBDBEE-B82A-47D9-8134-B86A98280A8E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_PROHYBRIDR_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0408-0000-0000000FF1CE}_PROHYBRIDR_{3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_PROHYBRIDR_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0418-0000-0000000FF1CE}" = Microsoft Office Proof (Romanian) 2007
"{90120000-001F-0418-0000-0000000FF1CE}_PROHYBRIDR_{6E3398C5-9A81-4054-B474-8B23A60F5048}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-0418-0000-0000000FF1CE}" = Microsoft Office Proofing (Romanian) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0408-0000-0000000FF1CE}_PROHYBRIDR_{E3B92295-785F-4FF7-8BE1-67E86F5F8140}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0418-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Romanian) 2007
"{90120000-006E-0418-0000-0000000FF1CE}_PROHYBRIDR_{CEDDCA72-ED57-4CE5-B55D-A50EE2CD3CCF}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_PROHYBRIDR_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zariadení Windows Mobile
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1051-7B44-A91000000001}" = Adobe Reader 9.1.3 - Slovak
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{B00220C8-AD02-4DA8-BEF4-E0552A4AC1E2}_is1" = Panopticum Lens Pro 3.5 For Vegas
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}" = iTunes
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EB2243F0-351C-4405-B2A6-2B28466AE684}" = Windows Live Writer
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ECCD28B2-8798-4D16-8126-625D728294A1}" = SPBA 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"CCleaner" = CCleaner (remove only)
"Cities XL" = Cities XL
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Doom 3v1.3.0" = Doom 3
"G-Alarm_is1" = G-Alarm 2.2
"GameParkClient_is1" = GamePark
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.2.1
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.9 BETA
"Magic Bullet Editors 2.0 Vegas" = Magic Bullet Editors 2.0 Vegas
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"NIS" = Norton Internet Security
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PluginPac" = DebugMode PluginPac (remove only)
"PROHYBRIDR" = 2007 Microsoft Office system
"Spb Mobile Shell" = Spb Mobile Shell
"SpiceMASTER 2.5 PRO for Vegas" = SpiceMASTER 2.5 PRO for Vegas
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TC PowerPack" = TC PowerPack 1.7
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The KMPlayer" = The KMPlayer (remove only)
"USB 2.0 2.0M UVC WebCam" = USB 2.0 2.0M UVC WebCam
"uTorrent" = µTorrent
"Winamp" = Winamp
"Windows Mobile Device Handbook" = Príručka zariadenia Windows Mobile®
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"Xfire" = Xfire (remove only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11. 10. 2009 9:38:23 | Computer Name = Kobra-PC | Source = Application Error | ID = 1000
Description = Chybová aplikácia firefox.exe, verzia 1.9.1.3523, časová značka 0x4a92de61,
chybový modul ntdll.dll, verzia 6.0.6002.18005, časová značka 0x49e03821, kód výnimky
0xc0000374, odstup chyby 0x000afaf8, identifikácia procesu 0x1480, čas spustenia
aplikácie 0x01ca4a77bcfe05d4.

Error - 11. 10. 2009 19:32:14 | Computer Name = Kobra-PC | Source = RapiMgr | ID = 8
Description = Windows Mobile-based device failed to connect due to communication
(0x8007274a) failure (see data for failure code).

Error - 12. 10. 2009 5:43:52 | Computer Name = Kobra-PC | Source = WinMgmt | ID = 10
Description =

Error - 12. 10. 2009 13:49:58 | Computer Name = Kobra-PC | Source = WinMgmt | ID = 10
Description =

Error - 12. 10. 2009 17:45:59 | Computer Name = Kobra-PC | Source = RapiMgr | ID = 8
Description = Windows Mobile-based device failed to connect due to communication
(0x8007274a) failure (see data for failure code).

Error - 12. 10. 2009 17:57:47 | Computer Name = Kobra-PC | Source = RapiMgr | ID = 8
Description = Windows Mobile-based device failed to connect due to communication
(0x8007274a) failure (see data for failure code).

Error - 13. 10. 2009 8:31:43 | Computer Name = Kobra-PC | Source = WinMgmt | ID = 10
Description =

Error - 13. 10. 2009 16:17:05 | Computer Name = Kobra-PC | Source = WinMgmt | ID = 10
Description =

Error - 13. 10. 2009 18:03:26 | Computer Name = Kobra-PC | Source = RapiMgr | ID = 8
Description = Windows Mobile-based device failed to connect due to communication
(0x8007274a) failure (see data for failure code).

