Prosím o kontrolu, asi mám virus Vyřešeno

[JanHonJan]

Psal jsem to již do tohoto topicu, ale dostal jsem radu, že bych měl poslat log z HJT. Tak tady to je :

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:54, on 18.8.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Programy\avast! Antivirus\aswUpdSv.exe
D:\Programy\avast! Antivirus\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
D:\Programy\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\Explorer.EXE
D:\Programy\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
D:\Programy\AVAST!~1\ashDisp.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
D:\Programy\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\QuickTime\QTTask.exe
D:\Programy\Sony Content Transfer\ContentTransferWMDetector.exe
D:\Programy\avast! Antivirus\ashMaiSv.exe
D:\Programy\Nero 7\InCD\NBHGui.exe
D:\Programy\Nero 7\InCD\InCD.exe
C:\Program Files\Java\jre6\bin\jusched.exe
D:\Programy\avast! Antivirus\ashWebSv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\lxbucoms.exe
D:\Programy\SE PC Suite\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
D:\Programy\WinFlip\WinFlip.exe
D:\Programy\OpenOffice.org\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
D:\Programy\OpenOffice.org\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\Programy\Mozilla Firefox\firefox.exe
D:\Programy\avast! Antivirus\ashSimpl.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
C:\Documents and Settings\JanHonJan\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Programy\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] D:\Programy\AVAST!~1\ashDisp.exe
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\Adobe Reader\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] D:\Programy\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] D:\Programy\Sony Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] D:\Programy\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] D:\Programy\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogonStudio] "D:\Programy\Stardock\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programy\Daemon Tools\daemon.exe" -autorun
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "D:\Programy\SE PC Suite\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = D:\Programy\OpenOffice.org\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: WinFlip.lnk = D:\Programy\WinFlip\WinFlip.exe
O8 - Extra context menu item: Download with Free Download Manager - file://D:\Programy\Free Download Manager\dllink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} (NetCamPlayerWeb11g Control) - http://213.211.35.82/img/NetCamPlayerWeb11g.ocx
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - http://vistatestdrive.com/sp1/ActiveX/VMRCActiveXClient1.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4DD0554-5777-4884-BC02-8DDACB844BF7}: NameServer = 10.10.10.1,10.10.10.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Programy\avast! Antivirus\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Programy\avast! Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy\avast! Antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Programy\avast! Antivirus\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9862bdc32f4d4) (gupdate1c9862bdc32f4d4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Programy\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NBService - Nero AG - D:\Programy\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - D:\Programy\Nero 8\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Unknown owner - D:\Programy\Nero 8\Nero\Nero8\InCD\NBHRegInCDSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Programy\Spyware Terminator\sp_rsser.exe

--
End of file - 10439 bytes

Díky za odpovědi.
PS: C:\Program Files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe si nevšímejte, jen jsem zkoušel .

[Reklama]

[pitimir]

Nazdar :)
Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users" -> "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.

[JanHonJan]

Obsah souboru OTL.txt:

Kód: Vybrat vše

OTL logfile created on: 18.8.2009 15:07:17 - Run 1
OTL by OldTimer - Version 3.0.10.7     Folder = C:\Documents and Settings\JanHonJan\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
 
