Prosím o kontrolu logu + Vyřešeno

[jogin]

Mám problemy z FPS u flashovích her , načítání jiných her celkem dost dlouho trvá. např lol všichny už jsou naloadovaní jen já jedu pomalu, dříve to tak ale nebylo,dále mám na C: moc složek který ani nechápu proč tam jsou zde log + screen z C: prosím o kontrolu. http://uloz.to/x7jdGDw/novy-obrazek-1-bmp

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:27:45, on 14.12.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17115)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe
C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Michal\Data aplikací\QipGuard\QipGuard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe
C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Michal\Dokumenty\Stažené soubory\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=14672
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [trustGTX14] "C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe" showhide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Michal\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF312041-F20B-4BD8-948E-D2C75AC7FA3F}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: D_Link_DWA-125 Service (D_Link_DWA-125) - Wireless Service - C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10492 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=1467
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.glarysoft.com/?src=iehome
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Michal\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O3 - Toolbar: (no name) - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Michal\Data aplikací\QipGuard\QipGuard.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[jogin]

zde je log z Malwa.......

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.12.14.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Michal :: PC [administrátor]

14.12.2012 22:54:11
mbam-log-2012-12-14 (22-59-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 269100
Uplynulý čas: 5 minut, 27 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QipGuard (Spyware.Zbot) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\Michal\Data aplikací\QipGuard\QipGuard.exe (Spyware.Zbot) -> Žádná instrukce nebyla provedena.

(konec)

[memphisto]

- Takže spus znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[jogin]

tak combofix mi udělal složku jen zkoušel sem to 2x a pořád nic žádný log ..Malwa:

Malwarebytes Anti-Malware 1.65.1.1000
http://www.malwarebytes.org

Verze databáze: v2012.12.14.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Michal :: PC [administrátor]

14.12.2012 23:33:54
mbam-log-2012-12-14 (23-33-54).txt

Typ: Úplná kontrola (C:\|E:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 372446
Uplynulý čas: 1 hodin, 49 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QipGuard (Spyware.Zbot) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Documents and Settings\Michal\Data aplikací\QipGuard\QipGuard.exe (Spyware.Zbot) -> Umístnění do karantény a smazání se zdařilo.
C:\Documents and Settings\Michal\Plocha\Fotky a obrazky\grilovacka 9-11.7.2010\Snímek 140.jpg (Extension.Mismatch) -> Umístnění do karantény a smazání se zdařilo.

(konec)

