Prosím o kontrolu logu strašně pomalé načitáni stránek + Vyřešeno

[gena17]

Dobrý den prosím o kontrolu logu.mam docela rychlý net ,ale strašně pomalu se načítají stránky.Někdy se nenačtou vůbec
Pro ukázku :Výsledek testu (rychlost, kvalita)
Download: 7 688,40 kbit/s (961,05 kB/s) 1 výborné
Upload: 1 782,90 kbit/s (222,86 kB/s) 1 výborné
Web odezva: 14.5ms20.1ms32.9ms 1 výborné
Stabilita: 61.5 % 3 dobré
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:05:32, on 6.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\NetLimiter 2 Monitor\NLClient.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Public\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... pl=11&qkw=%s&tbid=%tb_id&%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate1cabfb7c098d968) (gupdate1cabfb7c098d968) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe
O23 - Service: PRTG 7 Core Server Service (PRTG7CoreService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Server.exe
O23 - Service: PRTG 7 Probe Service (PRTG7ProbeService) - Paessler AG - C:\Program Files\PRTG Network Monitor\PRTG Probe.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 10361 bytes
Děkuji za kontrolu

[Reklama]

[memphisto]

Odinstaluj:
Inbox Toolbar
Crawler Toolbar
Daemon Tools Toolbar
Vypni štít Windows Defendera - máš AVG

v logu fixni:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... pl=11&qkw=%s&tbid=%tb_id&%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14597&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=cs
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

---

dej start - spustit - services.msc - najdi a ukonči/smaž tuto službu:
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)

---

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

---

Vypni si rez.ochrany i firewall.
Stáhni si Dr. Web CureIt
dej update , po aktualizaci dej start.
Tlacitky dole muzeš soubor léčit(systémové soubory), smazat, přesunout nebo přejmenovat

---

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[gena17]

tak jsem provedl vše jen toto my nešlo najít ani odstranit dej start - spustit - services.msc - najdi a ukonči
Log z Malwarebytes' Anti-Malware
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 5062

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

6.11.2010 21:03:01
mbam-log-2010-11-06 (21-03-01).txt

Typ skenu: Rychlý sken
Skenované objekty: 165207
Uplynulý čas: 7 minuta(y), 55 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Users\Mamka\downloads\PopularScreenSavers.exe (PUP.FunWebProducts) -> No action taken.
A problém pořad stejný

[memphisto]

- Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[gena17]

LOG Z KOMBO-FIXU

ComboFix 10-11-07.01 - Nešpor 07.11.2010 7:59.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3062.1888 [GMT 1:00]
Spuštěný z: c:\users\Nešpor\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
.
---- Předchozí spuštění -------
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
c:\users\NEPOR~1\AppData\Local\Temp\div1F23.tmp\div1FDF.tmp
c:\users\NEPOR~1\AppData\Local\Temp\div1F23.tmp\div282C.tmp
c:\users\NEPOR~1\AppData\Local\Temp\div7301.tmp\div741A.tmp
c:\users\NEPOR~1\AppData\Local\Temp\div7301.tmp\div7AF1.tmp
c:\users\NEPOR~1\AppData\Local\Temp\divB961.tmp\divBDC5.tmp
c:\users\NEPOR~1\AppData\Local\Temp\divB961.tmp\divC5D3.tmp
c:\users\Public\jusched.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\Norton Security Scan for Nešpor.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_VDSDK
-------\Service_VDSDK
-------\Legacy_VDSDK
-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2010-10-07 do 2010-11-07 )))))))))))))))))))))))))))))))
.

2010-11-07 07:22 . 2010-11-07 07:34 -------- d-----w- c:\users\Nešpor\AppData\Local\temp
2010-11-07 07:22 . 2010-11-07 07:22 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-11-07 07:22 . 2010-11-07 07:22 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2010-11-07 07:22 . 2010-11-07 07:22 -------- d-----w- c:\users\Laura\AppData\Local\temp
2010-11-07 07:22 . 2010-11-07 07:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-06 19:49 . 2010-11-06 19:49 -------- d-----w- c:\users\Nešpor\AppData\Roaming\Malwarebytes
2010-11-06 19:49 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-06 19:49 . 2010-11-07 05:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-06 19:49 . 2010-11-06 19:49 -------- d-----w- c:\programdata\Malwarebytes
2010-11-06 19:49 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-06 18:23 . 2010-11-06 18:23 -------- d-----w- c:\users\Nešpor\DoctorWeb
2010-11-06 10:32 . 2010-11-06 10:32 -------- d-----w- c:\program files\S3
2010-11-06 10:15 . 2010-11-06 10:15 -------- d-----w- c:\program files\GLScene
2010-11-06 09:54 . 2010-11-06 09:54 -------- d-----w- c:\users\Nešpor\AppData\Roaming\flightgear.org
2010-11-06 09:54 . 2010-11-06 09:54 -------- d-----w- c:\users\Nešpor\AppData\Roaming\fltk.org
2010-11-06 09:53 . 2010-11-06 09:58 -------- d-----w- c:\program files\FlightGear
2010-11-05 18:52 . 2010-11-05 18:52 -------- d-----w- c:\program files\MyPlayCity.com
2010-11-05 18:47 . 2010-11-05 18:47 -------- d-----w- c:\program files\Sea Cow Games
2010-11-05 18:47 . 1997-11-19 14:49 303616 ----a-w- c:\windows\IsUninst.exe
2010-11-05 16:34 . 2010-11-05 16:34 724992 ----a-w- c:\windows\iun6002.exe
2010-11-05 16:34 . 2010-11-05 16:34 -------- d-----w- c:\program files\FA-18 OIF Demo
2010-11-03 15:33 . 2010-10-27 17:25 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2010-11-03 15:33 . 2010-10-27 17:21 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-11-03 15:33 . 2010-10-27 17:21 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2010-11-03 15:33 . 2010-11-03 15:50 -------- d-----w- c:\program files\TuneUp Utilities 2011
2010-11-03 15:31 . 2010-11-03 15:31 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-11-01 11:21 . 2010-11-01 11:22 -------- d-----w- c:\users\Mamka\AppData\Local\Nokia
2010-10-31 17:07 . 2010-10-31 17:09 -------- d-----w- c:\users\Laura\AppData\Local\Nero
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\VDLL.DLL
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\system32\runouce.exe
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\rundll16.exe
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\logo1_.exe
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\logo_1.exe
2010-10-28 13:32 . 2010-10-28 13:32 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-10-28 13:32 . 2010-10-28 13:32 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-10-28 13:32 . 2010-10-28 13:32 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-10-28 13:32 . 2010-10-28 13:32 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-10-28 13:31 . 2010-10-28 13:32 -------- d-----w- c:\programdata\MicroWorld
2010-10-27 03:38 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 03:38 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 03:38 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 18:50 . 2010-10-23 18:50 -------- d-----w- c:\program files\StrongDC++
2010-10-23 11:07 . 2010-10-23 11:07 -------- d-----w- c:\windows\cs
2010-10-23 11:06 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-23 04:24 . 2010-10-23 04:24 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\392b62f91cb726a2c\InstallManager_WLE_WLE.exe
2010-10-23 04:24 . 2010-10-23 04:24 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d17cda91cb726a1f\MeshBetaRemover.exe
2010-10-23 04:24 . 2010-10-23 04:24 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\DSETUP.dll
2010-10-23 04:24 . 2010-10-23 04:24 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\DXSETUP.exe
2010-10-23 04:24 . 2010-10-23 04:24 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\dsetup32.dll
2010-10-23 04:24 . 2010-10-23 04:24 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\DSETUP.dll
2010-10-23 04:24 . 2010-10-23 04:24 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\DXSETUP.exe
2010-10-23 04:24 . 2010-10-23 04:24 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\dsetup32.dll
2010-10-23 04:23 . 2010-11-04 15:56 -------- d-----w- c:\users\Nešpor\AppData\Local\Windows Live
2010-10-23 04:22 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-21 12:54 . 2010-10-21 12:54 -------- d-----w- c:\users\Laura\AppData\Roaming\DivX
2010-10-20 13:37 . 2010-11-06 09:27 -------- d-----w- c:\programdata\Systweak
2010-10-19 17:27 . 2010-10-19 17:27 -------- d-----w- c:\program files\SpeedFan
2010-10-19 16:31 . 2010-11-06 09:27 -------- d-----w- c:\users\Nešpor\AppData\Roaming\Systweak
2010-10-19 07:00 . 2010-10-19 07:01 -------- d-----w- c:\users\Laura\AppData\Roaming\DAEMON Tools Lite
2010-10-17 07:05 . 2010-11-06 16:59 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-10-17 07:04 . 2010-10-17 07:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-10-17 07:03 . 2010-10-17 07:14 -------- d-----w- c:\users\Nešpor\AppData\Roaming\DAEMON Tools Lite
2010-10-17 07:03 . 2010-10-17 07:04 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-10-16 14:00 . 2010-11-05 18:19 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-10-15 15:07 . 2010-10-25 21:31 -------- d-----w- c:\users\Nešpor\AppData\Roaming\vlc
2010-10-15 15:07 . 2010-10-15 15:07 -------- d-----w- c:\program files\VideoLAN
2010-10-14 17:59 . 2010-10-14 17:59 -------- d-----w- c:\programdata\Nokia
2010-10-10 17:08 . 2009-07-14 17:45 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2010-10-10 17:08 . 2009-07-14 17:48 567808 ----a-w- c:\windows\system32\WUDFx.dll
2010-10-10 17:08 . 2009-07-14 17:48 64512 ----a-w- c:\windows\system32\WUDFSvc.dll
2010-10-10 17:08 . 2009-07-14 17:48 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2010-10-10 17:08 . 2009-07-14 17:48 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll
2010-10-10 17:08 . 2009-07-14 17:45 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2010-10-10 17:08 . 2009-07-14 17:45 195584 ----a-w- c:\windows\system32\WUDFHost.exe
2010-10-10 17:00 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-10-10 17:00 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-10-10 16:56 . 2010-10-10 17:01 -------- d-----w- c:\users\Nešpor\AppData\Local\Nokia
2010-10-10 16:55 . 2010-10-10 16:55 -------- d-----w- c:\program files\Common Files\Nokia
2010-10-10 16:54 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-10-10 16:53 . 2010-10-10 16:53 -------- d-----w- c:\program files\PC Connectivity Solution
2010-10-10 16:12 . 2010-10-10 16:12 -------- d-----w- c:\program files\FreeTime
2010-10-09 13:35 . 2010-10-09 13:36 -------- d-----w- C:\Y.D.T
2010-10-09 13:35 . 2010-10-09 13:36 -------- d-----w- c:\program files\E.M. Youtube Video Download Tool

