prosím o kontrolu logu - pomalé pc Vyřešeno

[prcek]

ComboFix 13-02-24.01 - Dana 25.02.2013 20:28:49.2.1 - x86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.2549.2128 [GMT 1:00]
Spuštěný z: c:\users\Dana\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Dana\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Google Software Updater.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\Norton Security Scan for Dana.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\AskService.exe
c:\program files\AskBarDis\bar\bin\AskSplash.exe
c:\program files\AskBarDis\bar\bin\AskTBApp.exe
c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Settings\AskLogo.ico
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
c:\program files\Google\Common\Google Updater
c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\programdata\Winamp Toolbar
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alert.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.css
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\alerts\alerts.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\defaultButtons.xml
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\buttons\searchedit.bmp
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_left.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_left_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_right.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\arrow_right_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_buy.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_buy_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_enqall_off.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_enqall_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_info.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_info_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_play.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_play_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playall_off.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playall_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playlist.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\images\qap_playlist_on.jpg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\mediamonitor.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\mediamonitor\mediamonitor.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\menu.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\menu.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\qap.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.css
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\rss.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\staf.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\rss\staf.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\about.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\addcustombutton.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\addcustombutton_confirm.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\addsearch.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\ani_media_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blocker.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_down_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_down_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_normal_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_normal_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_over_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\blue_input_over_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\branding.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedowndisabled.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedowndown.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedownover.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_movedownup.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupdisabled.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupdown.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupover.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_moveupup.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextdown.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextover.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_nextup.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevdown.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevover.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\button_prevup.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttonManager.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttons.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\buttons_frame.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\clearprints.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\clearprints_confirm.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\content.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\content_header01.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\content_header02.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\custom_button.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\custombutton.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\customize_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\defaultsearch.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\disabled_input_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\disabled_input_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\dot.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\dropcustombutton.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\firsttimepage.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\footprints.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\footprints_frame.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\general_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_down_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_down_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_normal_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_normal_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_over_1.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\green_input_over_2.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\latest.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\metrics.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\olderversion.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\options_frame.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_left.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_right.