1,25 Gb Total Physical Memory | 0,39 Gb Available Physical Memory | 31,40% Memory free
1,11 Gb Paging File | 0,61 Gb Available in Paging File | 54,72% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15,63 Gb Total Space | 6,62 Gb Free Space | 42,37% Space Free | Partition Type: NTFS
Drive D: | 58,89 Gb Total Space | 23,32 Gb Free Space | 39,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-30F86B7FC277
Current User Name: JanHonJan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2009.02.25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009.02.25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe
PRC - [2009.02.05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\aswUpdSv.exe
PRC - [2009.02.05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashServ.exe
PRC - [2006.02.28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2007.05.15 16:55:46 | 01,550,896 | ---- | M] (Nero AG) -- D:\Programy\Nero 7\InCD\InCDsrv.exe
PRC - [2009.03.09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2006.12.19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe
PRC - [2007.06.13 15:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2008.08.27 14:36:36 | 00,570,880 | ---- | M] (Crawler.com) -- D:\Programy\Spyware Terminator\sp_rsser.exe
PRC - [2007.04.16 15:28:22 | 00,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2009.02.05 23:08:45 | 00,081,000 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashDisp.exe
PRC - [2004.09.22 12:39:58 | 00,188,416 | ---- | M] (Lexmark International, Inc.) -- C:\Program Files\Lexmark 6200 Series\lxbumon.exe
PRC - [2004.09.17 15:24:00 | 00,061,440 | ---- | M] () -- C:\Program Files\Lexmark 6200 Series\ezprint.exe
PRC - [2007.02.23 16:32:56 | 00,126,976 | ---- | M] (SAMSUNG ELECTRONICS) -- D:\Programy\Samsung Media Studio 5\SMSTray.exe
PRC - [2008.09.06 15:09:14 | 00,413,696 | ---- | M] (Apple Inc.) -- C:\Program Files\QuickTime\QTTask.exe
PRC - [2008.07.11 18:51:32 | 00,423,200 | ---- | M] (Sony Corporation) -- D:\Programy\Sony Content Transfer\ContentTransferWMDetector.exe
PRC - [2009.02.05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashMaiSv.exe
PRC - [2007.05.15 16:55:46 | 01,628,208 | ---- | M] (Nero AG) -- D:\Programy\Nero 7\InCD\NBHGui.exe
PRC - [2007.05.15 16:55:26 | 01,057,328 | ---- | M] (Nero AG) -- D:\Programy\Nero 7\InCD\InCD.exe
PRC - [2009.03.09 05:19:17 | 00,148,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009.02.05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashWebSv.exe
PRC - [2004.09.23 19:58:02 | 00,450,560 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbucoms.exe
PRC - [2008.07.02 17:16:26 | 00,393,216 | ---- | M] (Sony Ericsson Mobile Communications AB) -- D:\Programy\SE PC Suite\Sony Ericsson PC Suite\SEPCSuite.exe
PRC - [2007.05.16 10:27:16 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.05.16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2008.05.21 17:22:18 | 00,483,328 | ---- | M] () -- D:\Programy\WinFlip\WinFlip.exe
PRC - [2009.01.15 18:42:44 | 07,434,240 | ---- | M] (OpenOffice.org) -- D:\Programy\OpenOffice.org\OpenOffice.org 3\program\soffice.exe
PRC - [2007.05.16 10:27:38 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2009.01.15 18:42:46 | 07,430,144 | ---- | M] (OpenOffice.org) -- D:\Programy\OpenOffice.org\OpenOffice.org 3\program\soffice.bin
PRC - [2009.02.05 23:04:57 | 00,159,280 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashSimpl.exe
PRC - [2009.08.06 12:33:42 | 00,908,280 | ---- | M] (Mozilla Corporation) -- D:\Programy\Mozilla Firefox\firefox.exe
PRC - [2009.08.18 15:06:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JanHonJan\Plocha\OTL.exe
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2007.10.24 02:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2009.02.05 23:01:25 | 00,018,752 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009.02.25 23:27:41 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Ati2evxx.exe -- (Ati HotKey Poller [Auto | Running])
SRV - [2009.02.25 15:15:00 | 00,593,920 | ---- | M] () -- C:\WINDOWS\System32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
SRV - [2009.02.05 23:08:40 | 00,138,680 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009.02.05 23:08:26 | 00,254,040 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009.02.05 23:06:04 | 00,352,920 | ---- | M] (ALWIL Software) -- D:\Programy\avast! Antivirus\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2006.02.28 13:42:38 | 00,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2007.10.24 02:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008.11.13 16:24:46 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2006.10.20 22:21:24 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009.02.03 20:18:30 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9862bdc32f4d4 [Auto | Stopped])
SRV - [2004.08.17 15:49:16 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2006.10.30 04:33:58 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007.05.15 16:55:46 | 01,550,896 | ---- | M] (Nero AG) -- D:\Programy\Nero 7\InCD\InCDsrv.exe -- (InCDsrv [Auto | Running])
SRV - [2009.03.09 05:19:15 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2004.09.23 19:58:02 | 00,450,560 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\System32\lxbucoms.exe -- (lxbu_device [On_Demand | Running])
SRV - [2007.04.13 22:09:56 | 00,792,112 | ---- | M] (Nero AG) -- D:\Programy\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - File not found --  -- (Nero BackItUp Scheduler 3 [Auto | Stopped])
SRV - File not found --  -- (NeroRegInCDSrv [Auto | Stopped])
SRV - [2006.10.30 04:34:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007.05.16 10:27:28 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2006.12.19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running])
SRV - [2008.08.27 14:36:36 | 00,570,880 | ---- | M] (Crawler.com) -- D:\Programy\Spyware Terminator\sp_rsser.exe -- (sp_rssrv [Auto | Running])
SRV - [2005.06.29 03:52:57 | 14,745,600 | -HS- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\System\icm64.dll -- (wmcmgc [Auto | Running])
SRV - [2007.01.05 20:57:30 | 00,913,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2009.02.05 23:05:11 | 00,026,944 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4 [System | Running])
DRV - [2008.01.24 16:36:16 | 04,127,488 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
DRV - [2005.11.21 07:48:20 | 00,016,512 | ---- | M] (Adaptec) -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32 [Auto | Running])
DRV - [2009.02.05 23:07:12 | 00,020,560 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV - [2009.02.05 23:08:10 | 00,094,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2 [Auto | Running])
DRV - [2009.02.05 23:06:10 | 00,023,152 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr [On_Demand | Running])
