Prosím o kontrolu logu - nefunkční weby

[ondrej01]

combofix:

ComboFix 13-06-09.01 - uzivatel 09.06.2013 19:30:41.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1435 [GMT 2:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\uzivatel\s.exe
C:\install.exe
C:\Thumbs.db
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\frapsvid.dll
c:\windows\system32\ijl11.dll
c:\windows\system32\networkdlllsp.dll
c:\windows\system32\SET64.tmp
c:\windows\system32\SET77C7.tmp
c:\windows\system32\SET77E2.tmp
c:\windows\system32\SET77E4.tmp
c:\windows\system32\SET77F2.tmp
c:\windows\system32\SET7908.tmp
c:\windows\system32\tmp58C.tmp
c:\windows\system32\tmp58D.tmp
c:\windows\system32\vbpng1.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-08 do 2013-06-08 )))))))))))))))))))))))))))))))
.
.
2013-06-08 17:01 . 2013-06-08 17:01 388096 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-08 17:01 . 2013-06-08 17:01 -------- d-----w- c:\program files\Trend Micro
2013-06-07 14:44 . 2013-06-07 14:44 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Wireshark
2013-06-07 14:36 . 2013-06-07 14:36 -------- d-----w- c:\program files\WinPcap
2013-06-07 14:22 . 2013-06-07 14:37 -------- d-----w- c:\program files\Wireshark
2013-06-06 19:07 . 2013-06-06 19:07 74136 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-06-06 19:07 . 2013-06-06 19:07 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-06 19:06 . 2013-06-06 19:06 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-06-06 19:06 . 2013-06-06 19:06 96664 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-06-06 19:06 . 2013-06-06 19:06 170232 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-06-06 18:52 . 2013-06-06 18:56 -------- d-----w- c:\windows\$regcmp$
2013-06-05 15:51 . 2013-06-05 15:51 -------- d-----w- c:\program files\Common Files\Skype
2013-06-01 09:53 . 2013-06-01 10:27 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Game Dev Tycoon
2013-06-01 09:51 . 2013-06-01 09:51 -------- d-----w- c:\program files\Game Dev Tycoon v1.3.2
2013-05-29 19:37 . 2013-05-29 19:37 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\NVIDIA
2013-05-29 17:51 . 2013-05-08 03:25 893728 ----a-w- c:\windows\system32\nvdispgenco3232014.dll
2013-05-29 17:51 . 2013-05-08 03:25 1024288 ----a-w- c:\windows\system32\nvdispco3232014.dll
2013-05-29 17:51 . 2013-05-29 17:51 -------- d-----r- c:\documents and settings\UpdatusUser\Oblíbené položky
2013-05-29 17:50 . 2013-05-29 17:50 -------- d-----w- C:\NVIDIA
2013-05-29 17:37 . 2013-05-29 17:37 -------- d-----w- c:\documents and settings\UpdatusUser\Local Settings\Data aplikací\NVIDIA
2013-05-29 17:25 . 2013-05-29 17:25 -------- d-----w- c:\documents and settings\UpdatusUser\Searches
2013-05-29 17:25 . 2013-05-29 17:25 -------- d-----w- c:\documents and settings\UpdatusUser\Contacts
2013-05-24 19:33 . 2013-05-24 19:33 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-05-24 19:33 . 2013-05-24 19:33 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\eSupport.com
2013-05-23 18:29 . 2013-05-23 18:29 -------- d-----w- c:\program files\Caricature Software
2013-05-17 16:42 . 2013-05-17 16:42 -------- d-----w- C:\Games
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-11 08:56 . 2013-05-11 08:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard
2013-05-10 22:27 . 2013-05-10 22:27 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\IceCold-WoW
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 13:32 . 2012-04-12 12:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 13:32 . 2011-06-13 19:01 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-08 03:25 . 2012-09-14 11:06 6320128 ----a-w- c:\windows\system32\nvopencl.dll
2013-05-08 03:25 . 2012-04-10 21:57 2759456 ----a-w- c:\windows\system32\nvcuvid.dll
2013-05-08 03:25 . 2012-04-10 21:57 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-05-08 03:25 . 2012-04-10 21:57 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-05-08 03:25 . 2008-05-02 14:46 7659520 ----a-w- c:\windows\system32\nvcuda.dll
2013-05-08 03:25 . 2008-05-02 14:46 4013568 ----a-w- c:\windows\system32\nv4_disp.dll
2013-05-08 03:25 . 2008-05-02 14:46 2547712 ----a-w- c:\windows\system32\nvapi.dll
2013-05-08 03:25 . 2008-05-02 14:46 20197376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-05-08 03:25 . 2008-05-02 14:46 10965408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2013-05-07 21:45 . 2011-01-07 17:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2013-05-07 21:45 . 2011-01-07 17:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2013-05-07 21:45 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2013-05-07 21:45 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2013-05-07 21:45 . 2011-01-07 17:58 335872 ----a-w- c:\windows\system32\nvrshe.dll