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_bottom_tile.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_left_tile.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_right_tile.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left_bot.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_left_large.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right_bot.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_right_large.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\pan_top_tile.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\popup_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\popups_frame.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\popups_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\preferences.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\preferences.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\privacy_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\renamecustombutton.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\resettoolbar.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\search.js
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\search_frame.htm
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\search_icon.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabActive.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabNormal.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\SettingTabOver.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_bg.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_bottom.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_left.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\sidebar_top.gif
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\ui\stylesheet.css
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\winamptb.cfg
c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\winamptbres.dll
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ASKService
-------\Service_ASKUpgrade
-------\Service_ASKService
-------\Service_ASKUpgrade
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-25 do 2013-02-25 )))))))))))))))))))))))))))))))
.
.
2013-02-25 19:37 . 2013-02-25 19:40 -------- d-----w- c:\users\Dana\AppData\Local\temp
2013-02-25 19:37 . 2013-02-25 19:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-25 12:01 . 2012-11-02 14:57 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2013-02-25 12:01 . 2012-11-02 14:57 21344 ----a-w- c:\windows\system32\authuitu.dll
2013-02-25 12:00 . 2013-02-25 12:00 -------- d-----w- c:\users\Dana\AppData\Roaming\TuneUp Software
2013-02-25 12:00 . 2013-02-25 12:01 -------- d-----w- c:\program files\TuneUp Utilities 2013
2013-02-25 12:00 . 2013-02-25 12:00 -------- d-----w- c:\programdata\TuneUp Software
2013-02-25 12:00 . 2013-02-25 12:00 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-25 12:00 . 2013-02-25 12:00 -------- d--h--w- c:\programdata\Common Files
2013-02-25 11:58 . 2013-02-25 11:58 -------- d-----w- c:\users\Dana\AppData\Roaming\OpenCandy
2013-02-25 11:58 . 2013-02-25 11:59 -------- d-----w- c:\program files\CrystalDiskInfo
2013-02-25 07:13 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F4D00CB1-5735-4099-B2E9-B35C9471FA98}\mpengine.dll
2013-02-25 07:13 . 2013-01-17 00:28 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-02-24 17:13 . 2013-02-24 17:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-24 17:13 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-24 16:13 . 2013-02-24 16:13 -------- d-----w- c:\users\Dana\AppData\Roaming\Malwarebytes
2013-02-24 16:13 . 2013-02-24 16:13 -------- d-----w- c:\programdata\Malwarebytes
2013-02-24 07:45 . 2013-02-24 07:45 -------- d-----w- C:\1845caec76d79da0e9
2013-02-14 17:36 . 2013-01-04 01:38 2048512 ----a-w- c:\windows\system32\win32k.sys
2013-02-14 17:36 . 2012-11-08 03:48 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-02-14 17:36 . 2013-01-04 11:28 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-14 17:36 . 2013-01-05 05:26 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-14 17:36 . 2013-01-05 05:26 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-14 17:22 . 2013-02-14 17:22 -------- d-----w- c:\program files\Common Files\Skype
2013-02-14 17:22 . 2013-02-14 17:22 -------- d-----r- c:\program files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 13:12 . 2012-12-21 11:56 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 10:50 . 2012-12-21 11:56 293376 ----a-w- c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-22 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-01-25 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-12 3444736]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Google Updater"="c:\program files\Google\Google Updater\GoogleUpdater.exe" [2011-10-04 161336]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2012-03-28 404568]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-18 39424]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-12-21 184320]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-15 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-7-26 113664]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-22 50688]
Microsoft Office.lnk - f:\office\OSA9.EXE [N/A]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-07 17:07 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2010-09-05 c:\windows\Tasks\User_Feed_Synchronization-{F53B63A4-872F-4ACA-ACA4-6438EBEBE70F}.job
- c:\windows\system32\msfeedssync.exe [2011-07-30 04:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.yahoo.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FSServer207Service]
"ImagePath"="c:\form studio server\nxServer207.exe /ServiceName:FSServer207Service"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NSL]
"ImagePath"="\"c:\program files\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files\Norton Safe Web Lite\Engine\2.0.0.17\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2b,c2,a7,f7,05,d3,20,4b,b6,5f,dc,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\system32\WLANExt.exe
c:\windows\System32\bcmwltry.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\form studio server\nxServer207.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\system32\STacSV.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2013-02-25 20:47:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-25 19:47
ComboFix2.txt 2013-02-25 08:01
.
Před spuštěním: Volných bajtů: 41 983 967 232
Po spuštění: Volných bajtů: 38 778 724 352
.
- - End Of File - - 192C0091DDF4720E6C7A87EB0BEE47CE