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-07 07:33 . 2009-08-05 01:08 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-11-07 07:33 . 2010-08-27 22:12 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2010-10-28 13:43 . 2010-10-28 13:41 16252315 ----a-w- c:\windows\REGBK00.ZIP
2010-10-17 07:04 . 2010-10-17 07:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys.10878736
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-15 02:50 . 2010-07-23 08:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-26 16:33 . 2010-10-27 03:38 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 03:38 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-27 03:38 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 03:38 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-17 14:11 . 2010-10-07 05:46 128000 ----a-w- c:\windows\system32\spoolsv.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-20 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-20 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-23 6707744]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2009-08-05 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-08-05 33136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-05 1029416]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]

c:\users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Fetch]
2010-08-07 06:41 828 ----a-w- c:\program files\Driver Fetch\Driver Fetch.lnk

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ADSMTray"=c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 gupdate1cabfb7c098d968;Služba Google Update (gupdate1cabfb7c098d968);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 133104]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-03-30 23456]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2010-07-25 20088]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2010-03-25 82360]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PRTG7CoreService;PRTG 7 Core Server Service;c:\program files\PRTG Network Monitor\PRTG Server.exe [2010-03-02 3310376]
S2 PRTG7ProbeService;PRTG 7 Probe Service;c:\program files\PRTG Network Monitor\PRTG Probe.exe [2010-03-02 3396392]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-07 38976]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]

2010-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]

2010-11-07 c:\windows\Tasks\User_Feed_Synchronization-{CD7537E4-AFDE-4F8C-B01B-81CE5E3D08A3}.job
- c:\windows\system32\msfeedssync.exe [2010-10-15 04:25]
.
.
------- Doplňkový sken -------
.
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c12844f ... &lng=cs&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\components\FFExternalAlert.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\components\RadioWMPCore.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3524426304-1737470713-3755686768-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,17,f6,cc,26,9b,3c,88,77,8c,27,4e,57,05,99,01,59,e0,29,a6,c5,
4d,19,29,bc,8b,84,81,9a,9f,b4,34,bd,34,e2,fd,68,2b,6f,fa,5f,a0,78,b7,60,dc,\
"rkeysecu"=hex:15,c7,10,88,da,a3,35,2d,f2,8b,34,4c,7f,63,6f,8e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3216)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\NetLimiter 2 Monitor\nlsvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\program files\NetLimiter 2 Monitor\NLClient.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\program files\Google\Update\1.2.183.39\GoogleCrashHandler.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wbem\WmiApSrv.exe
.
**************************************************************************
.
Celkový čas: 2010-11-07 08:38:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-07 07:38
ComboFix2.txt 2010-09-01 03:30

Před spuštěním: Volných bajtů: 128 446 758 912
Po spuštění: Volných bajtů: 128 420 937 728

- - End Of File - - D4673C452EF7A6058B9BB076938C0362

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

Folder::
c:\windows\VDLL.DLL
c:\windows\system32\runouce.exe
c:\program files\DAEMON Tools Toolbar

File::
c:\windows\REGBK00.ZIP
c:\windows\iun6002.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= -
"EnableLinkedConnections"= -

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Firefox::
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c12844f ... &lng=cs&q=



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\system32\acovcnt.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[gena17]

Ahoj promiň že to tak dlouho trvalo ale řešil jsem další problém se zamrzáním noťasu

ComboFix 10-11-07.A2 - Nešpor 08.11.2010 16:33:17.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3062.1816 [GMT 1:00]
Spuštěný z: c:\users\Nešpor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Nešpor\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\windows\iun6002.exe"
"c:\windows\REGBK00.ZIP"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\DAEMON Tools Toolbar
c:\program files\DAEMON Tools Toolbar\_DTLite.xml
c:\windows\iun6002.exe
c:\windows\REGBK00.ZIP
c:\windows\system32\runouce.exe
c:\windows\VDLL.DLL

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-08 do 2010-11-08 )))))))))))))))))))))))))))))))
.