2013-05-07 21:45 . 2011-01-07 17:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2013-05-07 21:45 . 2011-01-07 17:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2013-05-07 21:45 . 2011-01-07 17:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsja.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2013-05-07 21:45 . 2011-01-07 17:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2013-05-07 21:45 . 2011-01-07 17:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2013-05-07 21:38 . 2011-01-07 17:58 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-05-07 21:38 . 2011-01-07 17:58 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-05-07 21:38 . 2011-01-07 17:58 15677728 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-07 21:38 . 2011-01-07 17:58 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-07 21:38 . 2011-01-07 17:58 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-04-16 22:26 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2008-04-14 05:45 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-05-04 12:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-27 18:06 . 2012-07-02 17:45 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-27 18:06 . 2010-08-16 11:59 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-17 . 76DB22AC01FA7C1A3A5499C1658C10EC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-10-31 95536]
"kixi"="c:\usersettings\win.exe" [2013-03-02 4066665]
"BD4D3F19C0E2D913F2435A456B4DD0B5CC4EE466._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-05-29 825808]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-02-27 33599488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-10-31 54576]
"atwtusb"="atwtusb.exe" [2007-05-31 323232]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ActivControl"="c:\program files\Activ Software\ActivDriver\ActivControl2.exe" [2010-06-10 1092896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-05-07 15677728]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2013-05-07 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-05-08 2562848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Clownfish"="c:\program files\Clownfish\Clownfish.exe"
"EPSON SX410 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE /FU "c:\windows\TEMP\E_S136.tmp" /EF "HKCU"
"Boxoft Tools"="c:\documents and settings\All Users\Data aplikací\Boxtools\Boxofttoolbox.exe" -autorun
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Haemimont Games\\Celtic Kings\\Celtic kings.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Valve\\Portal 2\\portal2.exe"=
"c:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Counter-Strike 1.6\\csko.exe"=
"c:\\Program Files\\Black_Box\\FIFA 12\\Game\\fifa.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Counter-Strike 1.6\\hlds.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\HLDS\\hltv.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Stažené soubory\\winbox.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\RunLauncher.bat"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Steam\\steamapps\\marsty02\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Downloads\\hl2.exe"=
"c:\\Program Files\\Portal - Game\\hl2.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1637\\Agent.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Gotham City Impostors F2P\\Impostors.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Gotham City Impostors F2P\\Engine.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Downloads\\bulanci.exe"=
"c:\\Program Files\\Team17\\Worms Armageddon\\wa.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1737\\Agent.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\WoW-3.2.0-enGB-downloader.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\wowpatch.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\BNUpdate.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\Launcher.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\BackgroundDownloader.exe"=
"c:\\Program Files\\Wowka\\wow\\Kopie - WoW\\Launcher.exe"=
"c:\\Program Files\\Wowka\\wow\\Kopie - WoW\\Launcher.patch.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Alan Wake\\AlanWake.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Chess the Gathering\\CTG.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\old_chrome.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Team Fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard Downloader
"57555:TCP"= 57555:TCP:Pando Media Booster
"57555:UDP"= 57555:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:*:Disabled:League of Legends Launcher
"8396:UDP"= 8396:UDP:*:Disabled:League of Legends Launcher
"6898:TCP"= 6898:TCP:*:Disabled:League of Legends Launcher
"6898:UDP"= 6898:UDP:*:Disabled:League of Legends Launcher
"27015:TCP"= 27015:TCP:NMRiH
"1200:UDP"= 1200:UDP:st
"27000:UDP"= 27000:UDP:ste
"27020:TCP"= 27020:TCP:stea
"27015:UDP"= 27015:UDP:steam
"27050:TCP"= 27050:TCP:steam1
"27020:UDP"= 27020:UDP:steam2
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [21.12.2011 14:47 21600]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.3.2012 18:32 242240]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9.4.2009 15:18 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9.4.2009 15:21 94360]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [30.10.2011 11:07 21992]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9.4.2009 15:19 731840]