[Reklama]

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


screen OK.
Co problémy?

[prcek]

Combofix/uninstall nešel přes spustit najít ,ale po restartu zmizel,jinak jsem vše udělala ,problémy zatím ještě nevím,snad se to bude rychleji načítat,akorát jsk jsme psala ,mi nejde po kliknutí na start otevřít složka "nápověda a podpora" děkuji

[jaro3]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[prcek]

tak jsem chtěla uložit otl na plochu a najednou mi to nešlo,chtěla jsem rozbalit roletku a vybrat plochu a bylo tam prázdno,nabídlo mi to do Opery a to nešlo ,tak to nabídlo do mé složky a s tama jse to musela přetáhnout na plochu ,tak nevím co se zase děje, tady jsou logy

OTL logfile created on: 26.2.2013 10:15:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2,49 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 57,54% Memory free
6,41 Gb Paging File | 5,17 Gb Available in Paging File | 80,70% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99,23 Gb Total Space | 49,66 Gb Free Space | 50,05% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,09 Gb Free Space | 60,94% Space Free | Partition Type: NTFS

Computer Name: DANA-PC | User Name: Dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Dana\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\FORM studio server\nxServer207.exe ()
PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Windows\System32\bcmwlrmt.dll ()


========== Services (SafeList) ==========

SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (NSL) -- C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.17\ccSvcHst.exe (Symantec Corporation)
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (sprtsvc_dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (FSServer207Service) -- C:\FORM studio server\nxServer207.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()


========== Driver Services (SafeList) ==========

DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (BCM42RLY) -- system32\drivers\BCM42RLY.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (ccSet_NST) -- C:\Windows\System32\drivers\NST\0200000.011\ccSetx86.sys (Symantec Corporation)
DRV - (ANDModem) -- C:\Windows\System32\drivers\lgandmodem.sys (LG Electronics Inc.)
DRV - (AndDiag) -- C:\Windows\System32\drivers\lganddiag.sys (LG Electronics Inc.)
DRV - (AndGps) -- C:\Windows\System32\drivers\lgandgps.sys (LG Electronics Inc.)
DRV - (Andbus) -- C:\Windows\System32\drivers\lgandbus.sys (LG Electronics Inc.)
DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_cs&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=vytLWvbD ... p_nTCoE?q={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=VZ2
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-divx
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.11.03 19:48:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.20 19:58:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.17\coFFNST\ [2013.02.26 08:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.12.11 11:48:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.02.17 07:58:42 | 000,000,000 | ---D | M]

[2010.03.21 16:38:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions
[2010.03.21 16:38:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.01.21 18:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.06.07 18:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions
[2009.06.07 18:44:17 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.01.24 17:44:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions
[2010.01.23 18:25:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.02.25 20:39:52 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.17\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files\Norton Safe Web Lite\Engine\2.0.0.17\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\System32\WLTRAY.EXE (Dell Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Updater] C:\Program Files\Google\Google Updater\GoogleUpdater.exe (Google)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 [2013.01.09 16:42:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 [2013.01.09 16:42:15 | 000,000,000 | ---D | M]
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mojebanka.cz ([etrading] https in Trusted sites)
O15 - HKCU\..Trusted Domains: mojebanka.cz ([www] https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplug.com/StreamPlug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8071D27D-0957-477B-B89B-55FCAF0D477F}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dana\Pictures\Přehrávání\DSC09913 (2).JPG
O24 - Desktop BackupWallPaper: C:\Users\Dana\Pictures\Přehrávání\DSC09913 (2).JPG
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013.02.26 10:11:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dana\Desktop\OTL.exe
[2013.02.25 22:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.25 20:40:04 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.02.25 20:37:20 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.02.25 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Local\temp
[2013.02.25 13:00:49 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Roaming\TuneUp Software
[2013.02.25 13:00:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.02.25 13:00:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.02.25 13:00:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.02.25 12:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2013.02.25 12:58:46 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Roaming\OpenCandy
[2013.02.25 12:58:45 | 000,000,000 | ---D | C] -- C:\Program Files\CrystalDiskInfo
[2013.02.25 12:50:37 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Local\{34D6DBD2-9489-4083-A318-2EE2C7976D57}
[2013.02.25 08:43:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.02.25 08:43:02 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.02.25 08:13:22 | 000,232,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2013.02.24 18:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.24 18:13:46 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.02.24 18:13:46 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.02.24 17:32:32 | 000,000,000 | ---D | C] -- C:\Users\Dana\Desktop\backups
[2013.02.24 17:13:50 | 000,000,000 | ---D | C] -- C:\Users\Dana\AppData\Roaming\Malwarebytes
[2013.02.24 17:13:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.24 17:07:45 | 000,448,512 | ---- | C] (OldTimer Tools) -- C:\Users\Dana\Desktop\TFC.exe
[2013.02.24 17:07:28 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\Dana\Desktop\ATF-Cleaner.exe
[2013.02.24 16:50:43 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Dana\Desktop\hijackthis.exe
[2013.02.24 08:45:37 | 000,000,000 | ---D | C] -- C:\1845caec76d79da0e9
[2013.02.15 17:56:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.02.15 17:56:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.02.15 17:56:49 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.02.15 17:56:48 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.02.15 17:56:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.02.15 17:56:45 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.02.15 17:56:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.02.15 17:56:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.02.14 18:36:43 | 002,048,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.02.14 18:36:41 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2013.02.14 18:36:35 | 003,602,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.02.14 18:36:35 | 003,550,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.02.14 18:22:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.02.14 18:22:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.02.14 18:22:30 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