ted sem nějak nepochopil proč tam jsou 2 logy toho ale pro jistotu přikladám oba.TDSSKiller: před restartem
01:26:12.0359 3740 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:26:12.0609 3740 ============================================================
01:26:12.0609 3740 Current date / time: 2012/12/15 01:26:12.0609
01:26:12.0609 3740 SystemInfo:
01:26:12.0609 3740
01:26:12.0609 3740 OS Version: 5.1.2600 ServicePack: 3.0
01:26:12.0609 3740 Product type: Workstation
01:26:12.0609 3740 ComputerName: PC
01:26:12.0609 3740 UserName: Michal
01:26:12.0609 3740 Windows directory: C:\WINDOWS
01:26:12.0609 3740 System windows directory: C:\WINDOWS
01:26:12.0609 3740 Processor architecture: Intel x86
01:26:12.0609 3740 Number of processors: 2
01:26:12.0609 3740 Page size: 0x1000
01:26:12.0609 3740 Boot type: Normal boot
01:26:12.0609 3740 ============================================================
01:26:13.0453 3740 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:26:13.0453 3740 ============================================================
01:26:13.0453 3740 \Device\Harddisk0\DR0:
01:26:13.0453 3740 MBR partitions:
01:26:13.0453 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x128DEE32
01:26:13.0468 3740 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x128DEEB0, BlocksNum 0x12B4A950
01:26:13.0468 3740 ============================================================
01:26:13.0500 3740 C: <-> \Device\Harddisk0\DR0\Partition1
01:26:13.0531 3740 E: <-> \Device\Harddisk0\DR0\Partition2
01:26:13.0546 3740 ============================================================
01:26:13.0546 3740 Initialize success
01:26:13.0546 3740 ============================================================
01:26:15.0375 3404 ============================================================
01:26:15.0375 3404 Scan started
01:26:15.0375 3404 Mode: Manual;
01:26:15.0375 3404 ============================================================
01:26:16.0531 3404 ================ Scan system memory ========================
01:26:16.0531 3404 System memory - ok
01:26:16.0531 3404 ================ Scan services =============================
01:26:16.0625 3404 Abiosdsk - ok
01:26:16.0640 3404 abp480n5 - ok
01:26:16.0671 3404 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:26:16.0671 3404 ACPI - ok
01:26:16.0703 3404 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
01:26:16.0718 3404 ACPIEC - ok
01:26:16.0765 3404 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:26:16.0765 3404 AdobeFlashPlayerUpdateSvc - ok
01:26:16.0765 3404 adpu160m - ok
01:26:16.0781 3404 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
01:26:16.0796 3404 aec - ok
01:26:16.0828 3404 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
01:26:16.0828 3404 AFD - ok
01:26:16.0828 3404 Aha154x - ok
01:26:16.0843 3404 aic78u2 - ok
01:26:16.0843 3404 aic78xx - ok
01:26:16.0875 3404 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
01:26:16.0875 3404 Alerter - ok
01:26:16.0890 3404 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
01:26:16.0890 3404 ALG - ok
01:26:16.0906 3404 AliIde - ok
01:26:16.0953 3404 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
01:26:16.0968 3404 Ambfilt - ok
01:26:16.0984 3404 amsint - ok
01:26:17.0015 3404 [ 92DEFE8A13A7CE457817E3BD464A9FF4 ] ANIO C:\WINDOWS\system32\ANIO.SYS
01:26:17.0015 3404 ANIO - ok
01:26:17.0078 3404 [ 0477ABEF0547167B8E7A7E1747F02CD4 ] ANIWZCSdService C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
01:26:17.0203 3404 ANIWZCSdService - ok
01:26:17.0234 3404 [ D33B28D9ED695CCF9520D70D825F9D85 ] ANPD C:\WINDOWS\system32\ANPD.sys
01:26:17.0250 3404 ANPD - ok
01:26:17.0281 3404 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
01:26:17.0281 3404 AppMgmt - ok
01:26:17.0296 3404 asc - ok
01:26:17.0296 3404 asc3350p - ok
01:26:17.0296 3404 asc3550 - ok
01:26:17.0375 3404 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:26:17.0390 3404 aspnet_state - ok
01:26:17.0406 3404 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:26:17.0406 3404 AsyncMac - ok
01:26:17.0437 3404 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
01:26:17.0437 3404 atapi - ok
01:26:17.0453 3404 Atdisk - ok
01:26:17.0484 3404 [ 70F72C50D39F5AFA76C17F86223A7C4F ] atksgt C:\WINDOWS\system32\DRIVERS\atksgt.sys
01:26:17.0484 3404 atksgt - ok
01:26:17.0500 3404 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:26:17.0500 3404 Atmarpc - ok
01:26:17.0531 3404 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
01:26:17.0546 3404 AudioSrv - ok
01:26:17.0562 3404 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
01:26:17.0562 3404 audstub - ok
01:26:17.0609 3404 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
01:26:17.0609 3404 Beep - ok
01:26:17.0625 3404 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
01:26:17.0640 3404 BITS - ok
01:26:17.0656 3404 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys
01:26:17.0671 3404 Bridge - ok
01:26:17.0671 3404 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
01:26:17.0671 3404 BridgeMP - ok
01:26:17.0703 3404 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
01:26:17.0703 3404 Browser - ok
01:26:17.0781 3404 catchme - ok
01:26:17.0796 3404 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
01:26:17.0796 3404 cbidf2k - ok
01:26:17.0812 3404 cd20xrnt - ok
01:26:17.0828 3404 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
01:26:17.0828 3404 Cdaudio - ok
01:26:17.0859 3404 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
01:26:17.0859 3404 Cdfs - ok
01:26:17.0875 3404 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:26:17.0875 3404 Cdrom - ok
01:26:17.0890 3404 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
01:26:17.0890 3404 CiSvc - ok
01:26:17.0921 3404 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
01:26:17.0921 3404 ClipSrv - ok
01:26:17.0968 3404 [ BE465A17FDA2E79ED49053CBEC7E9335 ] CLPSLS C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe
01:26:17.0984 3404 CLPSLS - ok
01:26:18.0015 3404 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:26:18.0031 3404 clr_optimization_v2.0.50727_32 - ok
01:26:18.0093 3404 [ 2A2D72271844C52F004901A60312B96A ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
01:26:18.0109 3404 cmdAgent - ok
01:26:18.0140 3404 [ 26F9E72754B2DBC53977E92B647A6ABA ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
01:26:18.0140 3404 cmderd - ok
01:26:18.0156 3404 [ 9181CC4D007ADBE21DB9A11BFECAFEF5 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
01:26:18.0171 3404 cmdGuard - ok
01:26:18.0187 3404 [ C5A9FB50E8CA7FD99F256255FEE71580 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
01:26:18.0187 3404 cmdHlp - ok
01:26:18.0187 3404 CmdIde - ok
01:26:18.0203 3404 COMSysApp - ok
01:26:18.0218 3404 Cpqarray - ok
01:26:18.0234 3404 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
01:26:18.0234 3404 CryptSvc - ok
01:26:18.0250 3404 dac2w2k - ok
01:26:18.0250 3404 dac960nt - ok
01:26:18.0281 3404 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
01:26:18.0296 3404 DcomLaunch - ok
01:26:18.0328 3404 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
01:26:18.0328 3404 Dhcp - ok
01:26:18.0359 3404 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
01:26:18.0359 3404 Disk - ok
01:26:18.0359 3404 dmadmin - ok
01:26:18.0406 3404 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
01:26:18.0406 3404 dmboot - ok
01:26:18.0421 3404 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
01:26:18.0421 3404 dmio - ok
01:26:18.0453 3404 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
01:26:18.0453 3404 dmload - ok
01:26:18.0484 3404 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
01:26:18.0484 3404 dmserver - ok
01:26:18.0500 3404 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
01:26:18.0500 3404 DMusic - ok
01:26:18.0531 3404 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
01:26:18.0531 3404 Dnscache - ok
01:26:18.0578 3404 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
01:26:18.0578 3404 Dot3svc - ok
01:26:18.0578 3404 dpti2o - ok
01:26:18.0593 3404 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
01:26:18.0593 3404 drmkaud - ok
01:26:18.0625 3404 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
01:26:18.0625 3404 dtsoftbus01 - ok
01:26:18.0687 3404 [ F195FBC375342BD25C936982245A8FB0 ] D_Link_DWA-125 C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe
01:26:18.0812 3404 D_Link_DWA-125 - ok
01:26:18.0843 3404 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
01:26:18.0843 3404 EapHost - ok
01:26:18.0859 3404 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
01:26:18.0859 3404 ERSvc - ok
01:26:18.0875 3404 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
01:26:18.0890 3404 Eventlog - ok
01:26:18.0921 3404 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
01:26:18.0921 3404 EventSystem - ok
01:26:18.0937 3404 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
01:26:18.0937 3404 Fastfat - ok
01:26:18.0968 3404 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:26:18.0984 3404 FastUserSwitchingCompatibility - ok
01:26:18.0984 3404 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
01:26:19.0000 3404 Fdc - ok
01:26:19.0015 3404 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
01:26:19.0015 3404 Fips - ok
01:26:19.0031 3404 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:26:19.0031 3404 Flpydisk - ok
01:26:19.0046 3404 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
01:26:19.0046 3404 FltMgr - ok
01:26:19.0109 3404 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:26:19.0109 3404 FontCache3.0.0.0 - ok
01:26:19.0140 3404 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\WINDOWS\system32\FsUsbExDisk.SYS
01:26:19.0156 3404 FsUsbExDisk - ok
01:26:19.0171 3404 [ D3F9205CC4CB07553F2F9472C767EA87 ] FsUsbExService C:\WINDOWS\system32\FsUsbExService.Exe
01:26:19.0171 3404 FsUsbExService - ok
01:26:19.0203 3404 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:26:19.0203 3404 Fs_Rec - ok
01:26:19.0218 3404 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:26:19.0218 3404 Ftdisk - ok
01:26:19.0250 3404 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\WINDOWS\system32\DRIVERS\ggflt.sys
01:26:19.0250 3404 ggflt - ok
01:26:19.0281 3404 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\WINDOWS\system32\DRIVERS\ggsemc.sys
01:26:19.0281 3404 ggsemc - ok
01:26:19.0281 3404 GMSIPCI - ok
01:26:19.0312 3404 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:26:19.0312 3404 Gpc - ok
01:26:19.0328 3404 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
01:26:19.0328 3404 hamachi - ok
01:26:19.0359 3404 [ 6858AC07F86AAAB72DDB559F21176707 ] hcdriver C:\WINDOWS\system32\DRIVERS\hcdriver.sys
01:26:19.0359 3404 hcdriver - ok
01:26:19.0375 3404 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:26:19.0375 3404 HDAudBus - ok
01:26:19.0437 3404 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:26:19.0437 3404 helpsvc - ok
01:26:19.0453 3404 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
01:26:19.0453 3404 HidServ - ok
01:26:19.0468 3404 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:26:19.0468 3404 HidUsb - ok
01:26:19.0531 3404 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
01:26:19.0531 3404 hkmsvc - ok
01:26:19.0546 3404 hpn - ok
01:26:19.0578 3404 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
01:26:19.0593 3404 HTTP - ok
01:26:19.0609 3404 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
01:26:19.0609 3404 HTTPFilter - ok
01:26:19.0609 3404 i2omp - ok
01:26:19.0640 3404 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:26:19.0640 3404 i8042prt - ok
01:26:19.0703 3404 [ 2AAE7BE67911F4AEC9AD28E9CFB9096F ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:26:19.0734 3404 ialm - ok
01:26:19.0812 3404 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
01:26:19.0812 3404 IDriverT - ok