R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [30.10.2010 12:04 137344]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [14.6.2012 21:07 578264]
R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [30.10.2010 12:04 12032]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [6.4.2013 19:49 3574624]
R3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [26.5.2010 16:20 74752]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\drivers\CamSuiteVAC.sys [9.4.2010 21:19 37560]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [20.4.2012 20:52 84096]
R3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\drivers\activmouse.sys [26.5.2010 16:21 6144]
R3 Tetri5;Tetri5 driver;c:\windows\system32\drivers\Tetri5.sys [30.10.2010 12:20 53088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [8.7.2009 10:32 1057024]
S1 aiptektp;Pen Pad;c:\windows\system32\drivers\aiptektp.sys [16.1.2011 11:12 22528]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.5.2013 13:26 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [4.2.2012 21:58 100368]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys --> c:\windows\system32\DRIVERS\btcomport.sys [?]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys --> c:\windows\system32\Drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [21.12.2011 14:47 27744]
S3 cnnctfy2;Connectify Service;c:\windows\system32\DRIVERS\cnnctfy2.sys --> c:\windows\system32\DRIVERS\cnnctfy2.sys [?]
S3 cnnctfy2MP;cnnctfy2MP;c:\windows\system32\DRIVERS\cnnctfy2.sys --> c:\windows\system32\DRIVERS\cnnctfy2.sys [?]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [24.5.2013 21:33 23456]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [5.3.2012 18:18 135584]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [11.4.2012 21:52 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [11.4.2012 21:52 100736]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [6.4.2010 18:32 23048]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [11.1.2012 8:11 32000]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [22.2.2012 12:34 22400]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.3.2013 3:48 36600]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [1.10.2010 13:21 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [1.10.2010 13:21 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [1.10.2010 13:21 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [1.10.2010 13:21 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [1.10.2010 13:21 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [1.10.2010 13:21 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [1.10.2010 13:21 123504]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [21.3.2012 18:38 13824]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [13.11.2012 21:53 14416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 22:06 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 13:32]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-07 17:53]
.
2013-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-07 17:53]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = dota-trade.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: + Offline &Explorer: Download the link - file://c:\program files\Offline Explorer\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files\Offline Explorer\Add_AllO.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\office\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\translator\WEBIE.DLL
TCP: DhcpNameServer = 192.168.2.1
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://atlas.centrum.cz/
FF - ExtSQL: 2013-06-06 13:39; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2010-03-22 20:14; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{6B34ACCF-1B63-4E1A-8633-461917C75544} - (no file)
WebBrowser-{6B34ACCF-1B63-4E1A-8633-461917C75544} - (no file)
HKU-Default-Run-Exetender_298 - c:\program files\Frag Games\GPlayer.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Convert Doc_is1 - c:\program files\Softinterface
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Counter-Strike 1.6 NS v36 p48 - c:\program files\Counter-Strike 1.6 NS\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-08 19:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58CAF105-8841-E75D-5BD2-01EFB9C6B8AD}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:bd,89,6b,e5,44,7c,dd,d3,74,c7,31,59,1d,05,1d,af,c6,61,b6,a2,e5,ea,2c,
dc,fb,b8,ee,a8,57,81,5d,be,de,50,d2,a2,6f,11,d7,1b,04,41,41,a7,9d,d6,77,a3,\
"??"=hex:bb,b8,1f,05,77,67,b2,ab,a3,c8,21,ed,73,d1,d6,97
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:87,af,f4,e6,0b,50,9b,84,8c,d9,19,78,03,69,5f,a7,3f,18,84,5b,d2,
15,97,2e,c9,91,c1,1d,cf,bd,33,5a,f4,55,09,07,4c,f2,a8,de,17,76,f2,eb,f8,fe,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1340)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2013-06-08 19:37:38
ComboFix-quarantined-files.txt 2013-06-08 17:37
.
Před spuštěním: Volných bajtů: 129 685 024 768
Po spuštění: Volných bajtů: 130 602 516 480
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 90DD34C025B2A478ED80DEF808955F12
413FC2A0C716421B3158746D63736515