2010-11-08 15:56 . 2010-11-08 15:56 -------- d-----w- c:\users\Nešpor\AppData\Local\temp
2010-11-08 15:56 . 2010-11-08 15:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-11-08 15:56 . 2010-11-08 15:56 -------- d-----w- c:\users\Mamka\AppData\Local\temp
2010-11-08 15:56 . 2010-11-08 15:56 -------- d-----w- c:\users\Laura\AppData\Local\temp
2010-11-08 15:56 . 2010-11-08 15:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-08 04:47 . 2010-11-08 14:42 -------- d-----w- c:\programdata\Kaspersky Lab
2010-11-07 11:06 . 2010-10-18 08:41 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6E7293DC-83AA-47A7-9E2B-4F544910104C}\mpengine.dll
2010-11-06 19:49 . 2010-11-06 19:49 -------- d-----w- c:\users\Nešpor\AppData\Roaming\Malwarebytes
2010-11-06 19:49 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-06 19:49 . 2010-11-07 05:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-06 19:49 . 2010-11-06 19:49 -------- d-----w- c:\programdata\Malwarebytes
2010-11-06 19:49 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-06 18:23 . 2010-11-06 18:23 -------- d-----w- c:\users\Nešpor\DoctorWeb
2010-11-06 10:32 . 2010-11-06 10:32 -------- d-----w- c:\program files\S3
2010-11-06 10:15 . 2010-11-06 10:15 -------- d-----w- c:\program files\GLScene
2010-11-06 09:54 . 2010-11-06 09:54 -------- d-----w- c:\users\Nešpor\AppData\Roaming\flightgear.org
2010-11-06 09:54 . 2010-11-06 09:54 -------- d-----w- c:\users\Nešpor\AppData\Roaming\fltk.org
2010-11-06 09:53 . 2010-11-06 09:58 -------- d-----w- c:\program files\FlightGear
2010-11-05 18:52 . 2010-11-05 18:52 -------- d-----w- c:\program files\MyPlayCity.com
2010-11-05 18:47 . 2010-11-05 18:47 -------- d-----w- c:\program files\Sea Cow Games
2010-11-05 18:47 . 1997-11-19 14:49 303616 ----a-w- c:\windows\IsUninst.exe
2010-11-05 16:34 . 2010-11-05 16:34 -------- d-----w- c:\program files\FA-18 OIF Demo
2010-11-03 15:33 . 2010-10-27 17:25 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2010-11-03 15:33 . 2010-10-27 17:21 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-11-03 15:33 . 2010-10-27 17:21 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2010-11-03 15:33 . 2010-11-03 15:50 -------- d-----w- c:\program files\TuneUp Utilities 2011
2010-11-03 15:31 . 2010-11-03 15:31 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2010-11-01 11:21 . 2010-11-01 11:22 -------- d-----w- c:\users\Mamka\AppData\Local\Nokia
2010-10-31 17:07 . 2010-10-31 17:09 -------- d-----w- c:\users\Laura\AppData\Local\Nero
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\rundll16.exe
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\logo1_.exe
2010-10-28 13:35 . 2010-10-28 13:35 -------- d---a-w- c:\windows\logo_1.exe
2010-10-28 13:32 . 2010-10-28 13:32 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-10-28 13:32 . 2010-10-28 13:32 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-10-28 13:32 . 2010-10-28 13:32 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-10-28 13:32 . 2010-10-28 13:32 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-10-28 13:31 . 2010-10-28 13:32 -------- d-----w- c:\programdata\MicroWorld
2010-10-27 03:38 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 03:38 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 03:38 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 18:50 . 2010-10-23 18:50 -------- d-----w- c:\program files\StrongDC++
2010-10-23 11:07 . 2010-10-23 11:07 -------- d-----w- c:\windows\cs
2010-10-23 11:06 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-23 04:24 . 2010-10-23 04:24 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\392b62f91cb726a2c\InstallManager_WLE_WLE.exe
2010-10-23 04:24 . 2010-10-23 04:24 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d17cda91cb726a1f\MeshBetaRemover.exe
2010-10-23 04:24 . 2010-10-23 04:24 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\DSETUP.dll
2010-10-23 04:24 . 2010-10-23 04:24 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\DXSETUP.exe
2010-10-23 04:24 . 2010-10-23 04:24 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\22866b891cb726a18\dsetup32.dll
2010-10-23 04:24 . 2010-10-23 04:24 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\DSETUP.dll
2010-10-23 04:24 . 2010-10-23 04:24 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\DXSETUP.exe
2010-10-23 04:24 . 2010-10-23 04:24 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\2192bcb91cb726a17\dsetup32.dll
2010-10-23 04:23 . 2010-11-04 15:56 -------- d-----w- c:\users\Nešpor\AppData\Local\Windows Live
2010-10-23 04:22 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-21 12:54 . 2010-10-21 12:54 -------- d-----w- c:\users\Laura\AppData\Roaming\DivX
2010-10-20 13:37 . 2010-11-06 09:27 -------- d-----w- c:\programdata\Systweak
2010-10-19 17:27 . 2010-10-19 17:27 -------- d-----w- c:\program files\SpeedFan
2010-10-19 16:31 . 2010-11-06 09:27 -------- d-----w- c:\users\Nešpor\AppData\Roaming\Systweak
2010-10-19 07:00 . 2010-10-19 07:01 -------- d-----w- c:\users\Laura\AppData\Roaming\DAEMON Tools Lite
2010-10-17 07:04 . 2010-10-17 07:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-10-17 07:03 . 2010-10-17 07:14 -------- d-----w- c:\users\Nešpor\AppData\Roaming\DAEMON Tools Lite
2010-10-17 07:03 . 2010-10-17 07:04 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-10-16 14:00 . 2010-11-05 18:19 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-10-15 15:07 . 2010-10-25 21:31 -------- d-----w- c:\users\Nešpor\AppData\Roaming\vlc
2010-10-15 15:07 . 2010-10-15 15:07 -------- d-----w- c:\program files\VideoLAN
2010-10-14 17:59 . 2010-10-14 17:59 -------- d-----w- c:\programdata\Nokia
2010-10-10 17:08 . 2009-07-14 17:45 132224 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2010-10-10 17:08 . 2009-07-14 17:48 567808 ----a-w- c:\windows\system32\WUDFx.dll
2010-10-10 17:08 . 2009-07-14 17:48 64512 ----a-w- c:\windows\system32\WUDFSvc.dll
2010-10-10 17:08 . 2009-07-14 17:48 39936 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2010-10-10 17:08 . 2009-07-14 17:48 162304 ----a-w- c:\windows\system32\WUDFPlatform.dll
2010-10-10 17:08 . 2009-07-14 17:45 92672 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2010-10-10 17:08 . 2009-07-14 17:45 195584 ----a-w- c:\windows\system32\WUDFHost.exe
2010-10-10 17:00 . 2009-07-14 17:45 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2010-10-10 17:00 . 2009-07-14 17:45 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2010-10-10 16:56 . 2010-10-10 17:01 -------- d-----w- c:\users\Nešpor\AppData\Local\Nokia
2010-10-10 16:55 . 2010-10-10 16:55 -------- d-----w- c:\program files\Common Files\Nokia
2010-10-10 16:54 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-10-10 16:53 . 2010-10-10 16:53 -------- d-----w- c:\program files\PC Connectivity Solution
2010-10-10 16:12 . 2010-10-10 16:12 -------- d-----w- c:\program files\FreeTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-08 14:59 . 2009-08-05 01:08 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-11-08 14:59 . 2010-08-27 22:12 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys
2010-10-19 10:41 . 2010-03-09 14:50 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-17 07:04 . 2010-10-17 07:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys.10878736
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-15 02:50 . 2010-07-23 08:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-08-26 16:33 . 2010-10-27 03:38 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 03:38 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-27 03:38 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-26 16:33 . 2010-10-27 03:38 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-17 14:11 . 2010-10-07 05:46 128000 ----a-w- c:\windows\system32\spoolsv.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-18 7737344]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-20 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-20 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-12-23 6707744]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2009-08-05 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-08-05 33136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-05 1029416]
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]

c:\users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-2-16 384512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Fetch]
2010-08-07 06:41 828 ----a-w- c:\program files\Driver Fetch\Driver Fetch.lnk

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"WMPNSCFG"=c:\program files\Windows Media Player\WMPNSCFG.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ADSMTray"=c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
R2 gupdate1cabfb7c098d968;Služba Google Update (gupdate1cabfb7c098d968);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 133104]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2010-03-30 23456]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2010-07-25 20088]
S1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2010-03-25 82360]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S2 PRTG7CoreService;PRTG 7 Core Server Service;c:\program files\PRTG Network Monitor\PRTG Server.exe [2010-03-02 3310376]
S2 PRTG7ProbeService;PRTG 7 Probe Service;c:\program files\PRTG Network Monitor\PRTG Probe.exe [2010-03-02 3396392]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
S3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [2010-11-08 38976]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-07 10064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]

2010-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-09 18:38]

2010-11-08 c:\windows\Tasks\User_Feed_Synchronization-{CD7537E4-AFDE-4F8C-B01B-81CE5E3D08A3}.job
- c:\windows\system32\msfeedssync.exe [2010-10-15 04:25]
.
.
------- Doplňkový sken -------
.
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c12844f ... &lng=cs&q=
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\components\FFExternalAlert.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\components\RadioWMPCore.dll
FF - component: c:\users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-FA-18 Operation Iraqi Freedom DemoVersion 1.0 - c:\windows\iun6002.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-08 16:56
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3524426304-1737470713-3755686768-1000\Software\SecuROM\License information*]
"datasecu"=hex:e7,17,f6,cc,26,9b,3c,88,77,8c,27,4e,57,05,99,01,59,e0,29,a6,c5,
4d,19,29,bc,8b,84,81,9a,9f,b4,34,bd,34,e2,fd,68,2b,6f,fa,5f,a0,78,b7,60,dc,\
"rkeysecu"=hex:15,c7,10,88,da,a3,35,2d,f2,8b,34,4c,7f,63,6f,8e

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3976)
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
Celkový čas: 2010-11-08 16:59:03
ComboFix-quarantined-files.txt 2010-11-08 15:59
ComboFix2.txt 2010-11-07 07:38
ComboFix3.txt 2010-09-01 03:30

Před spuštěním: Volných bajtů: 123 628 486 656
Po spuštění: Volných bajtů: 123 720 351 744

- - End Of File - - 7BF35A01C0DBC4289FFBE214BB6BCC3D

[gena17]

ODKAZ

http://www.virustotal.com/file-scan/report.html?id=aaf659e3d38ad04848a9c3ed6250b30dc13acc8ac9f527a11f0c14e6ec8735b2-1289232396

LOG Z OTL: Extras.Txt
OTL Extras logfile created on: 8.11.2010 17:21:02 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Nešpor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 115,23 Gb Free Space | 49,48% Space Free | Partition Type: NTFS
Drive D: | 223,11 Gb Total Space | 144,25 Gb Free Space | 64,65% Space Free | Partition Type: NTFS