01:26:19.0890 3404 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:26:19.0906 3404 idsvc - ok
01:26:19.0921 3404 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
01:26:19.0937 3404 Imapi - ok
01:26:19.0968 3404 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
01:26:19.0968 3404 ImapiService - ok
01:26:19.0984 3404 ini910u - ok
01:26:20.0031 3404 [ E1DF634BEC066B3D4FFE437BCB78C282 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
01:26:20.0031 3404 Inspect - ok
01:26:20.0187 3404 [ BBE8A7474A7F09821594F3E5C2C638FB ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:26:20.0234 3404 IntcAzAudAddService - ok
01:26:20.0250 3404 IntelIde - ok
01:26:20.0281 3404 [ 27B290D632AF2CF3CF40BFDDB7370985 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:26:20.0281 3404 intelppm - ok
01:26:20.0296 3404 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
01:26:20.0312 3404 Ip6Fw - ok
01:26:20.0328 3404 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:26:20.0328 3404 IpFilterDriver - ok
01:26:20.0343 3404 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:26:20.0343 3404 IpInIp - ok
01:26:20.0359 3404 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:26:20.0359 3404 IpNat - ok
01:26:20.0390 3404 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:26:20.0390 3404 IPSec - ok
01:26:20.0406 3404 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
01:26:20.0406 3404 IRENUM - ok
01:26:20.0437 3404 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:26:20.0437 3404 isapnp - ok
01:26:20.0500 3404 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
01:26:20.0500 3404 JavaQuickStarterService - ok
01:26:20.0515 3404 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:26:20.0515 3404 Kbdclass - ok
01:26:20.0531 3404 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:26:20.0531 3404 kbdhid - ok
01:26:20.0562 3404 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
01:26:20.0562 3404 kmixer - ok
01:26:20.0578 3404 [ 769E2846280AEAD581227F6AB861FBC6 ] KMWDFilterV1 C:\WINDOWS\System32\Drivers\RPGMOUSEV1.sys
01:26:20.0578 3404 KMWDFilterV1 - ok
01:26:20.0593 3404 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
01:26:20.0593 3404 KSecDD - ok
01:26:20.0625 3404 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
01:26:20.0625 3404 lanmanserver - ok
01:26:20.0656 3404 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:26:20.0656 3404 lanmanworkstation - ok
01:26:20.0687 3404 [ F34B35F6F74E28A460749DA11D1117F8 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
01:26:20.0687 3404 LightScribeService - ok
01:26:20.0718 3404 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\WINDOWS\system32\DRIVERS\lirsgt.sys
01:26:20.0718 3404 lirsgt - ok
01:26:20.0734 3404 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
01:26:20.0734 3404 LmHosts - ok
01:26:20.0750 3404 MBAMSwissArmy - ok
01:26:20.0812 3404 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
01:26:20.0812 3404 MDM - ok
01:26:20.0843 3404 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
01:26:20.0843 3404 Messenger - ok
01:26:20.0859 3404 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
01:26:20.0859 3404 mnmdd - ok
01:26:20.0906 3404 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
01:26:20.0906 3404 mnmsrvc - ok
01:26:20.0921 3404 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
01:26:20.0921 3404 Modem - ok
01:26:20.0968 3404 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
01:26:20.0984 3404 Monfilt - ok
01:26:20.0984 3404 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:26:20.0984 3404 Mouclass - ok
01:26:21.0015 3404 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:26:21.0015 3404 mouhid - ok
01:26:21.0031 3404 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
01:26:21.0031 3404 MountMgr - ok
01:26:21.0062 3404 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
01:26:21.0250 3404 MozillaMaintenance - ok
01:26:21.0250 3404 mraid35x - ok
01:26:21.0281 3404 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:26:21.0281 3404 MRxDAV - ok
01:26:21.0312 3404 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:26:21.0312 3404 MRxSmb - ok
01:26:21.0328 3404 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
01:26:21.0328 3404 MSDTC - ok
01:26:21.0343 3404 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
01:26:21.0343 3404 Msfs - ok
01:26:21.0359 3404 MSIServer - ok
01:26:21.0375 3404 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:26:21.0375 3404 MSKSSRV - ok
01:26:21.0390 3404 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:26:21.0390 3404 MSPCLOCK - ok
01:26:21.0390 3404 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
01:26:21.0390 3404 MSPQM - ok
01:26:21.0406 3404 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:26:21.0406 3404 mssmbios - ok
01:26:21.0437 3404 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
01:26:21.0437 3404 Mup - ok
01:26:21.0468 3404 [ E6D35F3AA51A65EB35C1F2340154A25E ] muufh C:\WINDOWS\system32\drivers\ewoex.sys
01:26:21.0578 3404 muufh - ok
01:26:21.0609 3404 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
01:26:21.0625 3404 napagent - ok
01:26:21.0718 3404 [ 6D8FCDD5BB3B676EF58FA234073492C6 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
01:26:21.0734 3404 NBService - ok
01:26:21.0765 3404 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
01:26:21.0765 3404 NDIS - ok
01:26:21.0796 3404 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:26:21.0796 3404 NdisTapi - ok
01:26:21.0812 3404 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:26:21.0812 3404 Ndisuio - ok
01:26:21.0828 3404 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:26:21.0828 3404 NdisWan - ok
01:26:21.0859 3404 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
01:26:21.0859 3404 NDProxy - ok
01:26:21.0875 3404 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
01:26:21.0875 3404 NetBIOS - ok
01:26:21.0906 3404 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
01:26:21.0906 3404 NetBT - ok
01:26:21.0937 3404 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
01:26:21.0937 3404 NetDDE - ok
01:26:21.0937 3404 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
01:26:21.0953 3404 NetDDEdsdm - ok
01:26:21.0968 3404 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
01:26:21.0968 3404 Netlogon - ok
01:26:21.0984 3404 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
01:26:21.0984 3404 Netman - ok
01:26:22.0015 3404 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:26:22.0031 3404 NetTcpPortSharing - ok
01:26:22.0046 3404 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
01:26:22.0046 3404 Nla - ok
01:26:22.0093 3404 [ 060DAF68493AD7ADF104413E5A62AFA8 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
01:26:22.0093 3404 NMIndexingService - ok
01:26:22.0156 3404 [ B9730495E0CF674680121E34BD95A73B ] npf C:\WINDOWS\system32\drivers\npf.sys
01:26:22.0156 3404 npf - ok
01:26:22.0187 3404 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
01:26:22.0187 3404 Npfs - ok
01:26:22.0218 3404 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
01:26:22.0218 3404 Ntfs - ok
01:26:22.0234 3404 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
01:26:22.0234 3404 NtLmSsp - ok
01:26:22.0250 3404 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
01:26:22.0265 3404 NtmsSvc - ok
01:26:22.0281 3404 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
01:26:22.0281 3404 Null - ok
01:26:22.0562 3404 [ 68B8C35782FFD20973524F748234B5A9 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:26:22.0656 3404 nv - ok
01:26:22.0687 3404 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys
01:26:22.0687 3404 NVHDA - ok
01:26:22.0718 3404 [ FFD30DAAF62D605069F6EB42D2E807C3 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
01:26:22.0718 3404 NVSvc - ok
01:26:22.0796 3404 [ 210EE09CB9C2655E55BD48D851369DC1 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:26:22.0968 3404 nvUpdatusService - ok
01:26:23.0000 3404 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:26:23.0000 3404 NwlnkFlt - ok
01:26:23.0015 3404 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:26:23.0031 3404 NwlnkFwd - ok
01:26:23.0046 3404 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:26:23.0046 3404 ose - ok
01:26:23.0109 3404 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
01:26:23.0109 3404 Parport - ok
01:26:23.0109 3404 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
01:26:23.0109 3404 PartMgr - ok
01:26:23.0140 3404 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
01:26:23.0140 3404 ParVdm - ok
01:26:23.0156 3404 [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
01:26:23.0156 3404 pccsmcfd - ok
01:26:23.0203 3404 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
01:26:23.0203 3404 PCI - ok
01:26:23.0203 3404 PCIDump - ok
01:26:23.0234 3404 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
01:26:23.0234 3404 PCIIde - ok
01:26:23.0250 3404 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
01:26:23.0250 3404 PCLEPCI - ok
01:26:23.0281 3404 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
01:26:23.0281 3404 Pcmcia - ok
01:26:23.0281 3404 perc2 - ok
01:26:23.0296 3404 perc2hib - ok
01:26:23.0343 3404 [ 444F122E68DB44C0589227781F3C8B3F ] pfc C:\WINDOWS\system32\drivers\pfc.sys
01:26:23.0343 3404 pfc - ok
01:26:23.0359 3404 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
01:26:23.0359 3404 PlugPlay - ok
01:26:23.0390 3404 [ DE8883C6C14C2681D0D3F99793FD3976 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
01:26:23.0406 3404 PnkBstrB - ok
01:26:23.0437 3404 [ 580C066B3FD4FB6096243CBB8A2E0CC2 ] PnkBstrK C:\WINDOWS\system32\drivers\PnkBstrK.sys
01:26:23.0437 3404 PnkBstrK - ok
01:26:23.0437 3404 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
01:26:23.0437 3404 PolicyAgent - ok
01:26:23.0453 3404 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:26:23.0453 3404 PptpMiniport - ok
01:26:23.0484 3404 [ BC91060F244722A5D1C0E8016D9B0173 ] prodrv06 C:\WINDOWS\System32\drivers\prodrv06.sys
01:26:23.0484 3404 prodrv06 - ok
01:26:23.0500 3404 [ 880DC7832FD1DD7411E608CAD45CF4A1 ] prohlp02 C:\WINDOWS\system32\drivers\prohlp02.sys
01:26:23.0500 3404 prohlp02 - ok
01:26:23.0515 3404 [ F3471E7971EE62420451D958DA635064 ] prosync1 C:\WINDOWS\system32\drivers\prosync1.sys
01:26:23.0515 3404 prosync1 - ok
01:26:23.0531 3404 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:26:23.0531 3404 ProtectedStorage - ok
01:26:23.0546 3404 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
01:26:23.0546 3404 PSched - ok
01:26:23.0562 3404 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:26:23.0562 3404 Ptilink - ok
01:26:23.0593 3404 [ 153D02480A0A2F45785522E814C634B6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:26:23.0593 3404 PxHelp20 - ok
01:26:23.0593 3404 ql1080 - ok
01:26:23.0609 3404 Ql10wnt - ok
01:26:23.0609 3404 ql12160 - ok
01:26:23.0609 3404 ql1240 - ok
01:26:23.0625 3404 ql1280 - ok
01:26:23.0625 3404 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:26:23.0625 3404 RasAcd - ok
01:26:23.0656 3404 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
01:26:23.0671 3404 RasAuto - ok
01:26:23.0687 3404 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:26:23.0687 3404 Rasl2tp - ok
01:26:23.0718 3404 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
01:26:23.0718 3404 RasMan - ok
01:26:23.0750 3404 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:26:23.0750 3404 RasPppoe - ok
01:26:23.0750 3404 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
01:26:23.0750 3404 Raspti - ok
01:26:23.0781 3404 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:26:23.0781 3404 Rdbss - ok
01:26:23.0796 3404 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:26:23.0796 3404 RDPCDD - ok
01:26:23.0828 3404 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:26:23.0828 3404 rdpdr - ok