[Reklama]

[memphisto]

Toto otestuj na Virustotal
c:\usersettings\win.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Toto máš nastaveno schválně?
"27015:TCP"= 27015:TCP:NMRiH
"1200:UDP"= 1200:UDP:st
"27000:UDP"= 27000:UDP:ste
"27020:TCP"= 27020:TCP:stea
"27015:UDP"= 27015:UDP:steam
"27050:TCP"= 27050:TCP:steam1
"27020:UDP"= 27020:UDP:steam2

[ondrej01]

https://www.virustotal.com/cs/file/5a60 ... 370808090/ vše se zdá v pohodě

Tamto ste stea apod. je dost možné že jsem to někdy udělal schválně, ale nepamatuji si to, dá se to nějak odstranit ? Mám tušení na co to tam mám... kdyžtak bych to vrátil zpátky kdyby ta věc nešla.

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Skype\Updater
c:\program files\Google\Update

Driver::
SkypeUpdate
BTCOM
BTCOMBUS
cnnctfy2
cnnctfy2MP


Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"27015:TCP"=-
"1200:UDP"=-
"27000:UDP"=-
"27020:TCP"=-
"27015:UDP"=-
"27050:TCP"=-
"27020:UDP"=-

DDS::
uInternet Settings,ProxyOverride = dota-trade.com
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\sfcfiles.dll

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[ondrej01]