Computer Name: NESPOR-PC | User Name: Nešpor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01303466-674D-4C01-9899-AECE4ACD0F3C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{14C51449-66B7-4BD1-A638-7471B7506153}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1B3F6F4A-CCF4-4750-9E70-9723403FA125}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D120797-D580-4CC4-A03C-6E2E833F26AE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1E0CA673-A138-4190-8820-F3A05D0000EE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1F34987E-C468-4AA0-A5B2-FD42044EA10C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3E807A66-AF29-47C4-A495-ABAF51383DBA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{536149A4-E3F1-4E32-8085-22958420CEB7}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54480B64-681A-4501-96E4-ED93124ABE35}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6A70B84D-67CD-4721-A7A4-D68E1FE0A372}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6EFE53CE-3FB4-4D20-B43C-8BFEB66DA469}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{80B1B4BD-1F7E-4ADC-B85B-8257A56E6BFD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82C8B2D8-E4B7-4F43-B985-EAC1171E026E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9ECE7FDF-DDF1-42DE-9017-151DAADC3CB3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B625F068-1912-4B7C-B819-7962CD0BB85B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D533B63C-558B-4A3E-8FDF-D2FB65E857CA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DFBA6ADA-76B3-467F-8CF3-1F058896F2F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F00251B7-10EC-4938-AD3F-73AD1A467ECB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE288156-BDAA-4C5F-BA78-67A45CA583C0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0232BFFF-779C-4D38-8254-53BAF8A775D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06807C62-10DD-4BD0-A752-B1ACDB8C10B4}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{06904256-063A-44C3-94C8-B1340F95ED2E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{0922F263-6F38-473A-85F5-B2EFD7AAEF09}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{093B3C8E-D880-4643-A881-DA85A6ECEA1D}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{0E38B223-DEFF-4A10-BED9-5C6AD95B2B80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{219A9B90-03C0-48E8-A621-44D970744D96}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2FEB624F-2EEC-44FB-BA13-8EADBEBDA4A3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{31A0FEF9-90F6-4A87-A594-C847119E2BD3}" = protocol=6 | dir=in | app=c:\program files\prtg network monitor\prtg probe.exe |
"{37757A7A-2B55-4104-A6B5-B2C5CDF7ED34}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{3E520B79-445A-49D5-8332-3078814E67DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{40CBB705-E3C6-43F2-BF13-443C2B842D61}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4C852571-DB86-4A03-97D2-8E9627F37BAC}" = protocol=6 | dir=in | app=c:\program files\prtg network monitor\prtg server administrator.exe |
"{4E1AF2BD-3AE8-4C26-A59B-01660061368A}" = protocol=17 | dir=in | app=c:\program files\prtg network monitor\prtg probe.exe |
"{52FBBD46-542F-4909-9F04-594D7CA86B3F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{548BADF3-765C-472B-A938-5D28F827C39D}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{55275CE4-F457-4A13-A94F-089CE772D7BD}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{5BDEDF8E-6ACE-4C95-95FB-4F780D2BADEA}" = protocol=17 | dir=in | app=c:\program files\prtg network monitor\prtg server.exe |
"{6163778D-4926-43D7-8AAB-2AF35C242964}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{6933D6D8-2734-41E9-A3AA-B14DDFF33DAE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{71F94212-A53E-498B-9CC3-8BBECF4FBC31}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{7397E263-1463-4131-B031-473C4E431408}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{7B8E6598-B59D-410A-9235-5FA63B831E9E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7CB1C81A-B8D6-4BAB-B0F7-05D4380BBF83}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{83C62FAD-D0AE-41FB-A070-E3CF51946095}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{8A82B2C5-B8C3-481D-B8C2-BEC48DC99FF1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F65A56F-1B1B-435E-8919-3F49DF59FF62}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{941DA9E4-A641-4245-834C-BB15B61CF716}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{961F630E-CCE1-48CC-B8B5-37CD95D27677}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{99F47DAB-9EA1-479F-A2F0-5C942A001528}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{9D473AF4-6155-4E28-AE42-1EE493B9B2A4}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{A262FA2C-0A92-4485-8C7D-E13AEB90035B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2A870B0-9E86-48A2-B169-3702BA74DDC7}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{B6715F17-6643-4F77-8234-BA1DC044A678}" = protocol=6 | dir=in | app=c:\program files\prtg network monitor\prtg server.exe |
"{BD544B3E-3344-4D16-A42C-EB195875A252}" = protocol=6 | dir=out | app=system |
"{C6D029D9-C797-42F8-AE35-05036B4FCC09}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C9FEA3E1-26A6-4DF3-AE68-608742709D91}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D5008333-5FD3-4968-8049-A1DC047CA59E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E662779E-88EB-408F-8CE6-CDFF3A9256E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC333F9D-1F91-4F27-B583-380BE8373275}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FA7E10C9-1A2B-4647-87D3-559319FC08D3}" = protocol=17 | dir=in | app=c:\program files\prtg network monitor\prtg server administrator.exe |
"{FB300288-D45D-4D25-BFC8-4FD161D4D88B}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{FFD669A2-0589-4A63-AF35-CF5C1FD5FDF3}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"TCP Query User{09E5466E-A8EE-4D62-AEB4-50A1A34ED94C}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{1769EA8A-0D8E-4E74-A9AB-FC03521A644D}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{186C83E2-C6E8-494F-8B1A-326EB9259515}C:\users\nešpor\desktop\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nešpor\desktop\strongdc.exe |
"TCP Query User{35385AFA-9B4F-4E63-937B-55604AC60085}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{37F9B6EB-A4ED-4153-820C-D12014734433}C:\program files\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"TCP Query User{4DC9241B-2AF7-4E9B-A070-1CA9B636A1A0}C:\users\nešpor\appdata\local\temp\rar$ex03.060\utorrent.exe" = protocol=6 | dir=in | app=c:\users\nešpor\appdata\local\temp\rar$ex03.060\utorrent.exe |
"TCP Query User{66201D56-5744-4176-9585-42E30689BE1B}C:\users\nešpor\appdata\local\screamer radio\screamer.exe" = protocol=6 | dir=in | app=c:\users\nešpor\appdata\local\screamer radio\screamer.exe |
"TCP Query User{75086853-52D5-4E03-9D41-95A800CF74BB}C:\program files\flightgear\bin\win32\fgfs.exe" = protocol=6 | dir=in | app=c:\program files\flightgear\bin\win32\fgfs.exe |
"TCP Query User{891EBA2C-0C8A-4018-A227-8D4E11EF44B1}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{94CD8D21-F4B9-4BAD-AD07-62CFCBEF3BC6}C:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe |
"TCP Query User{983EAF97-F009-4CB0-9890-02AE5C30380D}C:\program files\ea sports\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=c:\program files\ea sports\nhl 09\nhl2009.exe |
"TCP Query User{A8116576-751B-482C-9831-5E3E34CD94E4}C:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe |
"TCP Query User{B1E50F26-2A4E-490D-8E7F-77A9DCE3F8D0}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{B89A3A54-7A2B-47E1-86C8-15870FEDE94F}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{C63034AE-CC7A-4EA1-8B59-B249833AD23B}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe" = protocol=6 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe |
"TCP Query User{CDCDC7F2-A2FC-4961-A96F-5670AFF114A5}C:\program files\strongdc++\strongdc.exe" = protocol=6 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"TCP Query User{D61E0DF0-066C-4119-808A-356F9C55C75B}C:\users\nešpor\appdata\local\temp\rar$ex00.779\strongdc.exe" = protocol=6 | dir=in | app=c:\users\nešpor\appdata\local\temp\rar$ex00.779\strongdc.exe |
"TCP Query User{E6C939C7-3E3A-463F-95BB-A1C9042DD2AD}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{0620B235-3966-4C6D-9C4B-EA443B2FBF05}C:\users\nešpor\desktop\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nešpor\desktop\strongdc.exe |
"UDP Query User{06312815-E494-4415-88B6-D893599C5D2D}C:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{12696458-F290-4983-8D2C-FE4EDD851E35}C:\users\nešpor\appdata\local\temp\rar$ex00.779\strongdc.exe" = protocol=17 | dir=in | app=c:\users\nešpor\appdata\local\temp\rar$ex00.779\strongdc.exe |
"UDP Query User{1BBF0CF9-2A73-4199-8C58-472FB502412D}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{3AE7EF36-ADB2-4E4F-8114-D52AD76D1E51}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{41FCE970-83E3-4D12-BE57-8D5FCDF6582B}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{4617ED08-DFDB-4DDE-AFA2-4A1A3CEC0127}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{4B689E48-ACA9-4AA5-B0B2-D79EEF576467}C:\program files\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"UDP Query User{5A1A6DCF-0A28-4A86-9799-9EF891C42026}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{91CADEDA-8013-4047-8912-CCC473617014}C:\program files\flightgear\bin\win32\fgfs.exe" = protocol=17 | dir=in | app=c:\program files\flightgear\bin\win32\fgfs.exe |
"UDP Query User{AB748125-80A9-446D-A4CF-38AA19FF503D}C:\users\nešpor\appdata\local\screamer radio\screamer.exe" = protocol=17 | dir=in | app=c:\users\nešpor\appdata\local\screamer radio\screamer.exe |
"UDP Query User{AF2BF0FF-9019-4A0B-8D90-3C646E8492AC}C:\program files\ea sports\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=c:\program files\ea sports\nhl 09\nhl2009.exe |
"UDP Query User{B69C8236-B3BA-46FB-A03A-8A57DA589FDC}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{BF55FEAB-A672-464C-A6C0-780A6BBC0BC4}C:\program files\strongdc++\strongdc.exe" = protocol=17 | dir=in | app=c:\program files\strongdc++\strongdc.exe |
"UDP Query User{C8894428-8A0D-4284-BCE0-9834BF941D22}C:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\laura\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{D1B82F7C-7D75-4C98-9DC5-0BEE52A49626}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{E55E77D9-2340-4B5B-943E-422A7FDF2CFE}C:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe" = protocol=17 | dir=in | app=c:\programdata\kaspersky lab setup files\kaspersky anti-virus 2009\czech\setup.exe |
"UDP Query User{EA37D354-D99D-4A37-BC7C-ADBDE2BD69A6}C:\users\nešpor\appdata\local\temp\rar$ex03.060\utorrent.exe" = protocol=17 | dir=in | app=c:\users\nešpor\appdata\local\temp\rar$ex03.060\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0891B708-EF3F-4D7E-9724-265245F46276}" = Windows Live Remote Service Resources
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{14ab2fd1-a2fb-4cab-8f00-9341c4ad392d}" = Nero Move it Trial
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21D8C2E6-3CAA-46EF-8401-96837800375D}" = Cropper
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{23BE4DF2-293D-4077-82F4-1FD8C269277C}" = TuneUp Utilities Language Pack (en-US)
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{248E4799-DB04-4B1A-902C-194669F995CE}" = Nero Move it
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}" = Safari
"{2FA1102F-DE05-4E79-8CED-E5BAABFC2FEF}" = Starshine 2.díl
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3A22B3BA-E751-4F37-8ACB-C34B81FFABAA}" = Moorhuhn Piraten - Demo
"{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1" = Video Download Capture V2.4.2
"{3EE1602F-41DB-4B94-9DF1-32D7C07F0A12}" = Conflict Desert Storm II
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{454F5782-A4C3-480E-A629-D435795DEFD8}" = Windows Live Remote Client Resources
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.03
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}" = OpenOffice.org 3.2
"{5EC294B8-98F8-4C20-BE73-F11A04295CA5}_is1" = PRTG Network Monitor
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F548A02-80BC-404D-BAE6-F05F9BF6B449}" = Nero DiscCopyGadget 10 Help (CHM)
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{62CF8923-31DC-4285-A23C-17CE5AA6A679}" = Express Gate
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{735BFEEC-D330-496A-85B2-DF1B56BF2BB0}_is1" = Driver Fetch
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.4.7.121
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{827B97A9-B347-4110-9F89-37AF2B758F94}" = NHL™ 09
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{870815CA-6B60-47B6-88DD-A67F42D2F03E}" = GPL MPEG-1/2 DirectShow Decoder Filter
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A30D5C0-BD4A-4E65-AADF-20A457DE6D38}" = Windows Live Family Safety
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EE72D39-DE32-4069-9E72-C1974546EFDD}" = RuneScape Launcher 1.0.2
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}" = Nero DiscCopy Gadget 10
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.5
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.2.3.258
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C3A13A35-63AC-427a-92E6-960C1D01FABB}" = Poradce pro upgrade na systém Windows 7
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A9DA4B-E4F9-FB49-017D-769FC540F1F0}" = EA Download Manager UI
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DC905847-D537-427F-BF91-47CC7ACCDE58}" = ASUS FancyStart
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEFA5390-8533-47B5-81F7-3816916BDC6F}" = Nero Move it Help
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E94603CA-2996-4154-8EE2-A5FCD4BFB500}" = Nokia Lifeblog 2.5
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2ABB3D1-0792-47B6-BDD7-C7AF613F0156}_is1" = AirBlast
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIMP2" = AIMP2
"Air Flashback_is1" = Air Flashback
"Ali_Baba" = Ali Baba a čtyřicet loupežníků
"Anti-Twin 2010-03-14 14.03.02" = Anti-Twin (Installation 14.3.2010)
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DivX Setup.divx.com" = DivX Setup
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Rip Factroy_is1" = DVD Rip Factroy v8.0.7.24
"DVDFab 6_is1" = DVDFab 6.0.3.6 (23/07/2009)
"E.M. Youtube Video Download Tool_is1" = E.M. Youtube Video Download Tool 2.45
"EA Download Manager" = EA Download Manager
"eMule" = eMule
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30
"ffdshow_is1" = ffdshow v1.1.3452 [2010-05-24]
"FlightGear_is1" = FlightGear v0.9.9
"FormatFactory" = FormatFactory 2.45
"Free YouTube Download_is1" = Free YouTube Download 1.2
"Gadwin PrintScreen" = Gadwin PrintScreen
"Game Cam" = Game Cam 2.2
"Google Chrome" = Google Chrome
"Harry Potter CZ" = Harry Potter CZ
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HWiNFO32_is1" = HWiNFO32 Version 3.58
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"Kobra 11_is1" = Kobra 11 Nitro
"Machinarium" = Machinarium
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NetLimiter 2 Monitor" = NetLimiter 2 Monitor (remove only)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Offshore Sailing" = Offshore Sailing
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 12.0" = RealPlayer
"Shot Online" = Shot Online
"ShotOnline International" = ShotOnline International- remove only
"Software Informer_is1" = Software Informer 1.0 BETA
"SpeedFan" = SpeedFan (remove only)
"Steamland" = Steamland
"StrongDC++" = StrongDC++ 2.41
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"TuneUpMedia" = TuneUp Companion 1.8.0
"TVWiz" = Intel(R) TV Wizard
"USB 2.0 UVC 1.3M WebCam" = USB 2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 1.1.4
"Warlords BC III_is1" = Warlords BC III
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12
"ZonerPhotoStudio12_EN_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4.11.2010 0:21:28 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 1:12:15 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 2:55:17 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 6:49:22 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 7:18:59 | Computer Name = Nešpor-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DivX Plus Player.exe, verze 10.2.1.13, časové razítko
0x4c6c84c0, chybující modul QtCore4.dll, verze 4.5.0.0, časové razítko 0x49a6280b,
kód výjimky 0xc0000005, posun chyby 0x000e1b16, ID procesu 0x10b4, čas spuštění
aplikace 0x01cb7c0dcf01bc85.