========== Files - Modified Within 30 Days ==========

[2013.02.26 10:11:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dana\Desktop\OTL.exe
[2013.02.26 08:38:54 | 005,115,692 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.02.26 08:38:54 | 002,427,840 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.26 08:38:54 | 001,861,086 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.26 08:38:54 | 001,828,880 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2013.02.26 08:33:04 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.26 08:33:03 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.26 08:32:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.26 08:32:24 | 2673,913,856 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.25 23:18:53 | 281,824,112 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.25 23:04:14 | 000,331,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.02.25 22:57:41 | 000,147,116 | ---- | M] () -- C:\Users\Dana\Documents\cc_20130225_225725.reg
[2013.02.25 22:50:33 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.25 20:39:52 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.02.25 20:33:43 | 000,006,648 | ---- | M] () -- C:\Users\Dana\AppData\Local\d3d9caps.dat
[2013.02.25 19:59:28 | 000,006,085 | ---- | M] () -- C:\Users\Dana\AppData\Roaming\mainhst.zgh
[2013.02.25 12:58:49 | 000,001,774 | ---- | M] () -- C:\Users\Dana\Desktop\CrystalDiskInfo.lnk
[2013.02.24 18:13:53 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.24 17:07:45 | 000,448,512 | ---- | M] (OldTimer Tools) -- C:\Users\Dana\Desktop\TFC.exe
[2013.02.24 17:07:28 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\Dana\Desktop\ATF-Cleaner.exe
[2013.02.24 16:50:43 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Dana\Desktop\hijackthis.exe
[2013.02.24 16:28:35 | 000,531,258 | ---- | M] () -- C:\Users\Dana\Desktop\hwmonitor_1.18-32bit.zip
[2013.02.14 18:22:32 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.12 19:07:19 | 087,399,615 | ---- | M] () -- C:\Users\Dana\Desktop\Neobyčejný-život-Timothyho-Greena--Odd-Life-of-Timothy-Green,-The-(2012)-CZ-DABING-NOVINKY.avi
[2013.02.12 18:46:35 | 000,105,472 | ---- | M] () -- C:\Users\Dana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.03 15:39:08 | 000,002,671 | ---- | M] () -- C:\Users\Dana\Desktop\Microsoft Word.lnk

========== Files Created - No Company Name ==========

[2013.02.25 23:18:53 | 281,824,112 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.25 22:57:30 | 000,147,116 | ---- | C] () -- C:\Users\Dana\Documents\cc_20130225_225725.reg
[2013.02.25 22:50:33 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.25 20:38:20 | 2673,913,856 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.25 12:58:49 | 000,001,774 | ---- | C] () -- C:\Users\Dana\Desktop\CrystalDiskInfo.lnk
[2013.02.24 18:13:53 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.02.24 16:28:35 | 000,531,258 | ---- | C] () -- C:\Users\Dana\Desktop\hwmonitor_1.18-32bit.zip
[2013.02.14 18:22:32 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.02.12 18:51:23 | 087,399,615 | ---- | C] () -- C:\Users\Dana\Desktop\Neobyčejný-život-Timothyho-Greena--Odd-Life-of-Timothy-Green,-The-(2012)-CZ-DABING-NOVINKY.avi
[2009.03.12 13:35:04 | 000,006,648 | ---- | C] () -- C:\Users\Dana\AppData\Local\d3d9caps.dat
[2009.01.03 15:23:42 | 000,004,096 | -H-- | C] () -- C:\Users\Dana\AppData\Local\keyfile3.drm
[2008.10.08 20:38:38 | 000,006,085 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\mainhst.zgh
[2008.10.04 19:27:15 | 008,430,639 | ---- | C] () -- C:\Users\Dana\AppData\Roaming\UserTile.png
[2008.07.25 06:45:24 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008.07.24 17:59:28 | 000,105,472 | ---- | C] () -- C:\Users\Dana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006.11.02 13:51:16 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013.02.25 22:54:35 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Azureus
[2009.05.03 18:59:41 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Canon
[2009.06.26 21:21:20 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\DriverCure
[2010.06.25 14:33:12 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\ICQ
[2008.07.25 07:29:22 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\ICQ Toolbar
[2011.08.05 07:47:09 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\IObit
[2010.01.23 20:14:46 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Kastner software
[2009.01.14 20:19:40 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\LG Electronics
[2013.02.25 12:58:46 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\OpenCandy
[2011.12.12 15:46:07 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Opera
[2009.01.06 18:58:31 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\PeerNetworking
[2009.04.29 13:44:57 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\ScanSoft
[2010.03.21 16:38:54 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Thunderbird
[2008.07.29 18:50:11 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\tmp
[2013.02.25 13:00:49 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\TuneUp Software
[2011.08.16 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\Windows Live Writer
[2008.10.22 16:38:43 | 000,000,000 | ---D | M] -- C:\Users\Dana\AppData\Roaming\ZipGenius