Log z toho souboru z Combofixu:
ComboFix 13-06-08.01 - uzivatel 10.06.2013 16:09:15.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1433 [GMT 2:00]
Spuštěný z: c:\documents and settings\uzivatel\Dokumenty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\uzivatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.145\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.145\goopdate.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.145\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.145\psmachine.dll
c:\program files\Google\Update\1.3.21.145\psuser.dll
c:\program files\Google\Update\Download\{1082D26B-D502-4F11-A0B4-0FF1A156A30B}\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\27.0.1453.110\27.0.1453.110_27.0.1453.94_chrome_updater.exe
c:\program files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-7.0.3.8542.exe
c:\program files\Google\Update\Download\{D332529B-2AAD-41AC-A789-9E6730654DF9}\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3607.2246\GoogleToolbarInstaller_updater_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\erdnt\cache\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SKYPEUPDATE
-------\Service_BTCOM
-------\Service_BTCOMBUS
-------\Service_cnnctfy2
-------\Service_cnnctfy2MP
-------\Service_SkypeUpdate
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-10 do 2013-06-10 )))))))))))))))))))))))))))))))
.
.
2013-06-08 18:28 . 2013-06-08 18:28 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Malwarebytes
2013-06-08 18:28 . 2013-06-08 18:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-06-08 18:28 . 2013-06-08 18:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-08 18:28 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-08 17:01 . 2013-06-08 17:01 388096 ----a-r- c:\documents and settings\uzivatel\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-06-08 17:01 . 2013-06-08 17:01 -------- d-----w- c:\program files\Trend Micro
2013-06-07 14:44 . 2013-06-07 14:44 -------- d-----w- c:\documents and settings\uzivatel\Data aplikací\Wireshark
2013-06-07 14:36 . 2013-06-07 14:36 -------- d-----w- c:\program files\WinPcap
2013-06-07 14:22 . 2013-06-07 14:37 -------- d-----w- c:\program files\Wireshark
2013-06-06 19:07 . 2013-06-06 19:07 74136 ----a-w- c:\program files\Mozilla Firefox\breakpadinjector.dll
2013-06-06 19:07 . 2013-06-06 19:07 262552 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-06 19:06 . 2013-06-06 19:06 26520 ----a-w- c:\program files\Mozilla Firefox\plugin-hang-ui.exe
2013-06-06 19:06 . 2013-06-06 19:06 96664 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2013-06-06 19:06 . 2013-06-06 19:06 170232 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2013-06-06 18:52 . 2013-06-06 18:56 -------- d-----w- c:\windows\$regcmp$
2013-06-05 15:51 . 2013-06-05 15:51 -------- d-----w- c:\program files\Common Files\Skype
2013-06-01 09:53 . 2013-06-01 10:27 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\Game Dev Tycoon
2013-06-01 09:51 . 2013-06-01 09:51 -------- d-----w- c:\program files\Game Dev Tycoon v1.3.2
2013-05-29 19:37 . 2013-05-29 19:37 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\NVIDIA
2013-05-29 17:51 . 2013-05-08 03:25 893728 ----a-w- c:\windows\system32\nvdispgenco3232014.dll
2013-05-29 17:51 . 2013-05-08 03:25 1024288 ----a-w- c:\windows\system32\nvdispco3232014.dll
2013-05-29 17:51 . 2013-05-29 17:51 -------- d-----r- c:\documents and settings\UpdatusUser\Oblíbené položky
2013-05-29 17:50 . 2013-05-29 17:50 -------- d-----w- C:\NVIDIA
2013-05-29 17:37 . 2013-05-29 17:37 -------- d-----w- c:\documents and settings\UpdatusUser\Local Settings\Data aplikací\NVIDIA
2013-05-29 17:25 . 2013-05-29 17:25 -------- d-----w- c:\documents and settings\UpdatusUser\Searches
2013-05-29 17:25 . 2013-05-29 17:25 -------- d-----w- c:\documents and settings\UpdatusUser\Contacts
2013-05-24 19:33 . 2013-05-24 19:33 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2013-05-24 19:33 . 2013-05-24 19:33 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Data aplikací\eSupport.com
2013-05-23 18:29 . 2013-05-23 18:29 -------- d-----w- c:\program files\Caricature Software
2013-05-17 16:42 . 2013-05-17 16:42 -------- d-----w- C:\Games
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 13:32 . 2012-04-12 12:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 13:32 . 2011-06-13 19:01 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-08 03:25 . 2012-09-14 11:06 6320128 ----a-w- c:\windows\system32\nvopencl.dll
2013-05-08 03:25 . 2012-04-10 21:57 2759456 ----a-w- c:\windows\system32\nvcuvid.dll
2013-05-08 03:25 . 2012-04-10 21:57 2002720 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-05-08 03:25 . 2012-04-10 21:57 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-05-08 03:25 . 2008-05-02 14:46 7659520 ----a-w- c:\windows\system32\nvcuda.dll
2013-05-08 03:25 . 2008-05-02 14:46 4013568 ----a-w- c:\windows\system32\nv4_disp.dll
2013-05-08 03:25 . 2008-05-02 14:46 2547712 ----a-w- c:\windows\system32\nvapi.dll
2013-05-08 03:25 . 2008-05-02 14:46 20197376 ----a-w- c:\windows\system32\nvoglnt.dll
2013-05-08 03:25 . 2008-05-02 14:46 10965408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2013-05-07 21:45 . 2011-01-07 17:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2013-05-07 21:45 . 2011-01-07 17:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2013-05-07 21:45 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2013-05-07 21:45 . 2011-01-07 17:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2013-05-07 21:45 . 2011-01-07 17:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2013-05-07 21:45 . 2011-01-07 17:58 335872 ----a-w- c:\windows\system32\nvrshe.dll