Error - 4.11.2010 11:02:57 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 13:45:25 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 16:12:59 | Computer Name = Nešpor-PC | Source = WinMgmt | ID = 10
Description =

Error - 4.11.2010 16:15:07 | Computer Name = Nešpor-PC | Source = Perflib | ID = 1008
Description =

Error - 4.11.2010 16:15:37 | Computer Name = Nešpor-PC | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.0.6002.18005 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení
problémů. ID procesu: ff8 Čas zahájení: 01cb7c5ca5154ef4 Čas ukončení: 0

[ System Events ]
Error - 8.11.2010 10:54:33 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 8.11.2010 10:54:33 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8.11.2010 10:54:50 | Computer Name = Nešpor-PC | Source = DCOM | ID = 10005
Description =

Error - 8.11.2010 11:00:33 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 8.11.2010 11:01:27 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 8.11.2010 11:01:50 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 8.11.2010 11:04:20 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 8.11.2010 11:04:50 | Computer Name = Nešpor-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 8.11.2010 11:25:05 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 8.11.2010 11:56:13 | Computer Name = Nešpor-PC | Source = Service Control Manager | ID = 7030
Description =


< End of report >

[gena17]

no a konečně třetí log OTL.Txt

Musím ho rozdělit n dvě části nechce mě to vzít celeé

OTL logfile created on: 8.11.2010 17:21:02 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Nešpor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 115,23 Gb Free Space | 49,48% Space Free | Partition Type: NTFS
Drive D: | 223,11 Gb Total Space | 144,25 Gb Free Space | 64,65% Space Free | Partition Type: NTFS

Computer Name: NESPOR-PC | User Name: Nešpor | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Nešpor\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files\NetLimiter 2 Monitor\NLClient.exe (Locktime Software)
PRC - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe (Locktime Software)
PRC - C:\Program Files\PRTG Network Monitor\PRTG Server.exe (Paessler AG)
PRC - C:\Program Files\PRTG Network Monitor\PRTG Probe.exe (Paessler AG)
PRC - C:\Windows\ASScrPro.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\P4G\BatteryLife.exe (ATK)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe ()
PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()
PRC - C:\Program Files\Wireless Console 2\wcourier.exe ()
PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK)