Error - 14. 10. 2009 11:23:26 | Computer Name = Kobra-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 13. 9. 2009 19:54:01 | Computer Name = Kobra-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2017
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29. 9. 2009 6:18:50 | Computer Name = Kobra-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 29. 9. 2009 6:18:50 | Computer Name = Kobra-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 30. 9. 2009 4:05:38 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 30. 9. 2009 8:35:41 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 2. 10. 2009 7:06:24 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 5. 10. 2009 13:57:42 | Computer Name = Kobra-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:04:26 on 4. 10. 2009 was unexpected.

Error - 5. 10. 2009 13:58:32 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 6. 10. 2009 6:44:07 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 8. 10. 2009 15:58:08 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 11. 10. 2009 7:54:13 | Computer Name = Kobra-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

< End of report >

Kobra.svk · Příspěvekod **Kobra.svk** » 20 říj 2009 23:07

OTL logfile created on: 20. 10. 2009 22:31:44 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Kobra\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 84,41% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 126,16 Gb Total Space | 55,74 Gb Free Space | 44,18% Space Free | Partition Type: NTFS
Drive D: | 221,16 Gb Total Space | 152,95 Gb Free Space | 69,16% Space Free | Partition Type: NTFS
Drive E: | 106,71 Gb Total Space | 59,64 Gb Free Space | 55,89% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KOBRA-PC
Current User Name: Kobra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe (ASUS)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files\Common Files\SPBA\upeksvr.exe (UPEK Inc.)
PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\Razer\Habu\razerhid.exe ()
PRC - C:\Program Files\Razer\Habu\razerofa.exe (Razer Inc.)
PRC - C:\Program Files\Razer\Habu\razertra.exe ()
PRC - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics, Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
PRC - C:\Users\Kobra\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Windows\System32\PnkBstrB.exe ()
PRC - C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\wmiprvse.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
PRC - C:\Windows\WindowsMobile\WmdHost.exe (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (ADSMService [Auto | Running]) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (ASLDRService [Auto | Running]) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv [Auto | Running]) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (Bonjour Service [Auto | Running]) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (btwdins [Auto | Running]) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe (Broadcom Corporation.)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Eventlog [Auto | Running]) -- C:\Windows\System32\wevtsvc.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (fsssvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (getPlusHelper [On_Demand | Stopped]) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (gusvc [On_Demand | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (iPod Service [On_Demand | Stopped]) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Nero BackItUp Scheduler 4.0 [Auto | Running]) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (Norton Internet Security [Auto | Running]) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe (Symantec Corporation)
SRV - (nvsvc [Auto | Running]) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\Windows\System32\PnkBstrB.exe ()
SRV - (RapiMgr [Auto | Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (rpcnet [Auto | Running]) -- C:\Windows\System32\rpcnet.exe (Absolute Software Corp.)
SRV - (SeaPort [Auto | Running]) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (SRS_VolSync_Service [Auto | Running]) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe (SRS Labs, Inc.)
SRV - (WcesComm [Auto | Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (WinDefend [Auto | Stopped]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (wlidsvc [Auto | Running]) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (adfs [Auto | Running]) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (AsDsm [Boot | Running]) -- C:\Windows\System32\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV - (ASMMAP [Auto | Running]) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (athr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\athr.sys (Atheros Communications, Inc.)
DRV - (BHDrvx86 [System | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\BHDrvx86.sys (Symantec Corporation)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (btwaudio [On_Demand | Running]) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwavdt [On_Demand | Running]) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwl2cap [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\btwl2cap.sys (Broadcom Corporation.)
DRV - (btwrchid [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\btwrchid.sys (Broadcom Corporation.)
DRV - (ccHP [System | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\ccHPx86.sys (Symantec Corporation)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (eeCtrl [System | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (EraserUtilRebootDrv [On_Demand | Running]) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (fssfltr [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV - (GEARAspiWDM [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (HabuFltr [On_Demand | Running]) -- C:\Windows\System32\drivers\habu.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (IDSVix86 [System | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090916.003\IDSvix86.sys (Symantec Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (kbfiltr [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\kbfiltr.sys ( )
DRV - (L1C [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\L1C60x86.sys (Atheros Communications, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (lullaby [Boot | Running]) -- C:\Windows\system32\DRIVERS\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (MTsensor [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\ATKACPI.sys (ATK0100)
DRV - (NAVENG [On_Demand | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091020.006\NAVENG.SYS (Symantec Corporation)
DRV - (NAVEX15 [On_Demand | Running]) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20091020.006\NAVEX15.SYS (Symantec Corporation)
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVHDA [On_Demand | Running]) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (nvlddmkm [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (rimmptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimmptsk.sys (REDC)
DRV - (rimsptsk [Auto | Running]) -- C:\Windows\System32\DRIVERS\rimsptsk.sys (REDC)
DRV - (rismxdp [Auto | Running]) -- C:\Windows\System32\DRIVERS\rixdptsk.sys (REDC)
DRV - (SASDIFSV [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASENUM [On_Demand | Stopped]) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL [System | Running]) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (smserial [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\smserial.sys (Motorola Inc.)
DRV - (SNP2UVC [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\snp2uvc.sys ()
DRV - (sptd [Boot | Running]) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SRS_PremiumSound_Service [On_Demand | Running]) -- C:\Windows\System32\drivers\srs_PremiumSound_i386.sys ()
DRV - (SRTSP [On_Demand | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SRTSP.SYS (Symantec Corporation)
DRV - (SRTSPX [System | Running]) -- C:\Windows\system32\drivers\NIS\1007020.00B\SRTSPX.SYS (Symantec Corporation)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (SymEFA [Boot | Running]) -- C:\Windows\system32\drivers\NIS\1007020.00B\SYMEFA.SYS (Symantec Corporation)
DRV - (SymEvent [On_Demand | Running]) -- C:\Windows\System32\Drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMFW [On_Demand | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMFW.SYS (Symantec Corporation)
DRV - (SymIM [System | Running]) -- C:\Windows\System32\DRIVERS\SymIMv.sys (Symantec Corporation)
DRV - (SYMNDISV [On_Demand | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMTDI [System | Running]) -- C:\Windows\System32\Drivers\NIS\1007020.00B\SYMTDI.SYS (Symantec Corporation)
DRV - (SynTP [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV - (TcUsb [On_Demand | Running]) -- C:\Windows\System32\Drivers\tcusb.sys (UPEK Inc.)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (usb_rndisx [On_Demand | Running]) -- C:\Windows\System32\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\wimfltr.sys (Microsoft Corporation)
DRV - (WINUSB [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\WinUSB.SYS (Microsoft Corporation)
DRV - (yukonwlh [On_Demand | Stopped]) -- C:\Windows\System32\DRIVERS\yk60x86.sys (Marvell)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://google.sk"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0
FF - prefs.js..extensions.enabledItems: {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/14 22:27:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/15 00:14:02 | 00,000,000 | ---D | M]