2013-05-07 21:45 . 2011-01-07 17:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2013-05-07 21:45 . 2011-01-07 17:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2013-05-07 21:45 . 2011-01-07 17:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2013-05-07 21:45 . 2011-01-07 17:58 274432 ----a-w- c:\windows\system32\nvrsja.dll
2013-05-07 21:45 . 2011-01-07 17:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2013-05-07 21:45 . 2011-01-07 17:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2013-05-07 21:45 . 2011-01-07 17:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2013-05-07 21:45 . 2011-01-07 17:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2013-05-07 21:45 . 2011-01-07 17:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2013-05-07 21:38 . 2011-01-07 17:58 54272 ----a-w- c:\windows\system32\nvwddi.dll
2013-05-07 21:38 . 2011-01-07 17:58 156960 ----a-w- c:\windows\system32\nvsvc32.exe
2013-05-07 21:38 . 2011-01-07 17:58 15677728 ----a-w- c:\windows\system32\nvcpl.dll
2013-05-07 21:38 . 2011-01-07 17:58 223008 ----a-w- c:\windows\system32\nvmctray.dll
2013-05-07 21:38 . 2011-01-07 17:58 144160 ----a-w- c:\windows\system32\nvcolor.exe
2013-04-16 22:26 . 2008-04-14 06:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2008-04-14 05:45 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-05-04 12:21 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-27 18:06 . 2012-07-02 17:45 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-27 18:06 . 2010-08-16 11:59 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-05-17 . 76DB22AC01FA7C1A3A5499C1658C10EC . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2008-10-31 95536]
"BD4D3F19C0E2D913F2435A456B4DD0B5CC4EE466._service_run"="c:\program files\Google\Chrome\Application\chrome.exe" [2013-05-29 825808]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-23 16804864]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-02-27 33599488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-04-09 2029640]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2008-10-31 54576]
"atwtusb"="atwtusb.exe" [2007-05-31 323232]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"ActivControl"="c:\program files\Activ Software\ActivDriver\ActivControl2.exe" [2010-06-10 1092896]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2013-05-07 15677728]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2013-05-07 223008]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2013-05-08 2562848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Clownfish"="c:\program files\Clownfish\Clownfish.exe"
"EPSON SX410 Series"=c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE /FU "c:\windows\TEMP\E_S136.tmp" /EF "HKCU"
"Boxoft Tools"="c:\documents and settings\All Users\Data aplikací\Boxtools\Boxofttoolbox.exe" -autorun
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\Haemimont Games\\Celtic Kings\\Celtic kings.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Valve\\Portal 2\\portal2.exe"=
"c:\\Program Files\\Eidos\\Batman Arkham Asylum\\Binaries\\ShippingPC-BmGame.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Counter-Strike 1.6\\csko.exe"=
"c:\\Program Files\\Black_Box\\FIFA 12\\Game\\fifa.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Counter-Strike 1.6\\hlds.exe"=
"c:\\HLDS\\hlds.exe"=
"c:\\HLDS\\hltv.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Stažené soubory\\winbox.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\RunLauncher.bat"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Steam\\steamapps\\marsty02\\source sdk base 2007\\hl2.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Counter-Strike 1.6\\hl.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Downloads\\hl2.exe"=
"c:\\Program Files\\Portal - Game\\hl2.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\umi.exe"=
"c:\\Program Files\\Pinnacle\\VideoSpin\\Programs\\VideoSpin.exe"=
"c:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1637\\Agent.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Gotham City Impostors F2P\\Impostors.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Gotham City Impostors F2P\\Engine.exe"=
"c:\\Documents and Settings\\uzivatel\\Dokumenty\\Downloads\\bulanci.exe"=
"c:\\Program Files\\Team17\\Worms Armageddon\\wa.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.1737\\Agent.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\WoW-3.2.0-enGB-downloader.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\wowpatch.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\BNUpdate.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\Launcher.exe"=
"c:\\Program Files\\Wowka\\wow\\WoW\\BackgroundDownloader.exe"=
"c:\\Program Files\\Wowka\\wow\\Kopie - WoW\\Launcher.exe"=
"c:\\Program Files\\Wowka\\wow\\Kopie - WoW\\Launcher.patch.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version8\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Alan Wake\\AlanWake.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Chess the Gathering\\CTG.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\old_chrome.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\Team Fortress 2\\hl2.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\dota 2 beta\\dota.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard Downloader