01:26:23.0859 3404 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
01:26:23.0859 3404 RDPWD - ok
01:26:23.0875 3404 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
01:26:23.0890 3404 RDSessMgr - ok
01:26:23.0906 3404 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
01:26:23.0906 3404 redbook - ok
01:26:23.0937 3404 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
01:26:23.0937 3404 RemoteAccess - ok
01:26:23.0968 3404 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
01:26:23.0968 3404 RemoteRegistry - ok
01:26:23.0984 3404 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
01:26:23.0984 3404 RpcLocator - ok
01:26:24.0015 3404 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\System32\rpcss.dll
01:26:24.0015 3404 RpcSs - ok
01:26:24.0046 3404 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
01:26:24.0046 3404 RSVP - ok
01:26:24.0093 3404 [ 861FDA9771C4EB75F17AEC4CD171C9B6 ] rt2870 C:\WINDOWS\system32\DRIVERS\Drt2870.sys
01:26:24.0093 3404 rt2870 - ok
01:26:24.0125 3404 [ CB20F16AFDBA63707FB971E0922EDEC1 ] RT73 C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
01:26:24.0125 3404 RT73 - ok
01:26:24.0156 3404 [ 71439E5BF872A91DB450641BE445F51C ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
01:26:24.0156 3404 RTLE8023xp - ok
01:26:24.0171 3404 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
01:26:24.0187 3404 SamSs - ok
01:26:24.0203 3404 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
01:26:24.0203 3404 SCardSvr - ok
01:26:24.0218 3404 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
01:26:24.0218 3404 Schedule - ok
01:26:24.0250 3404 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:26:24.0250 3404 Secdrv - ok
01:26:24.0265 3404 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
01:26:24.0265 3404 seclogon - ok
01:26:24.0296 3404 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
01:26:24.0296 3404 SENS - ok
01:26:24.0328 3404 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
01:26:24.0328 3404 serenum - ok
01:26:24.0359 3404 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
01:26:24.0359 3404 Serial - ok
01:26:24.0406 3404 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
01:26:24.0421 3404 ServiceLayer - ok
01:26:24.0468 3404 [ 00DE597B81B381053CB5B21A7F20E365 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
01:26:24.0468 3404 sfdrv01 - ok
01:26:24.0484 3404 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\WINDOWS\system32\drivers\sfhlp01.sys
01:26:24.0484 3404 sfhlp01 - ok
01:26:24.0500 3404 [ 64B9AB76F1B16EB059CB6CDD906C067A ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
01:26:24.0500 3404 sfhlp02 - ok
01:26:24.0500 3404 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
01:26:24.0500 3404 Sfloppy - ok
01:26:24.0531 3404 [ 798D918D8F20380008277CE3CE5319D1 ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
01:26:24.0531 3404 sfsync02 - ok
01:26:24.0546 3404 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
01:26:24.0562 3404 SharedAccess - ok
01:26:24.0578 3404 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:26:24.0578 3404 ShellHWDetection - ok
01:26:24.0593 3404 Simbad - ok
01:26:24.0625 3404 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
01:26:24.0625 3404 SkypeUpdate - ok
01:26:24.0625 3404 SliceDisk5 - ok
01:26:24.0640 3404 Sparrow - ok
01:26:24.0656 3404 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
01:26:24.0656 3404 splitter - ok
01:26:24.0687 3404 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
01:26:24.0703 3404 Spooler - ok
01:26:24.0734 3404 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
01:26:24.0734 3404 sptd - ok
01:26:24.0765 3404 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
01:26:24.0765 3404 sr - ok
01:26:24.0796 3404 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
01:26:24.0796 3404 srservice - ok
01:26:24.0828 3404 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
01:26:24.0828 3404 Srv - ok
01:26:24.0875 3404 [ D6870895FE46A464A19141440EB6CC1E ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
01:26:24.0875 3404 sscdbus - ok
01:26:24.0890 3404 [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
01:26:24.0890 3404 sscdmdfl - ok
01:26:24.0921 3404 [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
01:26:24.0921 3404 sscdmdm - ok
01:26:24.0937 3404 [ 9FA66E361A99F8920C7609BAE6814A0E ] sscdserd C:\WINDOWS\system32\DRIVERS\sscdserd.sys
01:26:24.0937 3404 sscdserd - ok
01:26:24.0953 3404 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
01:26:24.0968 3404 SSDPSRV - ok
01:26:24.0984 3404 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
01:26:24.0984 3404 StarOpen - ok
01:26:25.0015 3404 Steam Client Service - ok
01:26:25.0031 3404 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
01:26:25.0046 3404 stisvc - ok
01:26:25.0062 3404 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
01:26:25.0062 3404 swenum - ok
01:26:25.0093 3404 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
01:26:25.0093 3404 swmidi - ok
01:26:25.0093 3404 SwPrv - ok
01:26:25.0109 3404 symc810 - ok
01:26:25.0109 3404 symc8xx - ok
01:26:25.0125 3404 sym_hi - ok
01:26:25.0140 3404 sym_u3 - ok
01:26:25.0156 3404 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
01:26:25.0171 3404 sysaudio - ok
01:26:25.0187 3404 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
01:26:25.0187 3404 SysmonLog - ok
01:26:25.0203 3404 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
01:26:25.0218 3404 TapiSrv - ok
01:26:25.0250 3404 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:26:25.0250 3404 Tcpip - ok
01:26:25.0265 3404 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
01:26:25.0265 3404 TDPIPE - ok
01:26:25.0281 3404 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
01:26:25.0281 3404 TDTCP - ok
01:26:25.0312 3404 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
01:26:25.0312 3404 TermDD - ok
01:26:25.0328 3404 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
01:26:25.0343 3404 TermService - ok
01:26:25.0375 3404 [ D9D5E4CA72270E9F3ECA97DA0983AB87 ] tffsport C:\WINDOWS\system32\DRIVERS\tffsport.sys
01:26:25.0375 3404 tffsport - ok
01:26:25.0390 3404 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
01:26:25.0390 3404 Themes - ok
01:26:25.0421 3404 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
01:26:25.0421 3404 TlntSvr - ok
01:26:25.0437 3404 TosIde - ok
01:26:25.0453 3404 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
01:26:25.0468 3404 TrkWks - ok
01:26:25.0500 3404 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
01:26:25.0500 3404 Udfs - ok
01:26:25.0515 3404 ultra - ok
01:26:25.0531 3404 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
01:26:25.0531 3404 Update - ok
01:26:25.0562 3404 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
01:26:25.0578 3404 upnphost - ok
01:26:25.0578 3404 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
01:26:25.0593 3404 UPS - ok
01:26:25.0625 3404 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:26:25.0625 3404 usbccgp - ok
01:26:25.0640 3404 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:26:25.0640 3404 usbehci - ok
01:26:25.0656 3404 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:26:25.0656 3404 usbhub - ok
01:26:25.0687 3404 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:26:25.0687 3404 usbscan - ok
01:26:25.0718 3404 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:26:25.0718 3404 USBSTOR - ok
01:26:25.0750 3404 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:26:25.0750 3404 usbuhci - ok
01:26:25.0781 3404 [ 0EDFE36E05A62888EFF6D97AE494B2A5 ] UserAccess7 C:\WINDOWS\system32\UAService7.exe
01:26:25.0781 3404 UserAccess7 - ok
01:26:25.0796 3404 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
01:26:25.0796 3404 VgaSave - ok
01:26:25.0796 3404 ViaIde - ok
01:26:25.0828 3404 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
01:26:25.0828 3404 VolSnap - ok
01:26:25.0859 3404 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
01:26:25.0875 3404 VSS - ok
01:26:25.0906 3404 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
01:26:25.0906 3404 W32Time - ok
01:26:25.0921 3404 w810bus - ok
01:26:25.0937 3404 w810mgmt - ok
01:26:25.0937 3404 w810obex - ok
01:26:25.0953 3404 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:26:25.0953 3404 Wanarp - ok
01:26:26.0000 3404 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
01:26:26.0000 3404 Wdf01000 - ok
01:26:26.0031 3404 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
01:26:26.0031 3404 wdmaud - ok
01:26:26.0046 3404 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
01:26:26.0046 3404 WebClient - ok
01:26:26.0109 3404 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
01:26:26.0109 3404 winmgmt - ok
01:26:26.0140 3404 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
01:26:26.0140 3404 WmdmPmSN - ok
01:26:26.0187 3404 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
01:26:26.0203 3404 Wmi - ok
01:26:26.0218 3404 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:26:26.0234 3404 WmiApSrv - ok
01:26:26.0281 3404 [ 0DCC3A79329F0FDE9B1B5283CACD3F50 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
01:26:26.0296 3404 WMPNetworkSvc - ok
01:26:26.0328 3404 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:26:26.0328 3404 WpdUsb - ok
01:26:26.0359 3404 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:26:26.0359 3404 WS2IFSL - ok
01:26:26.0390 3404 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
01:26:26.0390 3404 wscsvc - ok
01:26:26.0406 3404 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
01:26:26.0406 3404 wuauserv - ok
01:26:26.0453 3404 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:26:26.0453 3404 WudfPf - ok
01:26:26.0468 3404 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:26:26.0468 3404 WudfRd - ok
01:26:26.0500 3404 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
01:26:26.0500 3404 WudfSvc - ok
01:26:26.0531 3404 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
01:26:26.0546 3404 WZCSVC - ok
01:26:26.0562 3404 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
01:26:26.0578 3404 xmlprov - ok
01:26:26.0578 3404 xpsec - ok
01:26:26.0609 3404 ================ Scan global ===============================
01:26:26.0625 3404 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
01:26:26.0656 3404 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
01:26:26.0671 3404 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
01:26:26.0687 3404 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
01:26:26.0703 3404 [Global] - ok
01:26:26.0703 3404 ================ Scan MBR ==================================
01:26:26.0703 3404 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
01:26:26.0734 3404 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
01:26:26.0734 3404 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)
01:26:26.0734 3404 ================ Scan VBR ==================================
01:26:26.0734 3404 [ D291E9D6A19C8202D356B96D1099CA77 ] \Device\Harddisk0\DR0\Partition1
01:26:26.0734 3404 \Device\Harddisk0\DR0\Partition1 - ok
01:26:26.0765 3404 [ F5704BF11320010027C688CDACAD2432 ] \Device\Harddisk0\DR0\Partition2
01:26:26.0765 3404 \Device\Harddisk0\DR0\Partition2 - ok
01:26:26.0765 3404 ============================================================
01:26:26.0765 3404 Scan finished
01:26:26.0765 3404 ============================================================
01:26:26.0765 3436 Detected object count: 1
01:26:26.0765 3436 Actual detected object count: 1
01:26:36.0125 3436 \Device\Harddisk0\DR0\# - copied to quarantine
01:26:36.0125 3436 \Device\Harddisk0\DR0 - copied to quarantine
01:26:36.0125 3436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
01:26:36.0125 3436 \Device\Harddisk0\DR0 - ok
01:26:36.0125 3436 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
01:26:56.0015 4080 Deinitialize success