DRV - [2009.02.05 23:07:23 | 00,114,768 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP [System | Running])
DRV - [2009.02.05 23:06:20 | 00,051,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV - [2009.02.26 00:58:57 | 03,565,568 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\System32\DRIVERS\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
DRV - [2009.07.30 19:54:50 | 00,163,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\vidstub.sys -- (BootScreen [Boot | Running])
DRV - [2008.09.17 15:14:00 | 00,027,672 | R--- | M] (EnTech Taiwan) -- C:\WINDOWS\System32\DRIVERS\ENTECH.sys -- (ENTECH [On_Demand | Stopped])
DRV - [2004.08.04 01:08:22 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\gameenum.sys -- (gameenum [On_Demand | Running])
DRV - [2009.01.01 18:35:11 | 00,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Running])
DRV - [2007.05.15 16:55:36 | 00,118,576 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDFs.sys -- (InCDfs [Disabled | Running])
DRV - [2007.05.15 16:55:36 | 00,037,040 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDPass.sys -- (InCDPass [System | Running])
DRV - [2007.05.15 16:55:36 | 00,038,576 | ---- | M] (Nero AG) -- C:\WINDOWS\System32\drivers\InCDRm.sys -- (incdrm [System | Running])
DRV - [2007.02.22 12:15:56 | 00,137,216 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcd.sys -- (nmwcd [On_Demand | Stopped])
DRV - [2007.02.22 12:15:14 | 00,008,320 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdc.sys -- (nmwcdc [On_Demand | Stopped])
DRV - [2007.02.22 12:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcj.sys -- (nmwcdcj [On_Demand | Stopped])
DRV - [2007.02.22 12:15:14 | 00,012,288 | ---- | M] (Nokia) -- C:\WINDOWS\System32\drivers\nmwcdcm.sys -- (nmwcdcm [On_Demand | Stopped])
DRV - [2008.09.25 14:14:54 | 00,114,496 | ---- | M] (Protection Technology Co.) -- C:\WINDOWS\System32\drivers\prodrv04.sys -- (prodrv04 [System | Running])
DRV - [2001.10.25 16:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running])
DRV - [2008.08.20 19:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2004.08.04 00:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running])
DRV - [2008.05.16 13:33:12 | 00,089,256 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016bus.sys -- (s0016bus [On_Demand | Stopped])
DRV - [2008.05.16 13:33:14 | 00,015,016 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mdfl.sys -- (s0016mdfl [On_Demand | Stopped])
DRV - [2008.05.16 13:33:12 | 00,120,744 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mdm.sys -- (s0016mdm [On_Demand | Stopped])
DRV - [2008.05.16 13:33:12 | 00,114,216 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016mgmt.sys -- (s0016mgmt [On_Demand | Stopped])
DRV - [2008.05.16 13:33:14 | 00,025,512 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016nd5.sys -- (s0016nd5 [On_Demand | Stopped])
DRV - [2008.05.16 13:33:12 | 00,110,632 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016obex.sys -- (s0016obex [On_Demand | Stopped])
DRV - [2008.05.16 13:33:14 | 00,115,752 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0016unic.sys -- (s0016unic [On_Demand | Stopped])
DRV - [2008.05.27 12:41:46 | 00,090,536 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017bus.sys -- (s0017bus [On_Demand | Stopped])
DRV - [2008.05.27 12:41:46 | 00,015,016 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017mdfl.sys -- (s0017mdfl [On_Demand | Stopped])
DRV - [2008.05.27 12:41:46 | 00,122,152 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017mdm.sys -- (s0017mdm [On_Demand | Stopped])
DRV - [2008.05.27 12:41:44 | 00,115,496 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017mgmt.sys -- (s0017mgmt [On_Demand | Stopped])
DRV - [2008.05.27 12:41:44 | 00,025,768 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017nd5.sys -- (s0017nd5 [On_Demand | Stopped])
DRV - [2008.05.27 12:41:46 | 00,111,912 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017obex.sys -- (s0017obex [On_Demand | Stopped])
DRV - [2008.05.27 12:41:46 | 00,117,672 | ---- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s0017unic.sys -- (s0017unic [On_Demand | Stopped])
DRV - [2007.04.23 15:54:46 | 00,083,208 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115bus.sys -- (s115bus [On_Demand | Stopped])
DRV - [2007.04.23 15:54:48 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mdfl.sys -- (s115mdfl [On_Demand | Stopped])
DRV - [2007.04.23 15:54:48 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mdm.sys -- (s115mdm [On_Demand | Stopped])
DRV - [2007.04.23 15:54:50 | 00,100,488 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115mgmt.sys -- (s115mgmt [On_Demand | Stopped])
DRV - [2007.04.23 15:54:50 | 00,098,568 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s115obex.sys -- (s115obex [On_Demand | Stopped])
DRV - [2007.04.03 13:57:42 | 00,083,336 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116bus.sys -- (s116bus [On_Demand | Stopped])
DRV - [2007.04.03 13:57:48 | 00,015,112 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mdfl.sys -- (s116mdfl [On_Demand | Stopped])
DRV - [2007.04.03 13:57:48 | 00,108,680 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mdm.sys -- (s116mdm [On_Demand | Stopped])
DRV - [2007.04.03 13:57:50 | 00,100,488 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116mgmt.sys -- (s116mgmt [On_Demand | Stopped])
DRV - [2007.04.03 13:57:52 | 00,023,176 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116nd5.sys -- (s116nd5 [On_Demand | Stopped])
DRV - [2007.04.03 13:57:52 | 00,098,696 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116obex.sys -- (s116obex [On_Demand | Stopped])
DRV - [2007.04.03 13:57:54 | 00,099,080 | R--- | M] (MCCI Corporation) -- C:\WINDOWS\System32\DRIVERS\s116unic.sys -- (s116unic [On_Demand | Stopped])
DRV - [2007.11.13 12:25:52 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped])
DRV - [2005.03.03 19:53:57 | 00,048,640 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01 [Boot | Running])
DRV - [2005.02.23 17:59:54 | 00,006,656 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02 [Boot | Running])
DRV - [2004.12.03 12:20:41 | 00,020,544 | ---- | M] (Protection Technology) -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02 [Boot | Running])
DRV - [2008.07.12 15:45:48 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [Boot | Running])
DRV - [2008.08.21 19:46:22 | 00,141,312 | ---- | M] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2 [System | Running])
DRV - [2008.02.12 03:42:38 | 00,232,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Drivers\vmm.sys -- (vmm [System | Running])
DRV - [2008.02.05 01:50:44 | 00,059,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\DRIVERS\VMNetSrv.sys -- (VPCNetS2 [On_Demand | Running])
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
 