========== Purity Check ==========



< End of report >

[prcek]

OTL Extras logfile created on: 26.2.2013 10:15:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dana\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d.M.yyyy

2,49 Gb Total Physical Memory | 1,43 Gb Available Physical Memory | 57,54% Memory free
6,41 Gb Paging File | 5,17 Gb Available in Paging File | 80,70% Paging File free
Paging file location(s): c:\pagefile.sys 4096 4096 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 99,23 Gb Total Space | 49,66 Gb Free Space | 50,05% Space Free | Partition Type: NTFS
Drive D: | 10,00 Gb Total Space | 6,09 Gb Free Space | 60,94% Space Free | Partition Type: NTFS

Computer Name: DANA-PC | User Name: Dana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 -- [2012.09.06 18:46:00 | 000,000,000 | ---D | M]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2012.09.06 18:46:00 | 000,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2012.09.06 18:46:00 | 000,000,000 | ---D | M]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1 -- [2012.09.06 18:46:00 | 000,000,000 | ---D | M]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\FORM studio server\nxserver207.exe" = C:\FORM studio server\nxServer207.exe:*:Enabled:FormStudionxServer -- ()


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13313578-CCB7-420C-8E0E-732AE7614FDC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1337DCC9-1CC3-446C-9580-80674B267E21}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{154DC91F-221E-4813-83FA-4DF91FBB146D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1686BB91-B488-4D06-8B61-749B58A37A6A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2A62C394-5400-48DD-839E-2C41CCFD06CF}" = rport=138 | protocol=17 | dir=out | app=system |
"{2BC641F0-1C33-4069-94C7-D07CA5D7753D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2BE2A063-BBB9-4861-8A2B-81522A8410C6}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BE9DE75-8643-4B08-B00A-E0C168AA5C3A}" = rport=137 | protocol=17 | dir=out | app=system |
"{30F39836-73A1-4392-BF41-27070ABC7142}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3E4CCF0D-FA1F-4C18-B9E3-B4DFA76AC433}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{47D52937-701D-4CB2-8D6A-67A138ADD476}" = lport=2869 | protocol=6 | dir=in | app=system |
"{55A77115-1847-490F-8536-EEBC66D66A3E}" = lport=139 | protocol=6 | dir=in | app=system |
"{84642B8A-7496-4CF0-8367-30C875A76809}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8E7AFE0C-2ADC-43F9-8CFD-FF60692C78C3}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EE426AB-95DD-402B-AB64-66C4A2722ADE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A3A2C96E-ED53-4067-9904-77E0590595C6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A95BCCBB-947B-435E-9E05-287F68715591}" = lport=137 | protocol=17 | dir=in | app=system |
"{CA6B55D2-7C71-4C8D-BDD3-4F36FC697B7D}" = rport=445 | protocol=6 | dir=out | app=system |
"{D764D5C8-123A-4D9B-9D01-F01B0C30BC71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DFE7E894-7A0E-4BBC-B073-74D0881CA30A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EE257628-B967-401A-9F9D-573171EA0526}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EE53C492-2EFA-4D76-802C-FD1D30C40484}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA67DB83-5E02-4847-A7E1-54041E51B3C4}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E5E6E8E-E593-45D1-BB86-43B9769CB354}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1632C554-3853-42FB-9698-A8C0F4C79CAC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{27CB2162-8782-487E-B2DC-A90A433AC090}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C01FE10-BB08-4DC8-A317-56ADD9241626}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{334B6D97-9654-42FE-AA19-3E07152C75B2}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{36AFDC5A-A1E7-4338-BB42-9913645D1AFD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3CB5426D-548D-40BD-A8AE-781C2976097D}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{3ED7715C-9FFF-4F04-BB0D-657C09942D77}" = protocol=6 | dir=out | app=system |