po restartu

01:29:56.0781 2080 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
01:29:57.0750 2080 ============================================================
01:29:57.0750 2080 Current date / time: 2012/12/15 01:29:57.0750
01:29:57.0750 2080 SystemInfo:
01:29:57.0750 2080
01:29:57.0750 2080 OS Version: 5.1.2600 ServicePack: 3.0
01:29:57.0750 2080 Product type: Workstation
01:29:57.0750 2080 ComputerName: PC
01:29:57.0765 2080 UserName: Michal
01:29:57.0765 2080 Windows directory: C:\WINDOWS
01:29:57.0765 2080 System windows directory: C:\WINDOWS
01:29:57.0765 2080 Processor architecture: Intel x86
01:29:57.0765 2080 Number of processors: 2
01:29:57.0765 2080 Page size: 0x1000
01:29:57.0765 2080 Boot type: Normal boot
01:29:57.0765 2080 ============================================================
01:29:59.0687 2080 BG loaded
01:30:00.0375 2080 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:30:00.0484 2080 ============================================================
01:30:00.0484 2080 \Device\Harddisk0\DR0:
01:30:00.0500 2080 MBR partitions:
01:30:00.0500 2080 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x128DEE32
01:30:00.0593 2080 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x128DEEB0, BlocksNum 0x12B4A950
01:30:00.0593 2080 ============================================================
01:30:01.0187 2080 C: <-> \Device\Harddisk0\DR0\Partition1
01:30:01.0468 2080 E: <-> \Device\Harddisk0\DR0\Partition2
01:30:01.0500 2080 ============================================================
01:30:01.0515 2080 Initialize success
01:30:01.0515 2080 ============================================================
01:30:35.0625 3656 Deinitialize success

[memphisto]

zkus ten Combofix v nouzovím režimu

[jogin]

tak combofix mě nemá rád ted mi hodil v nouzovím ŕežimu modrou smrt

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC na plochu, spusť jej a klikni na Clean up!

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[jogin]

tak Combofix mi hazí že nenalezeno při uninstal OTL logfile created on: 16.12.2012 7:21:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Michal\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,87% Memory free
3,85 Gb Paging File | 3,22 Gb Available in Paging File | 83,82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148,44 Gb Total Space | 60,11 Gb Free Space | 40,50% Space Free | Partition Type: NTFS
Drive E: | 149,65 Gb Total Space | 149,58 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Michal\Dokumenty\Stažené soubory\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
PRC - C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
PRC - C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.)
PRC - C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service)
PRC - C:\WINDOWS\System32\UAService7.exe ()
PRC - C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
PRC - C:\Program Files\Trust\GXT14 Mouse\RapooV1Process.exe (UASSOFT.COM)
PRC - C:\Program Files\Trust\GXT14 Mouse\StartAutorun.exe (UASSOFT.COM)
PRC - C:\WINDOWS\Explorer.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Comodo\COMODO Internet Security\scanners\smart.cav ()
MOD - C:\WINDOWS\system32\ANPDApi.dll ()
MOD - C:\Program Files\D-Link\DWA-125 revA\wlanapp.dll ()
MOD - C:\WINDOWS\System32\UAService7.exe ()
MOD - C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
MOD - C:\Program Files\Trust\GXT14 Mouse\MouseHook.dll ()
MOD - C:\Program Files\K-Lite Codec Pack\Filters\Haali\mmfinfo.dll ()
MOD - C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll ()
MOD - C:\Program Files\Trust\GXT14 Mouse\keydll.dll ()
MOD - C:\Program Files\NVIDIA Corporation\nView\nView.dll ()
MOD - C:\Program Files\NVIDIA Corporation\nView\nvShell.dll ()


========== Services (SafeList) ==========

SRV - (MSDTC) -- File not found
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (cmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (CLPSLS) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (D_Link_DWA-125) -- C:\Program Files\D-Link\DWA-125 revA\ANIWZCSdS.exe (Wireless Service)
SRV - (UserAccess7) -- C:\WINDOWS\System32\UAService7.exe ()
SRV - (FsUsbExService) -- C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ANIWZCSdService) -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)


========== Driver Services (SafeList) ==========

DRV - (w810obex) -- system32\DRIVERS\w810obex.sys File not found
DRV - (w810mgmt) -- system32\DRIVERS\w810mgmt.sys File not found
DRV - (w810bus) -- system32\DRIVERS\w810bus.sys File not found
DRV - (SliceDisk5) -- E:\A-FF Find and Mount\slicedisk.sys File not found
DRV - (PCIDump) -- File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (afn37yc8) -- File not found
DRV - (a7dbf2sn) -- File not found
DRV - (Inspect) -- C:\WINDOWS\System32\DRIVERS\inspect.sys (COMODO)
DRV - (cmdHlp) -- C:\WINDOWS\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdGuard) -- C:\WINDOWS\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmderd) -- C:\WINDOWS\System32\DRIVERS\cmderd.sys (COMODO)
DRV - (dtsoftbus01) -- C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys (DT Soft Ltd)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (ANPD) -- C:\WINDOWS\System32\ANPD.sys ()
DRV - (hcdriver) -- C:\WINDOWS\System32\DRIVERS\hcdriver.sys (Intel Corporation)
DRV - (PnkBstrK) -- C:\WINDOWS\System32\drivers\PnkBstrK.sys ()
DRV - (atksgt) -- C:\WINDOWS\System32\DRIVERS\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\System32\DRIVERS\lirsgt.sys ()
DRV - (rt2870) -- C:\WINDOWS\System32\DRIVERS\Drt2870.sys (Ralink Technology, Corp.)
DRV - (npf) -- C:\WINDOWS\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (ggsemc) -- C:\WINDOWS\System32\DRIVERS\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\WINDOWS\System32\DRIVERS\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (FsUsbExDisk) -- C:\WINDOWS\System32\FsUsbExDisk.SYS ()
DRV - (KMWDFilterV1) -- C:\WINDOWS\System32\Drivers\RPGMOUSEV1.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (hamachi) -- C:\WINDOWS\System32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (tffsport) -- C:\WINDOWS\System32\DRIVERS\tffsport.sys (M-Systems)
DRV - (pccsmcfd) -- C:\WINDOWS\System32\DRIVERS\pccsmcfd.sys (Nokia)
DRV - (sscdserd) -- C:\WINDOWS\System32\DRIVERS\sscdserd.sys (MCCI Corporation)
DRV - (sscdmdm) -- C:\WINDOWS\System32\DRIVERS\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\System32\DRIVERS\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\WINDOWS\System32\DRIVERS\sscdbus.sys (MCCI Corporation)
DRV - (ANIO) -- C:\WINDOWS\System32\ANIO.SYS (Alpha Networks Inc.)
DRV - (RT73) -- C:\WINDOWS\System32\DRIVERS\Dr71WU.sys (Ralink Technology, Corp.)
DRV - (sfdrv01) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (PCLEPCI) -- C:\WINDOWS\System32\drivers\pclepci.sys (Pinnacle Systems GmbH)
DRV - (sfsync02) -- C:\WINDOWS\System32\drivers\sfsync02.sys (Protection Technology)
DRV - (pfc) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)
DRV - (prohlp02) -- C:\WINDOWS\System32\drivers\prohlp02.sys (Protection Technology)
DRV - (prodrv06) -- C:\WINDOWS\System32\drivers\prodrv06.sys (Protection Technology)
DRV - (sfhlp01) -- C:\WINDOWS\System32\drivers\sfhlp01.sys (Protection Technology)
DRV - (prosync1) -- C:\WINDOWS\System32\drivers\prosync1.sys (Protection Technology)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (Ambfilt) -- C:\WINDOWS\System32\drivers\Ambfilt.sys (Creative)
DRV - (Monfilt) -- C:\WINDOWS\System32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (RTLE8023xp) -- C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys (Realtek Semiconductor Corporation )
DRV - (NVHDA) -- C:\WINDOWS\System32\drivers\nvhda32.sys (NVIDIA Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=d749b8f3-df42-4658-9e78-f9e90937f734&apn_sauid=D0CA127D-E6D7-4308-B756-C59B2AEFCD0D
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={927423BC-364C-4813-94D7-67B219D2F404}&mid=7ea023fea7dd47d0bb19d154d48f59aa-167e6d4b3a8adb63fb12a7481bd7c9ab9a844d5b&lang=cs&ds=ts024&pr=sa&d=2012-03-19 14:26:57&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
IE - HKCU\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.01 16:41:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.26 00:10:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.06 17:08:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.06 17:08:07 | 000,000,000 | ---D | M]