 
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\S-1-5-21-602162358-1284227242-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\S-1-5-21-602162358-1284227242-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1
FF - prefs.js..extensions.enabledItems: firegestures@xuldev.org:1.5.1
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.2
FF - prefs.js..network.proxy.type: 4
 
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008.12.09 18:42:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: D:\Programy\Mozilla Firefox\components [2009.08.06 12:33:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: D:\Programy\Mozilla Firefox\plugins [2009.08.06 12:33:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: D:\Programy\Mozilla Thunderbird\components [2009.07.11 10:56:08 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: D:\Programy\Mozilla Thunderbird\plugins [2009.02.09 17:21:52 | 00,000,000 | ---D | M]
 
[2008.10.17 19:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Extensions
[2008.10.17 19:15:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Extensions\{a23983c0-fd0e-11dc-95ff-0800200c9a66}
[2008.09.06 21:45:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.18 11:30:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Firefox\Profiles\buv56uf4.default\extensions
[2009.07.14 00:27:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Firefox\Profiles\buv56uf4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009.06.30 22:44:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\JanHonJan\Data aplikací\mozilla\Firefox\Profiles\buv56uf4.default\extensions\firegestures@xuldev.org
 
O1 HOSTS File: (736 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - D:\Programy\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Programy\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] D:\Programy\avast! Antivirus\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [ContentTransferWMDetector.exe] D:\Programy\Sony Content Transfer\ContentTransferWMDetector.exe (Sony Corporation)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark 6200 Series\ezprint.exe ()
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Lexmark Fax Solutions\fm3032.exe ()
O4 - HKLM..\Run: [InCD] D:\Programy\Nero 7\InCD\InCD.exe (Nero AG)
O4 - HKLM..\Run: [LogonStudio] D:\Programy\Stardock\LogonStudio\logonstudio.exe (Stardock and Luca Saggese)
O4 - HKLM..\Run: [LXBUCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.DLL ()
O4 - HKLM..\Run: [lxbumon.exe] C:\Program Files\Lexmark 6200 Series\lxbumon.exe (Lexmark International, Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SecurDisc] D:\Programy\Nero 7\InCD\NBHGui.exe (Nero AG)
O4 - HKLM..\Run: [SMSTray] D:\Programy\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003..\Run: [DAEMON Tools Lite] D:\Programy\Daemon Tools\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003..\Run: [Google Update] C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003..\Run: [Sony Ericsson PC Suite] D:\Programy\SE PC Suite\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
O4 - Startup: C:\Documents and Settings\JanHonJan\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.0.lnk = D:\Programy\OpenOffice.org\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Documents and Settings\JanHonJan\Nabídka Start\Programy\Po spuštění\WinFlip.lnk = D:\Programy\WinFlip\WinFlip.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Download with Free Download Manager - D:\Programy\Free Download Manager\dllink.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} http://213.211.35.82/img/NetCamPlayerWeb11g.ocx (NetCamPlayerWeb11g Control)
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} http://vistatestdrive.com/sp1/ActiveX/VMRCActiveXClient1.cab (Microsoft Virtual Server VMRC Advanced Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\Ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WBSrv: DllName - D:\Programy\Stardock\WindowBlinds\WBSrv.dll - D:\Programy\Stardock\WindowBlinds\WBSrv.dll (Stardock Corporation)
O21 - SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - D:\Programy\Stardock\IconPackager\iprepair.dll (Stardock.net, Inc)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.07.03 14:20:23 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) -  File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) -  File not found
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[8 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009.08.18 15:06:45 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\JanHonJan\Plocha\OTL.exe
[2009.08.18 13:58:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\Microsoft Corporation
[2009.08.18 13:57:17 | 00,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\JanHonJan\Plocha\HijackThis.exe
[2009.08.18 13:56:45 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2009.08.15 15:52:22 | 00,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo
[2009.08.13 11:44:58 | 00,000,519 | ---- | C] () -- C:\Documents and Settings\JanHonJan\Nabídka Start\Programy\Po spuštění\WinFlip.lnk
[2009.08.09 21:44:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Dokumenty\TrackMania Tratě
[2009.08.08 22:03:51 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Data aplikací\fretsonfire
[2009.08.08 19:19:28 | 00,027,672 | R--- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\Entech.sys
[2009.08.08 19:19:28 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Futuremark
[2009.08.08 19:19:27 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Futuremark Shared
[2009.08.06 00:39:32 | 02,145,462 | -H-- | C] () -- C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\IconCache.db
[2009.08.04 17:27:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Data aplikací\Miranda
[2009.08.03 22:29:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Data aplikací\Synthesia
[2009.08.01 23:29:28 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Journal Viewer
[2009.08.01 21:02:15 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2009.08.01 21:02:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\microsoft
[2009.08.01 21:01:52 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2009.08.01 21:01:36 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2009.08.01 20:57:44 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2009.07.30 22:54:27 | 00,000,000 | ---D | C] -- C:\Program Files\ViGlance
[2009.07.30 22:51:15 | 00,000,000 | ---D | C] -- C:\Program Files\ViSplore
[2009.07.30 19:39:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\Temp
[2009.07.30 19:38:53 | 00,001,042 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1284227242-1801674531-1003UA.job
[2009.07.30 19:38:52 | 00,000,990 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1284227242-1801674531-1003Core.job
[2009.07.29 19:59:42 | 00,000,000 | ---D | C] -- C:\WINDOWS\.file_store_32
[2009.07.24 23:22:45 | 05,449,219 | ---- | C] () -- C:\Documents and Settings\JanHonJan\Dokumenty\Smich.wmv
[2009.07.24 03:57:06 | 00,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.07.19 19:40:49 | 00,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2009.07.19 19:36:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\JanHonJan\Dokumenty\Stažené soubory
[2009.05.31 22:18:25 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.05.29 18:21:53 | 00,163,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.05.16 18:35:46 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2009.05.12 21:37:28 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008.12.31 22:56:19 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.10.22 18:24:37 | 00,000,044 | ---- | C] () -- C:\WINDOWS\FocusAlpha.ini
[2008.10.17 16:21:22 | 00,141,612 | ---- | C] () -- C:\WINDOWS\System32\drivers\dump_wmimmc.sys
[2008.10.05 13:45:23 | 00,000,122 | ---- | C] () -- C:\WINDOWS\Winchat.ini
[2008.09.14 12:49:10 | 00,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008.09.14 12:49:09 | 00,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2008.08.27 16:43:12 | 01,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2008.08.21 19:46:24 | 00,141,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.08.19 16:01:21 | 00,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.08.11 12:08:41 | 00,000,081 | ---- | C] () -- C:\WINDOWS\WB.ini
[2008.08.10 23:17:36 | 00,000,024 | ---- | C] () -- C:\WINDOWS\LogonStudio.ini
[2008.08.10 23:17:01 | 00,187,392 | ---- | C] () -- C:\WINDOWS\System32\JPGUtils.dll
[2008.07.12 15:45:48 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.07.06 10:28:17 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXPRMON.DLL
[2008.07.06 10:28:17 | 00,020,480 | ---- | C] () -- C:\WINDOWS\System32\LXPMONUI.DLL
[2008.07.06 10:19:52 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\lxbuinsr.dll
[2008.07.06 10:19:51 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxbuvs.dll
[2008.07.06 10:19:46 | 00,131,072 | ---- | C] () -- C:\WINDOWS\System32\lxbujswr.dll
[2008.07.05 10:58:09 | 00,002,273 | ---- | C] () -- C:\WINDOWS\SmartMapsSJEvropa.INI
[2008.07.03 15:02:05 | 00,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2001.10.25 16:00:00 | 00,000,702 | ---- | C] () -- C:\WINDOWS\win.ini
[2001.10.25 16:00:00 | 00,000,567 | ---- | C] () -- C:\WINDOWS\system.ini
[2001.01.12 11:52:26 | 00,044,032 | ---- | C] () -- C:\WINDOWS\System32\vbpng1.dll
[2001.01.12 11:49:38 | 00,021,504 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[1997.06.13 17:56:08 | 00,056,320 | R--- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
[1996.04.03 21:33:26 | 00,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[8 C:\WINDOWS\System32\*.tmp files]
[4 C:\WINDOWS\*.tmp files]
[2009.08.18 15:06:47 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\JanHonJan\Plocha\OTL.exe
[2009.08.18 14:43:02 | 00,001,042 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1284227242-1801674531-1003UA.job
[2009.08.18 14:18:04 | 00,000,940 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009.08.18 13:24:15 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009.08.18 13:24:12 | 00,000,024 | ---- | M] () -- C:\WINDOWS\LogonStudio.ini
[2009.08.18 13:23:49 | 00,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009.08.18 13:23:36 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009.08.18 13:23:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009.08.18 13:23:06 | 13,417,06240 | -HS- | M] () -- C:\hiberfil.sys
[2009.08.18 13:21:52 | 02,145,462 | -H-- | M] () -- C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\IconCache.db
[2009.08.17 19:43:01 | 00,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-1284227242-1801674531-1003Core.job
[2009.08.15 15:52:23 | 00,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo
[2009.08.13 22:19:46 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.13 21:24:04 | 00,078,336 | ---- | M] () -- C:\Documents and Settings\JanHonJan\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.13 11:44:58 | 00,000,519 | ---- | M] () -- C:\Documents and Settings\JanHonJan\Nabídka Start\Programy\Po spuštění\WinFlip.lnk
[2009.07.30 19:55:10 | 04,154,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\logonuiX.exe
[2009.07.30 19:54:50 | 00,163,712 | ---- | M] () -- C:\WINDOWS\System32\drivers\vidstub.sys
[2009.07.24 23:22:45 | 05,449,219 | ---- | M] () -- C:\Documents and SettingsJanHonJan\Dokumenty\Smich.wmv
[2009.07.24 03:57:06 | 00,041,872 | ---- | M] () -- C:\WINDOWS\System32\xfcodec.dll
[2009.07.19 19:40:49 | 00,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:05EE1EEF
< End of report >

[JanHonJan]

Obsah souboru Extras.txt:

Kód: Vybrat vše

OTL Extras logfile created on: 18.8.2009 15:07:17 - Run 1
OTL by OldTimer - Version 3.0.10.7     Folder = C:\Documents and Settings\JanHonJan\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
 
1,25 Gb Total Physical Memory | 0,39 Gb Available Physical Memory | 31,40% Memory free
1,11 Gb Paging File | 0,61 Gb Available in Paging File | 54,72% Paging File free
Paging file location(s):  [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 15,63 Gb Total Space | 6,62 Gb Free Space | 42,37% Space Free | Partition Type: NTFS
Drive D: | 58,89 Gb Total Space | 23,32 Gb Free Space | 39,60% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: PC-30F86B7FC277
Current User Name: JanHonJan
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.scr [@ = PhotoFiltre.Pcx] -- D:\Programy\PhotoFiltre\PhotoFiltre.exe (Antonio Da Cruz)
 