[2009/09/11 15:56:39 | 00,000,000 | ---D | M] -- C:\Users\Kobra\AppData\Roaming\mozilla\Extensions
[2009/09/11 15:56:39 | 00,000,000 | ---D | M] -- C:\Users\Kobra\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/20 00:20:46 | 00,000,000 | ---D | M] -- C:\Users\Kobra\AppData\Roaming\mozilla\Firefox\Profiles\73mp7gaq.default\extensions
[2009/10/15 00:13:44 | 00,000,000 | ---D | M] -- C:\Users\Kobra\AppData\Roaming\mozilla\Firefox\Profiles\73mp7gaq.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/15 11:54:00 | 00,002,255 | ---- | M] () -- C:\Users\Kobra\AppData\Roaming\Mozilla\FireFox\Profiles\73mp7gaq.default\searchplugins\askcom.xml
[2009/10/20 21:53:34 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/11 15:55:14 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/09/15 01:40:22 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/24 22:24:40 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/24 22:24:40 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/09/15 01:40:03 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/02/06 12:44:28 | 01,447,296 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/08/24 22:24:40 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/10/09 20:00:00 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/09/15 11:15:14 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/09/15 11:15:14 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/09/15 11:15:14 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/09/15 11:15:14 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/09/15 11:15:14 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/09/15 11:15:15 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/09/15 11:15:15 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2009/10/09 20:00:00 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/09/23 16:37:30 | 00,032,448 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\mozilla firefox\plugins\np_gp.dll
[2009/08/24 21:37:14 | 00,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2009/08/24 21:37:14 | 00,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2009/08/24 21:37:14 | 00,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2009/08/24 21:37:14 | 00,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/08/24 21:37:14 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/08/24 21:37:14 | 00,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2009/08/24 21:37:14 | 00,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2009/08/24 21:37:14 | 00,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: (27 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Pomocník pri prihlasovaní v konte Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Users\Kobra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll (Symantec Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\spba: DllName - C:\Program Files\Common Files\SPBA\homefus2.dll - C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

pokracovanie dalej...prilis vela znakov

Poprosim o kontrolu logu, mierne spomalenie PC Vyřešeno

Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Re: Poprosim o kontrolu logu, mierne spomalenie PC

Kdo je online