[2012.04.01 21:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions
[2012.11.07 20:49:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\smx8c8r6.default\extensions
[2012.05.04 14:40:46 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\askcom.xml
[2012.05.03 18:54:14 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\conduit.xml
[2012.06.29 12:47:25 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\qipsearch.xml
[2012.12.06 17:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.26 00:10:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.12.06 17:08:42 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009.02.24 20:34:22 | 000,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2008.06.27 15:03:12 | 001,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2007.05.10 21:52:00 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2012.05.15 06:00:14 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012.03.19 14:26:44 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.06 20:00:40 | 000,001,567 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\glarysearch.xml
[2012.08.30 13:08:14 | 000,003,581 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2012.06.25 10:54:10 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.06.25 10:54:10 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.06.25 10:54:10 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.06.25 10:54:10 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.06.25 10:54:10 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2012.12.15 17:25:25 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [D-Link D-Link DWA-125] C:\Program Files\D-Link\DWA-125 revA\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [trustGTX14] C:\Program Files\Trust\GXT14 Mouse\POINTERGHOST.exe ()
O4 - HKLM..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWA-125 revA\WZCSLDR2.exe (Wireless Service)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInstrumentation = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1199CDD1-FAFF-4470-B18A-C9C52AC762E5}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF312041-F20B-4BD8-948E-D2C75AC7FA3F}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Michal\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (OODDRMBS)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[8012.03.08 07:00:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2012.12.16 07:13:53 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Michal\Recent
[2012.12.15 17:30:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012.12.15 17:22:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012.12.15 01:26:35 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.12.14 21:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Plocha\udržba
[2012.12.14 19:16:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\VideoLAN
[2012.12.14 19:14:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.12.14 19:14:20 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.12.14 19:14:20 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.12.14 19:13:42 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.12.14 19:13:42 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.12.14 19:13:42 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.12.13 02:29:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabdka Start
[2012.12.13 02:29:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Steam
[2012.12.13 02:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2012.12.08 20:11:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\EA
[2012.12.08 20:11:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2012.12.08 20:10:17 | 000,000,000 | ---D | C] -- C:\Users
[2012.12.06 17:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.11.22 04:46:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Michal\Nabídka Start\Programy\Curse
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.12.16 07:28:21 | 001,474,832 | ---- | M] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012.12.16 07:27:15 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.16 07:20:17 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{1199CDD1-FAFF-4470-B18A-C9C52AC762E5}
[2012.12.16 07:20:16 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.12.16 07:20:09 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{1199CDD1-FAFF-4470-B18A-C9C52AC762E5}
[2012.12.16 07:18:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.12.16 07:18:28 | 000,321,136 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.15 20:20:07 | 000,000,155 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.12.15 17:25:25 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012.12.14 23:16:30 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.14 19:13:22 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012.12.14 19:13:21 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012.12.14 19:13:21 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012.12.14 19:13:21 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012.12.14 19:13:21 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012.12.14 19:13:20 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012.12.13 02:29:27 | 000,000,664 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Steam.lnk
[2012.12.12 23:28:10 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.12 23:28:09 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.12.11 08:07:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.12.13 02:29:27 | 000,000,664 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Steam.lnk
[2012.05.15 06:00:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.05.12 17:02:26 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\$_hpcst$.hpc
[2012.05.12 14:28:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\LauncherAccess.dt
[2012.05.12 04:31:51 | 002,044,368 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.04.27 03:09:45 | 000,000,251 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\ANICONFIG_{1199CDD1-FAFF-4470-B18A-C9C52AC762E5}.ini
[2012.04.09 17:45:09 | 000,029,272 | ---- | C] () -- C:\WINDOWS\System32\OOD2KBS.exe
[2012.04.09 17:45:09 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\OODCSPRO.dll
[2012.04.09 17:45:09 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\ood2kmsg.dll
[2012.04.08 15:22:25 | 000,000,258 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\ANICONFIG_{92C54419-78D4-44A5-BCE4-F77AAA3AB324}.ini
[2012.04.08 15:21:38 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANPDApi.dll
[2012.04.08 15:21:38 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANPD64.SYS
[2012.04.08 15:21:38 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANPD.SYS
[2012.04.08 15:20:53 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012.04.04 18:52:31 | 000,297,776 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\minecraft.jar
[2012.04.02 07:54:06 | 000,139,783 | ---- | C] () -- C:\Documents and Settings\Michal\MinecraftSP.jar
[2012.04.01 22:08:10 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\OctaneARM.dll
[2012.03.31 00:11:58 | 000,003,044 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.03.19 14:34:01 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.03.12 19:09:12 | 001,474,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2012.03.12 00:47:37 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.19 10:21:34 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.02.16 06:46:22 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.12 00:57:54 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2012.01.12 00:57:54 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.05.29 05:46:50 | 000,281,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.05.29 05:46:49 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.05.20 17:46:54 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.05.20 17:46:52 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.05.20 17:46:52 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.01.07 20:23:38 | 000,000,605 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\MPQEditor.ini
[2009.08.01 13:58:49 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Michal\Data aplikací\PnkBstrK.sys
[2008.03.22 20:59:02 | 000,001,359 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache

========== ZeroAccess Check ==========

[2008.05.12 10:59:08 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2008.11.26 20:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acoustica
[2012.06.17 03:24:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ask
[2008.11.07 23:46:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2012.07.23 15:23:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Battle.net
[2012.03.19 14:26:42 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.03.13 06:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CPA_VA
[2012.08.25 03:01:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2012.02.09 20:31:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
[2009.12.30 01:29:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileCure
[2012.01.11 23:58:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ICQ
[2012.02.09 20:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\InstallMate
[2008.03.20 10:30:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\LightScribe
[2012.04.10 22:10:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NCH Swift Sound
[2010.12.03 01:46:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Nexon
[2011.10.05 15:50:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\NexonUS
[2012.05.12 17:37:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PC Suite
[2008.11.25 16:07:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
[2008.11.25 16:07:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Pinnacle Studio
[2012.12.15 19:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PMB Files
[8012.03.08 07:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2012.04.01 21:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Soluto
[2008.10.20 18:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
[2008.12.22 23:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Ulead Systems
[2011.05.29 21:21:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\XBlades
[2012.12.11 20:27:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\.minecraft
[2012.04.01 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\BigHugeEngine
[2012.04.01 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools
[2012.08.30 14:13:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\DAEMON Tools Lite
[2012.04.01 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\FOG Downloader
[2012.04.01 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\GetRightToGo
[2012.05.17 22:08:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ICQ
[2012.04.01 21:23:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Leadertech
[2012.04.01 21:23:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\LolClient
[2012.05.25 04:51:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\LolClient2
[2012.04.01 21:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\ML
[2012.06.10 21:07:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Mumble
[2012.04.01 21:22:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\NCH Swift Sound
[2012.04.01 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\OOo-dev
[2012.04.01 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\OpenCandy
[2012.04.01 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Oracle
[2012.04.01 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Origin
[2012.04.01 21:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PC Suite
[2012.04.01 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\PriceGong
[2012.04.01 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Publish Providers
[2012.04.01 21:22:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\QIP
[2012.12.15 01:25:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\QipGuard
[2012.04.01 21:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2012.05.12 17:02:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Samsung
[2012.04.22 19:47:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Smart PC Solutions
[2012.04.01 21:22:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sony
[2012.09.13 04:13:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sony Online Entertainment
[2012.04.01 21:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Sony Setup
[2012.04.01 21:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Systweak
[2012.04.01 21:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Teleca
[2012.11.10 18:25:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TS3Client
[2012.04.01 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2012.04.01 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Ulead Systems
[2012.04.01 21:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\Unity
[2012.09.14 13:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Michal\Data aplikací\uTorrent