[HKEY_USERS\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\lxbucoms.exe" = C:\WINDOWS\system32\lxbucoms.exe:*:Disabled:6200 Series Server -- (Lexmark International, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"D:\Programy\uTorrent\utorrent-1.8.1-beta-11882.upx.exe" = D:\Programy\uTorrent\utorrent-1.8.1-beta-11882.upx.exe:*:Enabled:µTorrent -- File not found
"D:\Programy\uTorrent\uTorrent.exe" = D:\Programy\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\dpnsvr.exe" = C:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server -- (Microsoft Corporation)
"D:\Programy\FlashGet\flashget.exe" = D:\Programy\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- File not found
"D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe" = D:\Programy\ICQ 6.5\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"D:\Programy\Skype\Phone\Skype.exe" = D:\Programy\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{15095BF3-A3D7-4DDF-B193-3A496881E003}" = Microsoft .NET Framework 3.0
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{20D0CDB1-5F03-4A5D-86EB-7C218053B157}" = Windows Live Messenger
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{245F6C7A-0C22-4DE0-8202-2AAA620A1D3A}" = Microsoft XNA Framework Redistributable 2.0
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 13
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2C294A0B-DF22-4023-B168-8C7645B10019}" = Adobe Setup
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 4.010.00
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java(TM) SE Development Kit 6 Update 13
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CCB26F5-E2A7-4C91-8340-9149D7B7C2BE}" = Virtual Earth 3D (Beta)
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}" = Windows 7 Upgrade Advisor Beta
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows Journal Viewer
"{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2
"{491DD792-AD81-429C-9EB4-86DD3D22E333}" = Windows Communication Foundation
"{4B215C29-1A3E-4736-92AA-10C83FA56EB9}" = Adobe After Effects CS3 Presets
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BF04C63-EAC0-4F19-9E88-9A745493E7BF}" = IconPackager
"{6EF72FC6-842E-4FE6-BF88-BFBF03C9DA74}" = Windows Workflow Foundation CS Language Pack
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Lexmark Fax Solutions
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}" = Windows Workflow Foundation
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AF3FB06-BDA3-42A3-995C-308812D2F094}" = Adobe After Effects CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{93028F9A-1EC0-467A-981B-DE93D96897C6}" = Windows Live Essentials
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}" = Windows Presentation Foundation Language Pack (CSY)
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint Plus
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{B3282FB8-874B-4054-8356-9EB391A826F9}" = OLYMPUS muvee theaterPack
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth
"{CFADE4AF-C0CF-4A04-A776-741318F1658F}" = Content Transfer
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D8979435-753B-40AE-9318-5E712C160A71}" = Windows Communication Foundation Language Pack - CSY
"{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}" = Nero 7 Premium
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF315348-721C-40B8-BAE2-58C6C7D935A2}" = Empire Earth II
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5D52570-5EF1-4576-A434-6CCD92268F0F}" = Google SketchUp 7
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F596C356-BF35-4ED7-981C-CC791461A8F0}" = Empire Earth II: The Art of Supremacy
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}" = Microsoft .NET Framework 3.0 Czech Language Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_b7dd24a87e82dcf8af8876fd727b7cf" = Adobe After Effects CS3
"Agama Web Buttons_is1" = Agama Web Buttons
"Age Of Empires 2 & The Conquerors Expansion - Full Game" = Age Of Empires 2 & The Conquerors Expansion - Full Game
"All ATI Software" = ATI - Software Uninstall Utility
"ATI Display Driver" = ATI Display Driver
"Audacity_is1" = Audacity 1.2.6
"avast!" = avast! Antivirus
"Avidemux 2.4" = Avidemux 2.4
"BootSkin" = BootSkin
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CentraClient" = Centra Client
"DivX Codec" = DivX Codec
"Fantasy Name Generator_is1" = Fantasy Name Generator 3.1.6
"Fish Fillets" = Fish Fillets
"Fish Fillets 2" = Fish Fillets 2
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 2.5
"Game Maker 6.1A" = Game Maker 6.1A
"Guild Wars" = Guild Wars
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"Cheat Engine 5.4_is1" = Cheat Engine 5.4
"IcoFX_is1" = IcoFX 1.6
"IconPackager" = IconPackager
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{764C0C8F-B1B1-49BF-AEDC-4E48E857A667}" = Faxové funkce Lexmark
"Lexmark 6200 Series" = Lexmark 6200 Series
"LogonStudio" = LogonStudio
"Microsoft .NET Framework 3.0" = Microsoft .NET Framework 3.0
"Microsoft .NET Framework 3.0 Czech Language Pack" = Microsoft .NET Framework 3.0 Czech Language Pack
"MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0
"Mozilla Firefox (3.5.2)" = Mozilla Firefox (3.5.2)
"Mozilla Thunderbird (2.0.0.22)" = Mozilla Thunderbird (2.0.0.22)
"MPE" = MyPhoneExplorer
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Nvu" = Nvu 1.0
"PhotoFiltre" = PhotoFiltre
"Scorpions WinCheater 2.07   (s databází 92)_is1" = Scorpions WinCheater
"SDK for the Java(TM) ME Platform" = Sony Ericsson SDK 2.2.4 for the Java(TM) ME Platform
"SketchyPhysics2_is1" = SketchyPhysics2b1
"SmartMaps Guide - Středojižní Evropa_is1" = SmartMaps Guide - Středojižní Evropa, příloha časopisu Počítač
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 3.27
"Spyware Terminator_is1" = Spyware Terminator
"SystemRequirementsLab" = System Requirements Lab
"Tweak UI 2.10" = Tweak UI
"Unlocker" = Unlocker 1.8.7
"UnrealTournament" = Unreal Tournament G.O.T.Y. Edition
"UserBar Generator_is1" = UserBar Generator 1.2
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"WindowBlinds" = WindowBlinds
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"Xbox_360_CC_Driver" = Xbox 360 Controller for Windows
"Xfire" = Xfire (remove only)
"Xilisoft DVD to MP4 Converter" = Xilisoft DVD to MP4 Converter
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"YS FLIGHT SIMULATOR" = YS FLIGHT SIMULATOR
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.2.4.1
"Google Chrome" = Google Chrome
"I-Doser v4" = I-Doser v4
"uTorrent" = µTorrent
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Antivirus Events ]
Error - 3.9.2008 8:20:07 | Computer Name = PC-30F86B7FC277 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
 of http://releases.ubuntu.com/hardy/ubuntu-8.04.1-desktop-i386.iso failed, 00000084.
 