========== Modules (SafeList) ==========

MOD - C:\Users\Nešpor\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (NAUpdate) -- C:\Program Files\Nero\Update\NASvc.exe (Nero AG)
SRV - (nlsvc) -- C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe (Locktime Software)
SRV - (PRTG7CoreService) -- C:\Program Files\PRTG Network Monitor\PRTG Server.exe (Paessler AG)
SRV - (PRTG7ProbeService) -- C:\Program Files\PRTG Network Monitor\PRTG Probe.exe (Paessler AG)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Symantec Core LC) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (spmgr) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe ()


========== Driver Services (SafeList) ==========

DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (eamonm) -- C:\Windows\System32\DRIVERS\eamonm.sys File not found
DRV - (catchme) -- C:\Users\NEPOR~1\AppData\Local\Temp\catchme.sys File not found
DRV - (PSSDK42) -- C:\Windows\System32\drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (HWiNFO32) -- C:\Program Files\HWiNFO32\HWiNFO32.SYS (REALiX(tm))
DRV - (DrvAgent32) -- C:\Windows\System32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (nltdi) -- C:\Windows\System32\drivers\nltdi.sys (Locktime Software)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (ghaio) -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys ()
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (speedfan) -- C:\Windows\system32\speedfan.sys (Windows (R) 2000 DDK provider)
DRV - (giveio) -- C:\Windows\system32\giveio.sys ()


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 F0 BE 65 C2 3F CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "WebHledani"
FF - prefs.js..browser.search.defaultthis.engineName: "Blackjack-Madness Customized Web Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.5
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {D2A6A719-7CBC-4594-85FD-C36AD881424F}:4.5.22
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949
FF - prefs.js..extensions.enabledItems: saloonbar@ligny.org.uk:3.0
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.86
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4c12844f&v=6.010.006.004&i=23&tp=ab&iy=&ychte=us&lng=cs&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.03.10 23:53:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.05 13:39:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.10 17:54:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.06 22:06:39 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.06 22:06:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.10 17:54:41 | 000,000,000 | ---D | M]

[2010.03.09 16:09:06 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Extensions
[2010.03.09 16:09:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.11.08 16:13:39 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions
[2010.04.27 16:22:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.04.08 16:21:16 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010.07.20 07:17:30 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.10.06 16:49:46 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010.10.25 20:23:48 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.06.18 22:00:44 | 000,000,000 | ---D | M] (Blackjack-Madness Toolbar) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}
[2010.08.25 15:39:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.08.25 15:39:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{D2A6A719-7CBC-4594-85FD-C36AD881424F}
[2010.06.18 07:25:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.03.09 19:53:09 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.06.27 01:06:37 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.04.17 14:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c58}
[2010.10.06 16:49:46 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.08.25 15:39:58 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\personas@christopher.beard
[2010.06.18 07:25:45 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\piclens@cooliris.com
[2010.09.01 15:56:50 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\saloonbar@ligny.org.uk
[2010.11.04 05:32:37 | 000,000,944 | ---- | M] () -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\searchplugins\icqplugin.xml
[2010.09.30 11:25:28 | 000,002,304 | ---- | M] () -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\searchplugins\inbox-hledat.xml
[2010.03.09 19:33:27 | 000,001,999 | ---- | M] () -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\searchplugins\vix-busca-mp3.xml
[2010.11.08 05:49:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.06 22:06:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.09 17:49:17 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.07.23 09:07:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.16 09:06:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.25 11:08:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.08 05:49:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010.11.08 05:49:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.10.27 07:12:32 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.10.27 07:12:32 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 17:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.27 07:12:32 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010.04.06 21:29:25 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.09.23 14:42:24 | 000,095,672 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.06.05 13:39:31 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2010.10.09 14:01:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.10.09 14:01:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.10.09 14:01:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.10.09 14:01:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.10.09 14:01:27 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.10.09 14:01:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.10.09 14:01:28 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.06.05 13:39:41 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2010.06.05 13:39:24 | 000,098,304 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010.02.19 19:31:44 | 000,031,936 | ---- | M] (NOS Microsystems Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
[2010.11.07 06:20:46 | 000,002,340 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2010.06.17 10:38:44 | 000,001,353 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.10.27 06:19:36 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.10.27 06:19:36 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.10.27 06:19:36 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.10.27 06:19:36 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.10.27 06:19:36 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.10.27 06:19:36 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.11.08 16:56:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nešpor\Desktop\fotky na úpravu\zlatíčko.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nešpor\Desktop\fotky na úpravu\zlatíčko.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[gena17]