========== Purity Check ==========



< End of report >

[jogin]

OTL Extras logfile created on: 16.12.2012 7:21:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Michal\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,26 Gb Available Physical Memory | 62,87% Memory free
3,85 Gb Paging File | 3,22 Gb Available in Paging File | 83,82% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148,44 Gb Total Space | 60,11 Gb Free Space | 40,50% Space Free | Partition Type: NTFS
Drive E: | 149,65 Gb Total Space | 149,58 Gb Free Space | 99,95% Space Free | Partition Type: NTFS

Computer Name: PC | User Name: Michal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
https [open] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 4
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"57731:TCP" = 57731:TCP:*:Enabled:Pando Media Booster
"57731:UDP" = 57731:UDP:*:Enabled:Pando Media Booster
"57661:TCP" = 57661:TCP:*:Enabled:Pando Media Booster
"57661:UDP" = 57661:UDP:*:Enabled:Pando Media Booster
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"80:TCP" = 80:TCP:*:Enabled:Services
"0:TCP" = 0:TCP:*:Enabled:Services

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Služba Windows Media Player Network Sharing
"57731:TCP" = 57731:TCP:*:Enabled:Pando Media Booster
"57731:UDP" = 57731:UDP:*:Enabled:Pando Media Booster
"57661:TCP" = 57661:TCP:*:Enabled:Pando Media Booster
"57661:UDP" = 57661:UDP:*:Enabled:Pando Media Booster
"8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher
"8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher
"8395:TCP" = 8395:TCP:*:Enabled:League of Legends Launcher
"8395:UDP" = 8395:UDP:*:Enabled:League of Legends Launcher
"6891:TCP" = 6891:TCP:*:Enabled:League of Legends Launcher
"6891:UDP" = 6891:UDP:*:Enabled:League of Legends Launcher
"8396:TCP" = 8396:TCP:*:Enabled:League of Legends Launcher
"8396:UDP" = 8396:UDP:*:Enabled:League of Legends Launcher
"6915:TCP" = 6915:TCP:*:Enabled:League of Legends Launcher
"6915:UDP" = 6915:UDP:*:Enabled:League of Legends Launcher
"1041:TCP" = 1041:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
"6973:TCP" = 6973:TCP:*:Enabled:League of Legends Launcher
"6973:UDP" = 6973:UDP:*:Enabled:League of Legends Launcher
"6898:TCP" = 6898:TCP:*:Enabled:League of Legends Launcher
"6898:UDP" = 6898:UDP:*:Enabled:League of Legends Launcher
"8397:TCP" = 8397:TCP:*:Enabled:League of Legends Launcher
"8397:UDP" = 8397:UDP:*:Enabled:League of Legends Launcher
"6925:TCP" = 6925:TCP:*:Enabled:League of Legends Launcher
"6925:UDP" = 6925:UDP:*:Enabled:League of Legends Launcher
"6919:TCP" = 6919:TCP:*:Enabled:League of Legends Launcher
"6919:UDP" = 6919:UDP:*:Enabled:League of Legends Launcher
"6887:TCP" = 6887:TCP:*:Enabled:League of Legends Launcher
"6887:UDP" = 6887:UDP:*:Enabled:League of Legends Launcher
"6930:TCP" = 6930:TCP:*:Enabled:League of Legends Launcher
"6930:UDP" = 6930:UDP:*:Enabled:League of Legends Launcher
"6948:TCP" = 6948:TCP:*:Enabled:League of Legends Launcher
"6948:UDP" = 6948:UDP:*:Enabled:League of Legends Launcher
"8398:TCP" = 8398:TCP:*:Enabled:League of Legends Launcher
"8398:UDP" = 8398:UDP:*:Enabled:League of Legends Launcher
"8393:TCP" = 8393:TCP:*:Enabled:League of Legends Lobby
"8393:UDP" = 8393:UDP:*:Enabled:League of Legends Lobby
"8390:TCP" = 8390:TCP:*:Enabled:League of Legends Game Client
"8390:UDP" = 8390:UDP:*:Enabled:League of Legends Game Client
"3389:TCP" = 3389:TCP:*:Disabled:Remote Desktop
"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe" = C:\Program Files\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe:*:Enabled:Star Wars - The Old Republic -- (BioWare)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox -- (Mozilla Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper -- (Microsoft Corporation)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Documents and Settings\Michal\Plocha\hry\Grand Chase 1\main.exe" = C:\Documents and Settings\Michal\Plocha\hry\Grand Chase 1\main.exe:*:Enabled:GrandChase -- (KOG)
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe" = C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos. -- (DsNET)
"C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe" = C:\Program Files\Nero\Nero 7\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime Essentials -- (Nero AG)
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Riot Games\League of Legends\lol.launcher.exe" = C:\Riot Games\League of Legends\lol.launcher.exe:*:Enabled:League of Legends Launcher -- ()
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\Program Files\ICQ7.5\ICQ.exe" = C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5 -- (ICQ, LLC.)
"C:\Program Files\QIP\qip.exe" = C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager -- (The Author of QIP)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal)
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1040\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe" = C:\Program Files\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher -- (EA Phenomic)
"C:\Program Files\Electronic Arts\BattleForge\BattleForge.exe" = C:\Program Files\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™ -- (EA Phenomic)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1363\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Documents and Settings\Michal\Local Settings\Apps\2.0\B5OZOM70.X94\13D2RQAN.TBW\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe" = C:\Documents and Settings\Michal\Local Settings\Apps\2.0\B5OZOM70.X94\13D2RQAN.TBW\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe:*:Enabled:Curse Client 4.0 -- (Curse)
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe -- (NVIDIA Corporation)
"C:\Program Files\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe" = C:\Program Files\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe:*:Enabled:Star Wars - The Old Republic -- (BioWare)
"C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe" = C:\Documents and Settings\All Users\Data aplikací\Battle.net\Agent\Agent.1544\Agent.exe:*:Enabled:Battle.net Update Agent -- (Blizzard Entertainment)
"C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{10C1A383-5FB9-4868-859C-E64F6822E9C8}" = Sony Ericsson Mobile Phone Monitor
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{1A6A6531-08FC-47AD-BAC4-C41497E71029}" = Nero 7 Essentials
"{1E81725C-1EE7-476D-8E1D-3150469643F6}" = Recordster
"{2631E55A-3BD5-4D43-AB08-648D1CDDF482}" = Microsoft Speech API 5.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2F84AD97-6952-4801-A20B-7C8DD1E9A301}" = CapMan
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49FC50FC-F965-40D9-89B4-CBFF80941033}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C590030-7469-453E-8589-D15DA9D03F52}" = ANIWZCS2 Service
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5CDA3B5A-0737-40A1-AF93-4F35BD38A1B6}" = SlimDrivers
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62C68336-B969-4097-B0BD-A3A0FBFD59C1}" = Mumble 1.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}" = ANIO Service
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}" = MP3 Player Utilities 4.15
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91057632-CA70-413C-B628-2D3CDBBB906B}" = Macromedia Flash Player 8 Plugin
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 306.81
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B395BC1D-CC06-425E-9049-4CD985EFF004}" = LightScribe 1.8.15.1
"{B810D852-DFD6-DARKSIII-89A5-CC4D47756DAF}_is1" = DarkSiders II version 5.1
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C98FB9D1-FC77-446E-8E17-DDBEDBFCCF9C}" = OOo-dev 3.2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}" = SAMSUNG SYMBIAN USB Download Driver
"{E45CACFE-0576-4375-A84F-C34B99A7B652}" = D-Link DWA-125
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"3134FEF0E1D959EC0CC2E458C94B7057B2AC0CC9" = Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"88EB56038379B8B7DCFB4D2448A60F52E064B265" = Balíček ovladače systému Windows - FTDI CDM Driver Package (10/22/2009 2.06.00)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ATF" = ATF
"aTube Catcher" = aTube Catcher
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"E24870CB6AA1C3511635FF9020A3E9471287FBE7" = Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (01/26/2008 2.6.0.0)
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"Font Xplorer" = Font Xplorer 1.2.2
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.2.5 (Full)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 17.0.1 (x86 cs)" = Mozilla Firefox 17.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"NI Service Center" = NI Service Center
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Peggle" = Peggle (remove only)
"PunkBusterSvc" = PunkBuster Services
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"SAMSUNG Mobile Modem V2" = SAMSUNG Mobile Modem V2 Software
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Trust GXT14 Mouse1.2" = Trust GXT14 Mouse
"VLC media player" = VLC media player 2.0.4
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"101a9f93b8f0bb6f" = Curse Client
"1505118141.elitistjerks.com" = Rawr
"QIP 2005" = QIP 2005 8095

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


Error - 13.5.2033 2:21:52 | Computer Name = PC | Source = crypt32 | ID = 131083
Description = Extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou
aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
se nezdařilo. Chyba: Při ověření se systémovými hodinami nebo časovým razítkem
podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.