"{40847802-9032-44E9-9362-6279364F2389}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44537461-BB27-4CDB-8055-4206E4D25F1B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{65A11880-50A7-4B07-9D8A-9C90B5537341}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6799BEC7-95F8-4380-9340-0CC2A1537D7E}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{7428AF11-5784-40AC-8F74-8095970A6D60}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"{926BCD8C-71D2-44F2-9841-8CEAE943B3CE}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{95EE6D13-9BA3-4F0D-9C3B-5D4123E119E5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B4E96AE-250A-4B73-902D-E13AD1E16C81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9FDCB27D-A421-47B5-B853-BF7025DCEAD3}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"{B6A9DCCB-1D23-4661-897A-1CB9207696D3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B884444E-AAE7-40F4-B251-65C1BE0E1C71}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA5536C8-4BD5-4226-A315-92F4B2FF7422}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C7B13732-F9EC-484F-934F-E6B8E538ACA3}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{D0F60DB8-C791-4EA2-9351-7A2A0CD1B947}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D279C4B7-33CB-46F4-9BFE-D67765C95534}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E0ACE231-B465-4549-B4BD-06C0174EB3C3}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{E0CD0E60-7685-4FBE-918E-1937F2B39AFA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E608EEF7-8E4D-4202-BDC6-775D14C73BAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF6D6F5A-E59D-4612-A96D-A8AF153F53B8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F56A0F70-9E9E-40AE-A124-6D6F3AC2EA73}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F7EEE488-E99A-4278-93D3-27968DFC6ADB}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{20588C88-198C-43F2-B5A9-63885AE15DCC}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{300A415A-BDA7-4CF2-AE6B-6C0E575C9BE8}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{799AC7C2-DB04-4373-A29C-D0E7D324F7C1}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{F075AF92-7E50-41AA-93F6-4E88B4409B10}C:\form studio server\nxenterprisemanager.exe" = protocol=6 | dir=in | app=c:\form studio server\nxenterprisemanager.exe |
"UDP Query User{1D31058B-ED5A-4F78-B36B-FB05589751CB}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{58AC0BAD-CA9E-43DB-9676-FF24BEB69C47}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{88EC51EF-3FC4-4094-85E3-54248D295607}C:\form studio server\nxenterprisemanager.exe" = protocol=17 | dir=in | app=c:\form studio server\nxenterprisemanager.exe |
"UDP Query User{B963671C-3690-4CBE-A9A2-EEAA09520A9E}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP210_series" = Canon MP210 series
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2357B8BC-88C9-4A72-818C-050CC4EB0778}" = AOL Install
"{28A25E3A-2855-4A39-B72B-50BF80FB86C5}" = Windows Live Family Safety
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34A0FF07-F11A-4157-84A3-92F8AD688CBF}" = Vodafone Mobile Connect via the phone
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}" = EarthLink Setup Files
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E570CB6B-1CBC-4ADD-969F-7B3338A6BDB6}" = Windows Live Sync
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6 (6.0.3.1150)
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"asterisk key" = Asterisk Key 8.3
"avast" = avast! Free Antivirus
"Azureus" = Azureus
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"CrystalDiskInfo_is1" = CrystalDiskInfo 5.2.2 Shizuku Edition
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FastStone Image Viewer" = FastStone Image Viewer 3.7
"FSCZ_is1" = FORM studio
"FSSERVER207_is1" = FORM studio server 2.07
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.70.0.1100
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Thunderbird (3.0.2)" = Mozilla Thunderbird (3.0.2)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"NST" = Norton Safe Web Lite
"Opera 12.01.1532" = Opera 12.01
"Picasa 3" = Picasa 3
"Podnikový a domácí právník 2008_is1" = PDP 2008 9.13
"Podnikový a domácí právník 8.3_is1" = Podnikový a domácí právník 8.3
"Registrace uživatele zařízení Canon MP210 series" = Registrace uživatele zařízení Canon MP210 series
"suc13_is1" = Stereo 2011 - ekonomický software, v.13.1.4
"VLC media player" = VLC media player 2.0.4
"Vuze" = Vuze
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Application Detect