"57555:TCP"= 57555:TCP:Pando Media Booster
"57555:UDP"= 57555:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:*:Disabled:League of Legends Launcher
"8396:UDP"= 8396:UDP:*:Disabled:League of Legends Launcher
"6898:TCP"= 6898:TCP:*:Disabled:League of Legends Launcher
"6898:UDP"= 6898:UDP:*:Disabled:League of Legends Launcher
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [21.12.2011 14:47 21600]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [19.3.2012 18:32 242240]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9.4.2009 15:18 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9.4.2009 15:21 94360]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [30.10.2011 11:07 21992]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9.4.2009 15:19 731840]
R2 litsgt;litsgt;c:\windows\system32\drivers\litsgt.sys [30.10.2010 12:04 137344]
R2 PanService;PandoraService;c:\program files\PANDORA.TV\PanService\PandoraService.exe [14.6.2012 21:07 578264]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.5.2013 13:26 3289208]
R2 tansgt;tansgt;c:\windows\system32\drivers\tansgt.sys [30.10.2010 12:04 12032]
R2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [6.4.2013 19:49 3574624]
R3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [26.5.2010 16:20 74752]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\drivers\CamSuiteVAC.sys [9.4.2010 21:19 37560]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\drivers\vrtaucbl.sys [20.4.2012 20:52 84096]
R3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\drivers\activmouse.sys [26.5.2010 16:21 6144]
R3 Tetri5;Tetri5 driver;c:\windows\system32\drivers\Tetri5.sys [30.10.2010 12:20 53088]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [8.7.2009 10:32 1057024]
S1 aiptektp;Pen Pad;c:\windows\system32\drivers\aiptektp.sys [16.1.2011 11:12 22528]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [4.2.2012 21:58 100368]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [21.12.2011 14:47 27744]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [24.5.2013 21:33 23456]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [5.3.2012 18:18 135584]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [11.4.2012 21:52 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [11.4.2012 21:52 100736]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [6.4.2010 18:32 23048]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\drivers\mcvidrv.sys [11.1.2012 8:11 32000]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [22.2.2012 12:34 22400]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1.3.2013 3:48 36600]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [1.10.2010 13:21 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [1.10.2010 13:21 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [1.10.2010 13:21 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [1.10.2010 13:21 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [1.10.2010 13:21 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [1.10.2010 13:21 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [1.10.2010 13:21 123504]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbdriver.sys [21.3.2012 18:38 13824]
S3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\Razer\Razer Game Booster\Driver\WinRing0.sys [13.11.2012 21:53 14416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 22:06 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 13:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
IE: + Offline &Explorer: Download the link - file://c:\program files\Offline Explorer\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files\Offline Explorer\Add_AllO.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\office\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\translator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\translator\WEBIE.DLL
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://atlas.centrum.cz/
FF - ExtSQL: 2013-06-06 13:39; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: !HIDDEN! 2010-03-22 20:14; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-10 16:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{58CAF105-8841-E75D-5BD2-01EFB9C6B8AD}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:bd,89,6b,e5,44,7c,dd,d3,74,c7,31,59,1d,05,1d,af,c6,61,b6,a2,e5,ea,2c,
dc,fb,b8,ee,a8,57,81,5d,be,de,50,d2,a2,6f,11,d7,1b,04,41,41,a7,9d,d6,77,a3,\
"??"=hex:bb,b8,1f,05,77,67,b2,ab,a3,c8,21,ed,73,d1,d6,97
.
[HKEY_USERS\S-1-5-21-1993962763-1292428093-682003330-1003\Software\SecuROM\License information*]
"datasecu"=hex:87,af,f4,e6,0b,50,9b,84,8c,d9,19,78,03,69,5f,a7,3f,18,84,5b,d2,
15,97,2e,c9,91,c1,1d,cf,bd,33,5a,f4,55,09,07,4c,f2,a8,de,17,76,f2,eb,f8,fe,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1440)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2500)
c:\documents and settings\All Users\Data aplikací\ACTIV Software\ActivApplications\ActivFocusHook.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\program files\Activ Software\ActivDriver\activmgr.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Zune\ZuneBusEnum.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2013-06-10 16:23:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-06-10 14:23
ComboFix2.txt 2013-06-08 17:37
.
Před spuštěním: Volných bajtů: 130 497 515 520
Po spuštění: Volných bajtů: 130 339 221 504
.
- - End Of File - - 6BC127C8A788541AE8C7AFAD05944272
413FC2A0C716421B3158746D63736515