ČÁST II
========== Files/Folders - Created Within 30 Days ==========

[2010.11.08 17:09:08 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Nešpor\Desktop\OTL.exe
[2010.11.08 16:59:06 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.11.08 16:59:06 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Local\temp
[2010.11.08 16:57:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.11.08 16:23:34 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.11.08 16:23:04 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.11.08 05:47:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.11.07 17:09:40 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Desktop\oprava PC
[2010.11.06 20:49:51 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\Malwarebytes
[2010.11.06 20:49:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.06 20:49:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.06 20:49:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.06 20:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.06 19:23:54 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\DoctorWeb
[2010.11.06 11:32:36 | 000,000,000 | ---D | C] -- C:\Program Files\S3
[2010.11.06 11:15:08 | 000,000,000 | ---D | C] -- C:\Program Files\GLScene
[2010.11.06 10:54:04 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\fltk.org
[2010.11.06 10:54:04 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\flightgear.org
[2010.11.06 10:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\FlightGear
[2010.11.05 19:52:58 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity.com
[2010.11.05 19:47:47 | 000,000,000 | ---D | C] -- C:\Program Files\Sea Cow Games
[2010.11.05 19:47:37 | 000,303,616 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010.11.05 17:34:34 | 000,000,000 | ---D | C] -- C:\Program Files\FA-18 OIF Demo
[2010.11.03 16:33:33 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.11.03 16:33:32 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.11.03 16:33:32 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.11.03 16:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2011
[2010.11.03 16:31:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2010.10.28 14:35:38 | 000,000,000 | ---D | C] -- C:\Windows\rundll16.exe
[2010.10.28 14:35:38 | 000,000,000 | ---D | C] -- C:\Windows\RUNDL132.EXE
[2010.10.28 14:35:38 | 000,000,000 | ---D | C] -- C:\Windows\logo1_.exe
[2010.10.28 14:35:38 | 000,000,000 | ---D | C] -- C:\Windows\logo_1.exe
[2010.10.28 14:32:09 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.10.28 14:32:07 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.10.28 14:32:06 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.10.28 14:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MicroWorld
[2010.10.28 14:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MicroWorld
[2010.10.27 04:38:53 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.10.27 04:38:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.10.27 04:38:51 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.10.26 14:55:47 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Documents\NeroVision
[2010.10.25 11:08:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.10.25 11:08:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.10.25 11:08:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.10.24 14:24:31 | 000,000,000 | R--D | C] -- C:\Users\Nešpor\Desktop\DC STRONG
[2010.10.23 19:58:01 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Documents\StrongDC++
[2010.10.23 19:54:01 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Desktop\Settings
[2010.10.23 19:50:13 | 000,000,000 | ---D | C] -- C:\Program Files\StrongDC++
[2010.10.23 12:07:15 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2010.10.23 12:06:53 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.10.23 05:23:19 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Local\Windows Live
[2010.10.23 05:22:25 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2010.10.20 18:43:46 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Desktop\cal virtual
[2010.10.20 14:37:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2010.10.19 18:27:18 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2010.10.19 17:31:56 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\Systweak
[2010.10.17 08:22:08 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Desktop\cal deamo
[2010.10.17 08:04:44 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys.10878736
[2010.10.17 08:04:34 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.10.17 08:03:49 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\DAEMON Tools Lite
[2010.10.17 08:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.10.16 15:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\Zrychleni Pocitace
[2010.10.15 16:07:53 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Roaming\vlc
[2010.10.15 16:07:25 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.10.15 04:50:58 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.15 04:50:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.15 04:50:38 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.15 04:50:35 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.15 04:50:35 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.15 04:50:35 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.15 04:50:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.15 04:50:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.15 04:50:34 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.15 04:50:34 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.15 04:50:34 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.15 04:50:34 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.15 04:50:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.15 04:50:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.15 04:50:33 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.15 04:50:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.15 04:50:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.15 04:50:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.15 04:50:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.15 04:50:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.15 04:50:32 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.15 04:50:32 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.15 04:50:31 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.15 04:50:30 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.15 04:50:28 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.14 19:00:09 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Documents\Ovi
[2010.10.14 18:59:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.10.10 18:08:47 | 000,567,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2010.10.10 18:08:47 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2010.10.10 18:08:47 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2010.10.10 18:00:11 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.10.10 17:56:21 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\AppData\Local\Nokia
[2010.10.10 17:55:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nokia
[2010.10.10 17:54:35 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.10.10 17:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.10.10 17:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.10.10 17:12:53 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Documents\FFOutput
[2010.10.10 17:12:13 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.10.10 16:34:16 | 000,000,000 | ---D | C] -- C:\Users\Nešpor\Desktop\BYT IVA
[2010.03.09 16:45:23 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Nešpor\AppData\Roaming\pcouffin.sys
[2008.07.23 00:56:59 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2007.01.24 04:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.08 17:19:07 | 000,000,468 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{CD7537E4-AFDE-4F8C-B01B-81CE5E3D08A3}.job
[2010.11.08 17:10:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.08 17:09:11 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Nešpor\Desktop\OTL.exe
[2010.11.08 16:56:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.11.08 16:22:55 | 003,906,043 | R--- | M] () -- C:\Users\Nešpor\Desktop\ComboFix.exe
[2010.11.08 16:06:46 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.11.08 16:06:46 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.08 16:06:46 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.11.08 16:06:46 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.08 15:59:18 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010.11.08 15:59:15 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.08 15:59:11 | 000,038,976 | ---- | M] (microOLAP Technologies LTD) -- C:\Windows\System32\drivers\pssdk42.sys
[2010.11.08 15:59:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.08 15:59:03 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.08 15:58:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.08 01:20:24 | 000,089,088 | ---- | M] () -- C:\Windows\MBR.exe
[2010.11.07 19:22:37 | 000,002,395 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.07 12:55:15 | 000,038,400 | ---- | M] () -- C:\Users\Nešpor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.07 00:07:51 | 415,801,081 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.06 22:06:39 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.06 19:22:57 | 051,657,840 | ---- | M] () -- C:\Users\Nešpor\Desktop\launch.exe
[2010.11.06 17:05:18 | 000,000,885 | ---- | M] () -- C:\Users\Nešpor\Desktop\hijackthis – zástupce.lnk
[2010.11.06 11:32:56 | 000,000,756 | ---- | M] () -- C:\Users\Nešpor\Desktop\Space Shuttle Simulator.lnk
[2010.11.06 10:54:04 | 000,000,974 | ---- | M] () -- C:\Users\Nešpor\Desktop\FlightGear v0.9.9.lnk
[2010.11.06 10:20:39 | 000,000,944 | ---- | M] () -- C:\Users\Nešpor\Desktop\Offshore Sailing.lnk
[2010.11.05 19:53:13 | 000,001,952 | ---- | M] () -- C:\Users\Nešpor\Desktop\Air Flashback.lnk
[2010.11.05 19:53:13 | 000,001,861 | ---- | M] () -- C:\Users\Nešpor\Desktop\Free Games Way.lnk
[2010.11.05 19:53:13 | 000,001,847 | ---- | M] () -- C:\Users\Nešpor\Desktop\MyPlayCity Games.lnk
[2010.11.05 19:46:44 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.11.05 19:46:44 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.11.05 17:34:44 | 000,001,882 | ---- | M] () -- C:\Users\Nešpor\Desktop\FA-18 Op Iraqi Freedom Demo.exe.lnk
[2010.11.05 16:10:58 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.11.04 22:57:27 | 000,020,961 | ---- | M] () -- C:\Users\Nešpor\Desktop\GEFRREY.jpg
[2010.11.04 22:53:17 | 000,281,661 | ---- | M] () -- C:\Users\Nešpor\Desktop\HELPSAVETHEWOLVES-WHITEWOLF-1.gif
[2010.11.04 22:52:30 | 000,107,653 | ---- | M] () -- C:\Users\Nešpor\Desktop\k9-wolves.jpg
[2010.11.04 22:38:20 | 000,017,046 | ---- | M] () -- C:\Users\Nešpor\Desktop\město včlí smečky.jpg
[2010.11.04 21:51:04 | 000,027,762 | ---- | M] () -- C:\Users\Nešpor\Desktop\wolf013.jpg
[2010.11.04 16:08:23 | 000,008,088 | ---- | M] () -- C:\Users\Nešpor\Desktop\vlčí smečka.jpg
[2010.11.03 16:33:30 | 000,001,876 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.11.03 16:33:30 | 000,001,874 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2010.10.31 18:09:39 | 000,002,797 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
[2010.10.31 18:08:15 | 000,002,973 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 10.lnk
[2010.10.31 18:06:18 | 000,002,857 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart 10.lnk
[2010.10.31 16:12:07 | 000,001,894 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.10.31 07:56:52 | 001,286,994 | ---- | M] () -- C:\Users\Nešpor\Desktop\jawascript.bmp
[2010.10.30 18:44:51 | 000,000,472 | ---- | M] () -- C:\Users\Nešpor\Documents\cc_20101030_194428.reg
[2010.10.28 14:58:20 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.10.28 14:35:38 | 000,000,054 | ---- | M] () -- C:\Windows\Lic.xxx
[2010.10.28 14:32:07 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr80.dll
[2010.10.28 14:32:06 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp80.dll
[2010.10.28 14:32:05 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\Windows\System32\eEmpty.exe
[2010.10.27 18:25:18 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2010.10.27 18:21:16 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2010.10.27 18:21:08 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2010.10.26 14:55:40 | 000,002,783 | ---- | M] () -- C:\Users\Public\Desktop\Nero Vision 10.lnk
[2010.10.23 19:56:32 | 000,001,785 | ---- | M] () -- C:\Users\Nešpor\Desktop\StrongDC++.lnk
[2010.10.23 19:21:09 | 000,000,671 | ---- | M] () -- C:\Users\Nešpor\AppData\Roaming\vso_ts_preview.xml
[2010.10.23 18:05:18 | 000,254,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.22 10:22:40 | 662,414,042 | ---- | M] () -- C:\Users\Nešpor\Desktop\Kuky se vraci by dog 2010.avi
[2010.10.22 10:12:00 | 000,033,578 | ---- | M] () -- C:\Users\Nešpor\Desktop\image201010220004.jpg
[2010.10.19 18:27:19 | 000,000,811 | ---- | M] () -- C:\Users\Nešpor\Desktop\SpeedFan.lnk
[2010.10.19 18:27:18 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2010.10.19 11:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.17 12:26:45 | 000,000,067 | ---- | M] () -- C:\Users\Nešpor\Desktop\0.url
[2010.10.17 08:04:58 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.10.17 08:04:45 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys.10878736
[2010.10.17 07:18:30 | 000,018,232 | ---- | M] () -- C:\Users\Nešpor\Documents\cc_20101017_081825.reg
[2010.10.15 16:07:47 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.14 04:30:04 | 000,000,680 | ---- | M] () -- C:\Users\Nešpor\AppData\Local\d3d9caps.dat
[2010.10.10 18:14:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.10.10 18:00:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.10 18:00:35 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.10 17:56:01 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.10.10 17:21:28 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2010.10.10 17:12:27 | 000,000,998 | ---- | M] () -- C:\Users\Nešpor\Desktop\Format Factory.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.07 07:19:48 | 003,906,043 | R--- | C] () -- C:\Users\Nešpor\Desktop\ComboFix.exe
[2010.11.07 00:07:51 | 415,801,081 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.11.06 22:06:39 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.06 19:20:10 | 051,657,840 | ---- | C] () -- C:\Users\Nešpor\Desktop\launch.exe
[2010.11.06 17:05:18 | 000,000,885 | ---- | C] () -- C:\Users\Nešpor\Desktop\hijackthis – zástupce.lnk
[2010.11.06 11:32:56 | 000,000,756 | ---- | C] () -- C:\Users\Nešpor\Desktop\Space Shuttle Simulator.lnk
[2010.11.06 10:54:04 | 000,000,974 | ---- | C] () -- C:\Users\Nešpor\Desktop\FlightGear v0.9.9.lnk
[2010.11.06 10:20:39 | 000,000,944 | ---- | C] () -- C:\Users\Nešpor\Desktop\Offshore Sailing.lnk
[2010.11.05 19:53:13 | 000,001,952 | ---- | C] () -- C:\Users\Nešpor\Desktop\Air Flashback.lnk
[2010.11.05 19:53:13 | 000,001,861 | ---- | C] () -- C:\Users\Nešpor\Desktop\Free Games Way.lnk
[2010.11.05 19:53:13 | 000,001,847 | ---- | C] () -- C:\Users\Nešpor\Desktop\MyPlayCity Games.lnk
[2010.11.05 19:46:44 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.11.05 19:46:44 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.11.05 17:34:44 | 000,001,882 | ---- | C] () -- C:\Users\Nešpor\Desktop\FA-18 Op Iraqi Freedom Demo.exe.lnk
[2010.11.04 22:57:26 | 000,020,961 | ---- | C] () -- C:\Users\Nešpor\Desktop\GEFRREY.jpg
[2010.11.04 22:53:17 | 000,281,661 | ---- | C] () -- C:\Users\Nešpor\Desktop\HELPSAVETHEWOLVES-WHITEWOLF-1.gif
[2010.11.04 22:52:28 | 000,107,653 | ---- | C] () -- C:\Users\Nešpor\Desktop\k9-wolves.jpg
[2010.11.04 21:59:21 | 000,017,046 | ---- | C] () -- C:\Users\Nešpor\Desktop\město včlí smečky.jpg
[2010.11.04 21:51:01 | 000,027,762 | ---- | C] () -- C:\Users\Nešpor\Desktop\wolf013.jpg
[2010.11.04 16:08:20 | 000,008,088 | ---- | C] () -- C:\Users\Nešpor\Desktop\vlčí smečka.jpg
[2010.11.03 16:33:30 | 000,001,876 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
[2010.11.03 16:33:30 | 000,001,874 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2011.lnk
[2010.10.31 07:56:52 | 001,286,994 | ---- | C] () -- C:\Users\Nešpor\Desktop\jawascript.bmp
[2010.10.30 18:44:47 | 000,000,472 | ---- | C] () -- C:\Users\Nešpor\Documents\cc_20101030_194428.reg
[2010.10.28 14:58:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.28 14:32:50 | 000,000,054 | ---- | C] () -- C:\Windows\Lic.xxx
[2010.10.23 19:50:17 | 000,001,785 | ---- | C] () -- C:\Users\Nešpor\Desktop\StrongDC++.lnk
[2010.10.22 10:12:00 | 000,033,578 | ---- | C] () -- C:\Users\Nešpor\Desktop\image201010220004.jpg
[2010.10.19 18:27:19 | 000,000,811 | ---- | C] () -- C:\Users\Nešpor\Desktop\SpeedFan.lnk
[2010.10.19 18:27:17 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2010.10.17 12:26:45 | 000,000,067 | ---- | C] () -- C:\Users\Nešpor\Desktop\0.url
[2010.10.17 08:04:58 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.10.17 07:18:28 | 000,018,232 | ---- | C] () -- C:\Users\Nešpor\Documents\cc_20101017_081825.reg
[2010.10.15 16:07:47 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.10.14 10:05:14 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.10.14 10:05:14 | 000,000,936 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.10.14 04:30:04 | 000,000,680 | ---- | C] () -- C:\Users\Nešpor\AppData\Local\d3d9caps.dat
[2010.10.10 18:14:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.10.10 18:00:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.10 18:00:35 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.10 18:00:14 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.10.10 17:56:01 | 000,001,935 | ---- | C] () -- C:\Users\Public\Desktop\Nokia Ovi Suite.lnk
[2010.10.10 17:21:28 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
[2010.10.10 17:12:27 | 000,000,998 | ---- | C] () -- C:\Users\Nešpor\Desktop\Format Factory.lnk
[2010.06.05 13:45:00 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.03.29 21:21:32 | 000,000,671 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\vso_ts_preview.xml
[2010.03.16 13:00:12 | 000,000,167 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\default.rss
[2010.03.12 20:34:46 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.03.09 21:35:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2010.03.09 17:27:07 | 000,038,400 | ---- | C] () -- C:\Users\Nešpor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.09 16:45:42 | 000,000,034 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\pcouffin.log
[2010.03.09 16:45:23 | 000,087,608 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\inst.exe
[2010.03.09 16:45:23 | 000,007,887 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\pcouffin.cat
[2010.03.09 16:45:23 | 000,001,144 | ---- | C] () -- C:\Users\Nešpor\AppData\Roaming\pcouffin.inf
[2009.08.05 02:08:28 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009.08.05 01:52:08 | 000,012,288 | ---- | C] () -- C:\Windows\impborl.dll
[2008.07.23 00:59:59 | 001,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2008.07.23 00:57:59 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2008.07.23 00:56:59 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2008.04.17 11:37:47 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.08 11:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010.10.28 08:31:35 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\AIMP
[2010.03.19 13:58:47 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Apowersoft
[2010.10.23 22:24:22 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\BitTorrent
[2010.04.11 17:06:33 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Blitware
[2010.10.17 08:14:57 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\DAEMON Tools Lite
[2010.11.06 10:54:07 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\flightgear.org
[2010.11.06 10:54:04 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\fltk.org
[2010.08.09 18:05:21 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\FreeBurner
[2010.03.10 09:13:19 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\GHISLER
[2010.08.28 17:18:29 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\ICQ
[2010.09.01 08:10:33 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\IMVU
[2010.03.25 12:17:38 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Leadertech
[2010.08.27 22:58:11 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Locktime
[2010.03.10 19:50:11 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Nokia
[2010.03.11 19:39:50 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\OpenOffice.org
[2010.10.14 18:59:27 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\PC Suite
[2010.04.11 17:17:52 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Software Informer
[2010.11.06 10:27:11 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Systweak
[2010.11.05 19:30:23 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\TuneUp Software
[2010.08.28 17:17:04 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\TuneUpMedia
[2010.03.14 13:55:45 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\VirtuaWin
[2010.10.23 19:21:09 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Vso
[2010.03.14 13:25:19 | 000,000,000 | ---D | M] -- C:\Users\Nešpor\AppData\Roaming\Zoner
[2010.11.07 22:55:29 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.08 17:19:07 | 000,000,468 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CD7537E4-AFDE-4F8C-B01B-81CE5E3D08A3}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Nešpor\Desktop\Kuky se vraci by dog 2010.avi:TOC.WMV
@Alternate Data Stream - 230 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