========== Last 20 Event Log Errors ==========

[ Antivirus Events ]
Error - 27.7.2008 10:06:31 | Computer Name = Dana-PC | Source = avast! | ID = 33554522
Description =

Error - 16.11.2009 17:35:18 | Computer Name = Dana-PC | Source = avast! | ID = 33554522
Description =

Error - 16.11.2009 17:36:20 | Computer Name = Dana-PC | Source = avast! | ID = 33554522
Description =

Error - 16.11.2009 17:36:34 | Computer Name = Dana-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 25.2.2013 18:11:35 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 25.2.2013 18:11:35 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 25.2.2013 18:11:35 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3011
Description =

Error - 25.2.2013 18:24:41 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 25.2.2013 18:24:41 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 25.2.2013 18:24:41 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3011
Description =

Error - 25.2.2013 18:33:04 | Computer Name = Dana-PC | Source = EventSystem | ID = 4621
Description =

Error - 26.2.2013 3:38:49 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 26.2.2013 3:38:49 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

Error - 26.2.2013 3:38:49 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3011
Description =

[ System Events ]
Error - 26.2.2013 3:34:11 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:15 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:16 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:19 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:19 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:19 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:19 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:34:20 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 26.2.2013 3:37:27 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 26.2.2013 3:37:27 | Computer Name = Dana-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >

[jaro3]

Měla si předtím antivir Norton Internet Security?

Norton Safe Web Lite
Network Security Toolkit
Pokud nepoužíváš , odinstaluj.

Aktualizuj javu:
Java SE Runtime Environment 7

Klikni na Accept License Agreement
Vyber si OS (Windows nebo Windows x64, Offline Installation)
jre-7-windows-i586-p.exe nebo
jre-7-windows-x64.exe
Stáhni ( download) a nainstaluj.
Ostatní javy odeber v přidat/odebrat programy.

Máš poškozené registry...možná IOBIT , používáš jej?

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (BCM42RLY) -- system32\drivers\BCM42RLY.sys File not found
DRV - (ccSet_NST) -- C:\Windows\System32\drivers\NST\0200000.011\ccSetx86.sys (Symantec Corporation)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7DKUS_cs&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=vytLWvbD ... p_nTCoE?q={searchTerms}
IE - HKCU\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=VZ2
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=chr-divx
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = http://slirsredirect.search.aol.com/sli ... 685&query={searchTerms}&invocationType=tb50winampie7
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll File not found
[2010.03.21 16:38:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions
[2010.03.21 16:38:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.01.21 18:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.06.07 18:44:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions
[2009.06.07 18:44:17 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010.01.24 17:44:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\msdaipp - No CLSID value found
[2013.02.26 08:38:54 | 005,115,692 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2013.02.26 08:38:54 | 002,427,840 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.02.26 08:38:54 | 001,861,086 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.02.26 08:38:54 | 001,828,880 | ---- | M] () -- C:\Windows\System32\perfc005.dat

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Qoobox
C:\Users\Dana\AppData\Local\d3d9caps.dat
C:\Users\Dana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\ezsidmv.dat
C:\Users\Dana\AppData\Roaming\ICQ Toolbar

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Error - 25.2.2013 18:11:35 | Computer Name = Dana-PC | Source = LoadPerf | ID = 3012
Description =

chtělo by to opravit , zkusím vyhledat potom.