[ System Events ]
Error - 15.12.2012 12:26:58 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 15.12.2012 12:31:41 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Služba Oznamování systémových událostí přestala během spouštění reagovat.

Error - 15.12.2012 12:31:41 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby nvUpdatusService jako uživatel .\UpdatusUser se
se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%1330 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 15.12.2012 12:31:41 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 16.12.2012 2:08:43 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Služba Oznamování systémových událostí přestala během spouštění reagovat.

Error - 16.12.2012 2:08:43 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby nvUpdatusService jako uživatel .\UpdatusUser se
se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%1330 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 16.12.2012 2:08:43 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069

Error - 16.12.2012 2:20:11 | Computer Name = PC | Source = Service Control Manager | ID = 7022
Description = Služba Oznamování systémových událostí přestala během spouštění reagovat.

Error - 16.12.2012 2:20:11 | Computer Name = PC | Source = Service Control Manager | ID = 7038
Description = Přihlášení služby nvUpdatusService jako uživatel .\UpdatusUser se
se současně nakonfigurovaným heslem nezdařilo. Došlo k následující chybě: %%1330 Zkontrolujte
konfiguraci služby pomocí modulu snap-in Služby v konzole Microsoft Management Console
(MMC).

Error - 16.12.2012 2:20:11 | Computer Name = PC | Source = Service Control Manager | ID = 7000
Description = Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku
následující chyby: %%1069


< End of report >

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (MSDTC) -- File not found
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
DRV - (w810obex) -- system32\DRIVERS\w810obex.sys File not found
DRV - (w810mgmt) -- system32\DRIVERS\w810mgmt.sys File not found
DRV - (w810bus) -- system32\DRIVERS\w810bus.sys File not found
DRV - (SliceDisk5) -- E:\A-FF Find and Mount\slicedisk.sys File not found
DRV - (PCIDump) -- File not found
DRV - (GMSIPCI) -- D:\INSTALL\GMSIPCI.SYS File not found
DRV - (afn37yc8) -- File not found
DRV - (a7dbf2sn) -- File not found
IE - HKLM\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKLM\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
IE - HKCU\..\URLSearchHook: {95289393-33EA-4F8D-B952-483415B9C955} - No CLSID value found
IE - HKCU\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=d749b8f3-df42-4658-9e78-f9e90937f734&apn_sauid=D0CA127D-E6D7-4308-B756-C59B2AEFCD0D
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={927423BC-364C-4813-94D7-67B219D2F404}&mid=7ea023fea7dd47d0bb19d154d48f59aa-167e6d4b3a8adb63fb12a7481bd7c9ab9a844d5b&lang=cs&ds=ts024&pr=sa&d=2012-03-19 14:26:57&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = http://search.qip.ru/?query={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468
IE - HKCU\..\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}: "URL" = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentControl2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "QIP Search"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..keyword.URL: "http://search.qip.ru/search?from=FF&query="
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0: File not found
[2012.04.01 21:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions
[2012.05.04 14:40:46 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\askcom.xml
[2012.05.03 18:54:14 | 000,000,935 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\conduit.xml
[2012.06.29 12:47:25 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\Michal\Data aplikací\mozilla\firefox\profiles\smx8c8r6.default\searchplugins\qipsearch.xml
[2012.12.06 17:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.03.19 14:26:44 | 000,003,749 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.06 20:00:40 | 000,001,567 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\glarysearch.xml
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found

:Files
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\TDSSKiller_Quarantine
C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\System32\d3d9caps.dat

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
"AntiVirusOverride" =-

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

"65533:TCP" = 65533:TCP:*:Enabled:Services
"52344:TCP" = 52344:TCP:*:Enabled:Services
"80:TCP" = 80:TCP:*:Enabled:Services
"0:TCP" = 0:TCP:*:Enabled:Services
Ty porty sis otebřel sám? K čemu jsou?

Stáhni si a nainstaluj WhoCrashed
otevři ho a klikni na Analyze.
Program vytvoří zprávu , zkopíruj celou a vlož prosím sem.

Start….spustit—zadej:
dxdiag
a klikni na Enter
Objeví se tabulka ( win7) na které klikni na NE (digitálně podepsané ovladače).
Dole v novém okně klikni na „Uložit všechny informace“.
Ulož jako textový soubor na plochu. Poklepej na soubor DxDiag.txt a zkopíruj sem celý jeho obsah.

Na kartě Zobrazení zkontroluj:
• Není-li zapnuta hardwarová akcelerace Microsoft DirectDraw nebo Direct3D, poběží některé programy velmi pomalu nebo nepoběží vůbec.
Můžeš to zkontrolovat tak, že klikneš na kartu Zobrazení a potom ve skupinovém rámečku Funkce rozhraní DirectX zkontroluješ, zda je u položek Akcelerace rozhraní DirectDraw, Akcelerace rozhraní Direct3D a Akcelerace textur portu AGP zvolena možnost Povoleno. Pokud zvolena není, zkus hardwarovou akceleraci zapnout.
Zkontroluj všechny záložky , Zobrazení , zvuk 1-4 , zda jsou v dolní části okna nějaké problémy , pokud ano , zkopíruj je sem.
Pokud jsou nějaké problémy na záložce Zobrazení , klikni na tlačítko Test DirectDraw a počkej na výsledek.
Potom klikni na Test Direct3D a počkej na výsledek .
Vlož sem oba výsledky.

[jogin]

je možný že ty porty sem otevřel nechtěně když sem instaloval wifi
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service MSDTC stopped successfully!
Service MSDTC deleted successfully!
File File not found not found.
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files\Skype\Updater\Updater.exe moved successfully.
Service w810obex stopped successfully!
Service w810obex deleted successfully!
File system32\DRIVERS\w810obex.sys File not found not found.
Service w810mgmt stopped successfully!
Service w810mgmt deleted successfully!
File system32\DRIVERS\w810mgmt.sys File not found not found.
Service w810bus stopped successfully!
Service w810bus deleted successfully!
File system32\DRIVERS\w810bus.sys File not found not found.
Service SliceDisk5 stopped successfully!
Service SliceDisk5 deleted successfully!
File E:\A-FF Find and Mount\slicedisk.sys File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File D:\INSTALL\GMSIPCI.SYS File not found not found.
Error: No service named afn37yc8 was found to stop!
Service\Driver key afn37yc8 not found.
File File not found not found.
Error: No service named a7dbf2sn was found to stop!
Service\Driver key a7dbf2sn not found.
File File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{95289393-33EA-4F8D-B952-483415B9C955} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95289393-33EA-4F8D-B952-483415B9C955}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c1d89ae7-449d-4929-b24b-fded04adbe06}\ not found.
Prefs.js: "uTorrentControl2 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "QIP Search" removed from browser.search.selectedEngine
Prefs.js: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145 removed from extensions.enabledAddons
Prefs.js: "http://search.qip.ru/search?from=FF&query=" removed from keyword.URL
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.0\ deleted successfully.
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\smx8c8r6.default\searchplugins\askcom.xml moved successfully.
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\smx8c8r6.default\searchplugins\conduit.xml moved successfully.
C:\Documents and Settings\Michal\Data aplikací\Mozilla\Firefox\Profiles\smx8c8r6.default\searchplugins\qipsearch.xml moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
C:\Program Files\Mozilla Firefox\searchplugins\glarysearch.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Office Excel\ deleted successfully.
========== FILES ==========
========== FILES ==========
C:\WINDOWS\System32\PerfStringBackup.TMP moved successfully.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\TDSSKiller_Quarantine\15.12.2012_01.26.12\mbr0000\mbr0000 folder moved successfully.
C:\TDSSKiller_Quarantine\15.12.2012_01.26.12\mbr0000 folder moved successfully.
C:\TDSSKiller_Quarantine\15.12.2012_01.26.12 folder moved successfully.
C:\TDSSKiller_Quarantine folder moved successfully.
C:\Documents and Settings\Michal\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Admin

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users
->Temp folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Michal
->Temp folder emptied: 704734 bytes
->Temporary Internet Files folder emptied: 49554 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 165549069 bytes
->Flash cache emptied: 1696 bytes

User: NetworkService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 258167 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 159,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 12162012_153815

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...