< End of report >

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir následně T-Cleaner smaž a zapni si zase antivir


Odinstaluj:
Zynga Toolbar
Blackjack-Madness Toolbar

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (eamonm) -- C:\Windows\System32\DRIVERS\eamonm.sys File not found
DRV - (catchme) -- C:\Users\NEPOR~1\AppData\Local\Temp\catchme.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - Reg Error: Key error. File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Blackjack-Madness Customized Web Search"
FF - prefs.js..browser.search.order.1: "Crawler Search"
[2010.07.20 07:17:30 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.06.18 22:00:44 | 000,000,000 | ---D | M] (Blackjack-Madness Toolbar) -- C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}
O1 HOSTS File: ([2010.11.08 16:56:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SWXCACLS.exe
C:\Windows\System32\perfh005.dat
C:\Windows\System32\perfh009.dat
C:\Windows\System32\perfc005.dat
C:\Windows\System32\perfc009.dat
C:\Users\Nešpor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\ezsidmv.dat
C:\Users\Nešpor\AppData\Local\d3d9caps.dat
@Alternate Data Stream - 230 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:D1B5B4F1

:Reg
:Commands
[resethosts]
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[gena17]

Toto jsem nemohl najít
Odinstaluj:
Zynga Toolbar
Blackjack-Madness Toolbar

Zde je log

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Error: No service named rpcapd) Remote Packet Capture Protocol v.0 (experimental was found to stop!
Service\Driver key rpcapd) Remote Packet Capture Protocol v.0 (experimental not found.
File C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini File not found not found.
Service sptd stopped successfully!
Service sptd deleted successfully!
File C:\Windows\System32\Drivers\sptd.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Service eamonm stopped successfully!
Service eamonm deleted successfully!
File C:\Windows\System32\DRIVERS\eamonm.sys File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\NEPOR~1\AppData\Local\Temp\catchme.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Blackjack-Madness Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "Crawler Search" removed from browser.search.order.1
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\searchplugin folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\META-INF folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\lib folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\defaults folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\chrome folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\searchplugin folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\META-INF folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\lib folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\defaults folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\components folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1}\chrome folder moved successfully.
C:\Users\Nešpor\AppData\Roaming\Mozilla\Firefox\Profiles\17zipwhv.default\extensions\{ca9aeaa0-4588-4bbe-99af-8fb0a0a9e5e1} folder moved successfully.
127.0.0.1 localhost removed from HOSTS file successfully
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\User_Feed_Synchronization-{CD7537E4-AFDE-4F8C-B01B-81CE5E3D08A3}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SWXCACLS.exe not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Users\Nešpor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Users\Nešpor\AppData\Local\d3d9caps.dat moved successfully.
ADS C:\ProgramData\Temp:9A870F8B deleted successfully.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
========== REGISTRY ==========
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Laura
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 74264442 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44969294 bytes
->Google Chrome cache emptied: 357644065 bytes
->Flash cache emptied: 2881643 bytes

User: Mamka
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2687688 bytes
->Java cache emptied: 5535457 bytes
->FireFox cache emptied: 51394771 bytes
->Google Chrome cache emptied: 353545568 bytes
->Flash cache emptied: 639925 bytes

User: Nešpor
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 5475589 bytes
->Java cache emptied: 24010 bytes
->FireFox cache emptied: 53234289 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 45250 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 908,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Laura
->Flash cache emptied: 0 bytes

User: Mamka
->Flash cache emptied: 0 bytes

User: Nešpor
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11082010_212720

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...