[prcek]

tak norton security tam asi dříve byl, norton safe jsem odinstalovala a network security jsem nenašla. ten registr IOBIT ani nevím co je ,tak že nevím jestli ho používám, tady je log:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
C:\Program Files\Skype\Updater\Updater.exe moved successfully.
Service USBModem stopped successfully!
Service USBModem deleted successfully!
File system32\DRIVERS\lgusbmodem.sys File not found not found.
Service UsbDiag stopped successfully!
Service UsbDiag deleted successfully!
File system32\DRIVERS\lgusbdiag.sys File not found not found.
Service usbbus stopped successfully!
Service usbbus deleted successfully!
File system32\DRIVERS\lgusbbus.sys File not found not found.
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\system32\drivers\blbdrive.sys File not found not found.
Service BCM42RLY stopped successfully!
Service BCM42RLY deleted successfully!
File system32\drivers\BCM42RLY.sys File not found not found.
Error: No service named ccSet_NST was found to stop!
Service\Driver key ccSet_NST not found.
File C:\Windows\System32\drivers\NST\0200000.011\ccSetx86.sys not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DECA3892-BA8F-44b8-A993-A466AD694AE4}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}\ not found.
Prefs.js: {20a82645-c095-46ed-80e3-08825760534b}:1.1 removed from extensions.enabledItems
Prefs.js: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6 removed from extensions.enabledItems
Prefs.js: "*.local" removed from network.proxy.no_proxies_on
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0\ deleted successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Extensions folder moved successfully.
Folder C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}\ not found.
Folder C:\Users\Dana\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\ not found.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions folder moved successfully.
Folder C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\ not found.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} folder moved successfully.
C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\sbfgqk3u.default\extensions folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
C:\Program Files\Winamp Toolbar\winamptb.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}\ deleted successfully.
File C:\Program Files\Winamp Toolbar\winamptb.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
C:\Windows\Downloaded Program Files\DivXPlugin.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67DABFBF-D0AB-41FA-9C46-CC0F21721616}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ipp\ deleted successfully.
File Protocol\Handler\ipp - No CLSID value found not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\User_Feed_Synchronization-{F53B63A4-872F-4ACA-ACA4-6438EBEBE70F}.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
Folder move failed. C:\Qoobox\BackEnv scheduled to be moved on reboot.
C:\Qoobox folder moved successfully.
C:\Users\Dana\AppData\Local\d3d9caps.dat moved successfully.
C:\Users\Dana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Users\Dana\AppData\Roaming\ICQ Toolbar folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\"VistaSp1" | Reg Error: Unknown registry data type -- File not found /E :invalid edit format. Invalid data type.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\"VistaSp2" | Reg Error: Unknown registry data type -- File not found /E :invalid edit format. Invalid data type.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Dana
->Temp folder emptied: 224454 bytes
->Temporary Internet Files folder emptied: 6607101 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Opera cache emptied: 28764497 bytes
->Flash cache emptied: 967 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 307491231 bytes
RecycleBin emptied: 108886085 bytes

Total Files Cleaned = 431,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02262013_200153

Files\Folders moved on Reboot...
File\Folder C:\Qoobox\BackEnv not found!
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\NexusDB_TemporaryStorage_3332_2143107488.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[jaro3]

Co problémy?

[prcek]

určitě se počítač zrychlil,moc děkuji,jen pořád nemůžu otevřít složku nápověda a podpora,tak nevím jak se tam dostanu

[jaro3]

Kde se složka nachází , a můžeš dát screen?

[prcek]

kde je to uložené nevím,když kliknu na start a chci tu složku otevřít ,tak to napíše toto : zkusím ten screen