 
Error - 3.9.2008 14:38:11 | Computer Name = PC-30F86B7FC277 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
 of http://switch.dl.sourceforge.net/sourceforge/vixta/neon4.En.DVD-9.0.0.iso failed,
 00000084. 
 
Error - 3.10.2008 12:01:17 | Computer Name = PC-30F86B7FC277 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
 of http://www.lovettsoftware.fsnet.co.uk/Mouse/Whole/setup.exe failed, 00000084.
 
 
Error - 25.10.2008 9:56:58 | Computer Name = PC-30F86B7FC277 | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: Aavm: FetchGlobalCounters cannot open
mapping - server DOWN???, 00000002. 
 
[ Application Events ]
Error - 12.2.2009 4:42:35 | Computer Name = PC-30F86B7FC277 | Source = Application Error | ID = 1000
Description = Chybující aplikace nvu.exe, verze 0.0.0.0, chybující modul js3250.dll,
 verze 4.0.0.0, adresa chyby 0x000272b0.
 
Error - 17.2.2009 6:30:59 | Computer Name = PC-30F86B7FC277 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.0.3306, zablokovaný modul
 hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
 
Error - 23.2.2009 10:49:08 | Computer Name = PC-30F86B7FC277 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.0.3306, zablokovaný modul
 hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
 
Error - 1.3.2009 9:43:46 | Computer Name = PC-30F86B7FC277 | Source = Application Error | ID = 1000
Description = Chybující aplikace sims2.exe, verze 1.0.0.932, chybující modul ~df394b.tmp,
 verze 0.0.0.0, adresa chyby 0x0008e86b.
 
Error - 9.3.2009 9:41:09 | Computer Name = PC-30F86B7FC277 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace soffice.bin, verze 2.3.9310.500, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
 
Error - 9.3.2009 10:42:25 | Computer Name = PC-30F86B7FC277 | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.5.4.2165, chybující modul gen_ml.dll,
 verze 0.0.0.0, adresa chyby 0x0001c32b.
 
Error - 19.3.2009 16:56:41 | Computer Name = PC-30F86B7FC277 | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.0.3334, chybující modul
xul.dll, verze 1.9.0.3334, adresa chyby 0x0007dd3b.
 
Error - 21.3.2009 12:10:42 | Computer Name = PC-30F86B7FC277 | Source = Application Error | ID = 1000
Description = Chybující aplikace icq.exe, verze 6.5.0.1042, chybující modul unknown,
 verze 0.0.0.0, adresa chyby 0x07feca80.
 
Error - 8.4.2009 10:02:51 | Computer Name = PC-30F86B7FC277 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace soffice.bin, verze 2.3.9310.500, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
 
Error - 22.4.2009 3:50:13 | Computer Name = PC-30F86B7FC277 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace soffice.bin, verze 2.3.9310.500, zablokovaný
modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
 
[ System Events ]
Error - 17.8.2009 4:04:28 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
 se nezdařilo:   PCIIde
 
Error - 17.8.2009 10:32:14 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 3 neuspěla při spuštění v důsledku
následující chyby:   %%2
 
Error - 17.8.2009 10:32:14 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero Registry InCD Service neuspěla při spuštění v důsledku
 následující chyby:   %%2
 
Error - 17.8.2009 10:32:14 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
 se nezdařilo:   PCIIde
 
Error - 18.8.2009 4:21:32 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 3 neuspěla při spuštění v důsledku
následující chyby:   %%2
 
Error - 18.8.2009 4:21:32 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero Registry InCD Service neuspěla při spuštění v důsledku
 následující chyby:   %%2
 
Error - 18.8.2009 4:21:32 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
 se nezdařilo:   PCIIde
 
Error - 18.8.2009 7:24:43 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero BackItUp Scheduler 3 neuspěla při spuštění v důsledku
následující chyby:   %%2
 
Error - 18.8.2009 7:24:43 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7000
Description = Služba Nero Registry InCD Service neuspěla při spuštění v důsledku
 následující chyby:   %%2
 
Error - 18.8.2009 7:24:43 | Computer Name = PC-30F86B7FC277 | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
 se nezdařilo:   PCIIde
 
 
< End of report >

PS: Chybující aplikace sims2.exe si nevšímejte, nejsem takový profesionální hráč, abych hrál tohle . Hrála to kdysi ségra.

[pitimir]

No s tym suborom bude problem, nevidi ho ani OTL - budeme sa na to mrknut zblizka :)
1) Skopiruj do policka pod nazvom "Custom Scans/Fixes":

Kód: Vybrat vše

:otl
PRC - [2007.06.13 15:23:39 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
SRV - File not found -- -- (Nero BackItUp Scheduler 3 [Auto | Stopped])
SRV - File not found -- -- (NeroRegInCDSrv [Auto | Stopped])
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
O4 - HKLM..\Run: [] File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O16 - DPF: {4A026B12-94F3-4D2F-A468-96AA55DE20A5} http://213.211.35.82/img/NetCamPlayerWeb11g.ocx (NetCamPlayerWeb11g Control)
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} http://vistatestdrive.com/sp1/ActiveX/V ... lient1.cab (Microsoft Virtual Server VMRC Advanced Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos-be ... canner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://icq.oberon-media.com/Gameshell/G ... meHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - Reg Error: Key error. File not found

:commands
[emptytemp]
[reboot]

Klikni na "Run Fix". Program zacne pracovat, mozny je restart PC. Po nom by sa ti mal objavit log, ten by som rad videl.


2) Stiahni ComboFix, najlepsie na plochu. Vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall. Spust program cez ucet s administratorskymi pravami a postupuj podla instrukcii. Cely sken bude trvat cca 10 minut. Pocas neho moze byt PC restartovane. Log, ktory ComboFix vytvori, najdes na adrese "C:\ComboFix.txt".
Ten vloz sem.

Pozor: Kym ComboFix nevytvori log, na nic neklikat, nic nestlacat !!

[JanHonJan]

Momentálně stahuju Windows 7, takže to zkusím, až to dostahuju. Zatím díky, pak dám vědět .

[pitimir]

Len ho prosim ta nehadz na PC - nic na nom totizto este nefunguje (co sa tyka antimalware utilit)

[JanHonJan]

Neboj, budu ho házet jen do Virtual PC .

[pitimir]

Taxa mi to paci

[JanHonJan]

Tak tady je ten log:

Kód: Vybrat vše

All processes killed
========== OTL ==========
No active process named Explorer.EXE was found!

Service\Driver Nero BackItUp Scheduler 3 deleted successfully.

Service\Driver NeroRegInCDSrv deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Extensions Off Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Security Risk Page| /E : value set successfully!
Unable to set value : HKU\S-1-5-21-602162358-1284227242-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Starting removal of ActiveX control {4A026B12-94F3-4D2F-A468-96AA55DE20A5}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4A026B12-94F3-4D2F-A468-96AA55DE20A5}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4A026B12-94F3-4D2F-A468-96AA55DE20A5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A026B12-94F3-4D2F-A468-96AA55DE20A5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4A026B12-94F3-4D2F-A468-96AA55DE20A5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A026B12-94F3-4D2F-A468-96AA55DE20A5}\ not found.
Starting removal of ActiveX control {4EFA317A-8569-4788-B175-5BAF9731A549}
C:\WINDOWS\Downloaded Program Files\VMRCActiveXClient.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4EFA317A-8569-4788-B175-5BAF9731A549}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EFA317A-8569-4788-B175-5BAF9731A549}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{4EFA317A-8569-4788-B175-5BAF9731A549}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EFA317A-8569-4788-B175-5BAF9731A549}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\WINDOWS\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {D0C0F75C-683A-4390-A791-1ACFD5599AB8}
C:\WINDOWS\Downloaded Program Files\OberonGameHost_dbg.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ not found.
Starting removal of ActiveX control {D27CDB6E-AE6D-11CF-96B8-444553540000}
C:\WINDOWS\Downloaded Program Files\swflash.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11CF-96B8-444553540000}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{88485281-8b4b-4f8d-9ede-82e29a064277} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88485281-8b4b-4f8d-9ede-82e29a064277}\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: JanHonJan
->Temp folder emptied: 2658867 bytes
->Temporary Internet Files folder emptied: 1866574 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 46084447 bytes
->Google Chrome cache emptied: 557424 bytes
->Opera cache emptied: 1394250 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 34887 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2178584 bytes
%systemroot%\System32 .tmp files removed: 4181960 bytes
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_774.dat scheduled to be deleted on reboot.
Windows Temp folder emptied: 66019 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 56,38 mb
 
 
OTL by OldTimer - Version 3.0.10.7 log created on 08182009_211640

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_774.dat not found!

Registry entries deleted on Reboot...

Mimochodem, když se PC začal restartovat, tak asi 10 minut trčel u hlášky "Vypínám..." a pak jsem byl nucen ho vypnout "násilím" ... Snad jsem něco nepodělal .

Zatím mi ta chyba vyskakuje pořád, ještě zkusím ten ComboFix.

[pitimir]

Cakam na CF :)

[JanHonJan]

Včera večer (spíše v noci ) jsem ještě pustil SpyBot, ale nic nenašel. Tady je ten log z ComboFixu:

Kód: Vybrat vše

ComboFix 09-08-18.03 - JanHonJan 19.08.2009 13:10.1.1 - NTFSx86
Systém Microsoft Windows XP Professional  5.1.2600.2.1250.420.1029.18.1279.759 [GMT 2:00]
Spuštěný z: c:\documents and settings\JanHonJan\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090818-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\Ijl11.dll
c:\windows\system32\muzapp.exe

Nakažená kopie c:\windows\system32\mspmsnsv.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll

.
(((((((((((((((((((((((((   Soubory vytvořené od 2009-07-19 do 2009-08-19  )))))))))))))))))))))))))))))))
.

2009-08-18 15:15 . 2007-12-26 15:30   679936   ----a-w-   c:\windows\system32\D3DX81ab.dll
2009-08-18 15:15 . 2007-12-26 15:30   1970176   ----a-w-   c:\windows\system32\d3dx9.dll
2009-08-18 11:56 . 2009-08-18 11:56   --------   d-----w-   c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-08-08 17:19 . 2009-08-08 17:19   --------   d-----w-   c:\windows\system32\Futuremark
2009-08-08 17:19 . 2008-09-17 13:14   27672   ----a-r-   c:\windows\system32\drivers\Entech.sys
2009-08-08 17:19 . 2009-08-08 17:19   --------   d-----w-   c:\program files\Common Files\Futuremark Shared
2009-08-05 15:10 . 2009-08-05 15:10   --------   d-----w-   c:\documents and settings\JanHonJan\.NobleAvatar
2009-08-01 21:29 . 2009-08-01 21:29   --------   d-----w-   c:\program files\Windows Journal Viewer
2009-08-01 19:04 . 2009-08-19 10:59   --------   d-----w-   c:\documents and settings\JanHonJan\Tracing
2009-08-01 19:02 . 2009-08-01 19:02   --------   d-----w-   c:\program files\Microsoft
2009-08-01 19:01 . 2009-08-01 19:01   --------   d-----w-   c:\program files\Windows Live SkyDrive
2009-08-01 19:01 . 2009-08-01 19:02   --------   d-----w-   c:\program files\Windows Live
2009-08-01 18:57 . 2009-08-01 18:57   --------   d-----w-   c:\program files\Common Files\Windows Live
2009-07-30 20:54 . 2009-08-01 18:54   --------   d-----w-   c:\program files\ViGlance
2009-07-30 20:51 . 2009-08-01 18:54   --------   d-----w-   c:\program files\ViSplore
2009-07-29 17:59 . 2009-07-29 18:00   --------   d-----w-   c:\windows\.file_store_32
2009-07-24 01:57 . 2009-07-24 01:57   41872   ----a-w-   c:\windows\system32\xfcodec.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-18 10:24 . 2008-09-05 13:38   34   ----a-w-   c:\documents and settings\JanHonJan\jagex_runescape_preferences.dat
2009-08-15 14:17 . 2009-04-11 16:36   --------   d-----w-   c:\program files\ATI Technologies
2009-08-08 17:19 . 2008-07-03 13:02   --------   d--h--w-   c:\program files\InstallShield Installation Information
2009-08-07 15:30 . 2008-07-06 08:23   --------   d-----w-   c:\program files\Lx_cats
2009-07-30 17:55 . 2004-08-17 13:49   4154368   ----a-w-   c:\windows\system32\logonuiX.exe
2009-07-30 17:54 . 2009-05-29 16:21   163712   ----a-w-   c:\windows\system32\drivers\vidstub.sys
2009-06-30 21:22 . 2008-10-17 14:21   141612   ----a-w-   c:\windows\system32\drivers\dump_wmimmc.sys
2009-06-30 18:18 . 2009-06-30 18:18   6820   ----a-w-   c:\windows\system32\d3d9caps.dat
2009-06-20 08:59 . 2009-06-20 08:59   53248   ----a-w-   c:\documents and settings\JanHonJan\lametritonus_en.dll
2009-06-20 08:59 . 2009-06-20 08:59   162304   ----a-w-   c:\documents and settings\JanHonJan\lame_enc_en.dll
2009-06-19 18:39 . 2009-06-19 18:31   798720   ----a-w-   c:\windows\GPInstall.exe
2009-06-14 17:45 . 2004-08-03 21:14   360320   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2009-05-31 20:18 . 2009-05-31 20:18   43520   ----a-w-   c:\windows\system32\CmdLineExt03.dll
2009-05-28 18:14 . 2009-05-28 18:14   56   ---ha-w-   c:\windows\system32\ezsidmv.dat
2009-05-27 10:42 . 2009-05-27 10:43   40476   ----a-w-   c:\windows\Fonts\BRAIS___.TTF
2009-05-27 10:42 . 2009-05-27 10:43   21464   ----a-w-   c:\windows\Fonts\land.ttf
2004-08-17 13:49 . 2008-07-17 09:28   73728   --sha-w-   c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.

------- Sigcheck -------

[7] 2008-06-20 10:44   360960   744E57C99232201AE98C49168B918F48   c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-06-20 11:51   361600   9AEFA14BD6B182D61E3119FA5F436D3D   c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 11:59   361600   AD978A1B783B5719720CFF204B666C8E   c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2004-08-03 21:14   359040   9F4B36614A0FC234525BA224957DE55C   c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2009-06-14 17:45   360320   3ADCE4790F591BF160A94F6F08039577   c:\windows\system32\drivers\tcpip.sys
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\programy\Daemon Tools\daemon.exe" [2008-07-08 486856]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-05-15 95536]
"Sony Ericsson PC Suite"="d:\programy\SE PC Suite\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"Google Update"="c:\documents and settings\JanHonJan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-07-30 133104]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="d:\programy\AVAST!~1\ashDisp.exe" [2009-02-05 81000]
"lxbumon.exe"="c:\program files\Lexmark 6200 Series\lxbumon.exe" [2004-09-22 188416]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2004-09-22 299008]
"EzPrint"="c:\program files\Lexmark 6200 Series\ezprint.exe" [2004-09-17 61440]
"Adobe Reader Speed Launcher"="d:\programy\Adobe Reader\Reader\Reader_sl.exe" [2008-01-11 39792]
"SMSTray"="d:\programy\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 126976]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-05-15 54576]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"ContentTransferWMDetector.exe"="d:\programy\Sony Content Transfer\ContentTransferWMDetector.exe" [2008-07-11 423200]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="d:\programy\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="d:\programy\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"LogonStudio"="d:\programy\Stardock\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"LXBUCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-09-10 69632]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\JanHonJan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - d:\programy\OpenOffice.org\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
WinFlip.lnk - d:\programy\WinFlip\WinFlip.exe [2009-8-13 483328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-08-31 15:00   210168   ----a-w-   d:\programy\Stardock\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\lxbucoms.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Programy\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Programy\\ICQ 6.5\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Programy\\Skype\\Phone\\Skype.exe"=

R0 BootScreen;BootScreen;\SystemRoot\\SystemRoot\System32\drivers\vidstub.sys --> \SystemRoot\\SystemRoot\System32\drivers\vidstub.sys [?]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [3.7.2008 15:15 114768]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [24.9.2008 21:56 114496]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.7.2008 15:15 20560]
S2 gupdate1c9862bdc32f4d4;Google Update Service (gupdate1c9862bdc32f4d4);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2009 20:18 133104]
S2 wmcmgc;Windows Management Configuration;c:\windows\System32\svchost.exe -k netsvcs [17.8.2004 15:49 14336]
S3 cpuz130;cpuz130;\??\c:\docume~1\JANHON~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\JANHON~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [26.12.2008 0:00 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [26.12.2008 0:00 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [26.12.2008 0:00 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [26.12.2008 0:00 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [26.12.2008 0:00 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [26.12.2008 0:00 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [26.12.2008 0:00 115752]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [26.12.2008 0:00 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [26.12.2008 0:00 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [26.12.2008 0:00 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [26.12.2008 0:00 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [26.12.2008 0:00 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [26.12.2008 0:00 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [26.12.2008 0:00 117672]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [19.7.2008 21:13 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [19.7.2008 21:13 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [19.7.2008 21:13 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [19.7.2008 21:13 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [19.7.2008 21:13 98568]
S3 zlportio;zlportio;\??\d:\hry\UltraStar Deluxe\zlportio.sys --> d:\hry\UltraStar Deluxe\zlportio.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
wmcmgc
.
Obsah adresáře 'Naplánované úlohy'

2009-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:18]

2009-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 18:18]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

ShellIconOverlayIdentifiers-{8D2223A2-B3C6-4e32-B096-CDD11F628C60} - (no file)


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
mLocal Page =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Download with Free Download Manager - file://d:\programy\Free Download Manager\dllink.htm
TCP: {B4DD0554-5777-4884-BC02-8DDACB844BF7} = 10.10.10.1,10.10.10.2
FF - ProfilePath - c:\documents and settings\JanHonJan\Data aplikací\Mozilla\Firefox\Profiles\buv56uf4.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: network.proxy.type - 4
FF - component: d:\programy\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: d:\programy\Adobe Reader\Reader\browser\nppdf32.dll
FF - plugin: d:\programy\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: d:\programy\Mozilla Firefox\plugins\NPCentraUpdater.dll

---- NASTAVENÍ FIREFOXU ----
d:\programy\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
d:\programy\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",      5120);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
d:\programy\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
d:\programy\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
d:\programy\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
d:\programy\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
d:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",     true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",    true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",     true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",       true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",    true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",                 true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",                true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",               false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",               true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",                 true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",                   true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",                true);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",             false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",            false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",    false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
d:\programy\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-19 13:18
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ... 

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  LXBUCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

skenování skrytých souborů ... 

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-602162358-1284227242-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\Ati2evxx.dll
d:\programy\Stardock\WindowBlinds\WBSrv.dll

- - - - - - - > 'explorer.exe'(1156)
d:\programy\WinFlip\WFHook.dll
c:\windows\system32\WPDShServiceObj.dll
d:\programy\Stardock\IconPackager\iprepair.dll
d:\programy\Microsoft Virtual PC 2007\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
d:\programy\avast! Antivirus\aswUpdSv.exe
d:\programy\avast! Antivirus\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
d:\programy\Nero 7\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\IoctlSvc.exe
d:\programy\avast! Antivirus\ashMaiSv.exe
c:\windows\system32\wscntfy.exe
d:\programy\avast! Antivirus\ashWebSv.exe
c:\windows\system32\lxbucoms.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
d:\programy\OpenOffice.org\OpenOffice.org 3\program\soffice.exe
d:\programy\OpenOffice.org\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2009-08-19 13:25 - počítač byl restartován
ComboFix-quarantined-files.txt  2009-08-19 11:24

Před spuštěním: 7 030 063 104
Po spuštění: 6 981 799 936

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

279   --- E O F ---   2008-07-12 20:00

Zatím ta cedulka nevyskočila, ale nebudu se radovat předem . Ještě chvíli počkám, a jestli naskočí, dám vědět.