[ondrej01]

Nový log z HijackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:07, on 10.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Activ Software\ActivDriver\activmgr.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\Program Files\Zune\ZuneBusEnum.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\translator\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [BD4D3F19C0E2D913F2435A456B4DD0B5CC4EE466._service_run] "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-1993962763-1292428093-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer\Add_AllO.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\translator\WEBIE.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

--
End of file - 10787 bytes

[ondrej01]

Odkaz na virustotal na soubor system32/sfcfiles.dll:
https://www.virustotal.com/cs/file/a0d5 ... 370874409/

[ondrej01]

aswMBR log:
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-10 16:33:13
-----------------------------
16:33:13.937 OS Version: Windows 5.1.2600 Service Pack 3
16:33:13.937 Number of processors: 2 586 0x203
16:33:13.937 ComputerName: PC UserName:
16:33:16.234 Initialize success
16:33:40.437 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts2Port3Path0Target0Lun0
16:33:40.437 Disk 0 Vendor: STM35004 CC38 Size: 476940MB BusType: 3
16:33:44.640 Disk 0 MBR read successfully
16:33:44.640 Disk 0 MBR scan
16:33:44.640 Disk 0 Windows XP default MBR code
16:33:44.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476937 MB offset 63
16:33:44.656 Disk 0 scanning sectors +976768065
16:33:44.875 Disk 0 scanning C:\WINDOWS\system32\drivers
16:33:55.187 Service scanning
16:34:08.156 Modules scanning
16:34:12.890 Disk 0 trace - called modules:
16:34:12.906 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys SCSIPORT.SYS nvgts.sys
16:34:12.906 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a732030]
16:34:12.906 3 CLASSPNP.SYS[f74d7fd7] -> nt!IofCallDriver -> \Device\0000008e[0x8a776920]
16:34:12.906 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Scsi\nvgts2Port3Path0Target0Lun0[0x8a776a38]
16:34:12.906 Scan finished successfully
16:35:02.281 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\uzivatel\Plocha\MBR.dat"
16:35:02.281 The log file has been saved successfully to "C:\Documents and Settings\uzivatel\Plocha\aswMBR.txt"

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\windows\system32\userinit.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')

Co ty problémy?

[ondrej01]

Virustotal:
https://www.virustotal.com/cs/file/6e41 ... /analysis/

Jinak, už funguje Mobilizujeme.cz, nevím jestli to je díky tomuto... zive.cz ani ta dota-trade.com stále nic.

[jaro3]

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[ondrej01]

OTL log:
OTL logfile created on: 11.6.2013 18:31:10 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\uzivatel\Dokumenty\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,45 Gb Available Physical Memory | 72,43% Memory free
3,85 Gb Paging File | 3,10 Gb Available in Paging File | 80,68% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,76 Gb Total Space | 121,27 Gb Free Space | 26,04% Space Free | Partition Type: NTFS
Drive E: | 971,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 458,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 458,54 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: PC | User Name: uzivatel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\uzivatel\Dokumenty\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
PRC - c:\Program Files\Zune\ZuneBusEnum.exe (Microsoft Corporation)
PRC - C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
PRC - C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe (Promethean Technologies Group Ltd)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\atwtusb.exe ()
PRC - C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)


========== Modules (No Company Name) ==========

MOD - C:\Documents and Settings\All Users\Data aplikací\Activ Software\ActivApplications\ActivFocusHook.dll ()
MOD - C:\Program Files\Steam\bin\chromehtml.dll ()
MOD - C:\Program Files\Steam\SDL2.dll ()
MOD - C:\Program Files\Steam\bin\libcef.dll ()
MOD - C:\Program Files\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files\PANDORA.TV\PanService\avcodec-53.dll ()
MOD - C:\Program Files\PANDORA.TV\PanService\avformat-53.dll ()
MOD - C:\Program Files\PANDORA.TV\PanService\avutil-51.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\prmnst.dll ()
MOD - C:\WINDOWS\libactivboardex.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\QtNetwork4.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\QtXml4.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\QtGui4.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\QtCore4.dll ()
MOD - C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe ()
MOD - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
MOD - C:\WINDOWS\system32\atwtusb.exe ()
MOD - C:\Program Files\translator\WEBIE.DLL ()


========== Services (SafeList) ==========

SRV - (HidServ) -- %SystemRoot%\System32\hidserv.dll File not found
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (TeamViewer8) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (PanService) -- C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (Pandora.TV)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (ZuneBusEnum) -- c:\Program Files\Zune\ZuneBusEnum.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)


========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (BT) -- system32\DRIVERS\btnetdrv.sys File not found
DRV - (DrvAgent32) -- C:\WINDOWS\system32\drivers\DrvAgent32.sys (Phoenix Technologies)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (Riverbed Technology, Inc.)
DRV - (NVHDA) -- C:\WINDOWS\system32\drivers\nvhda32.sys (NVIDIA Corporation)
DRV - (WinRing0_1_2_0) -- C:\Program Files\Razer\Razer Game Booster\Driver\WinRing0.sys (OpenLibSys.org)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (EuMusDesignVirtualAudioCableWdm) -- C:\WINDOWS\system32\drivers\vrtaucbl.sys (Eugene V. Muzychenko)
DRV - (dtsoftbus01) -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (mcaudrv_simple) -- C:\WINDOWS\system32\drivers\mcaudrv.sys (ManyCam LLC)
DRV - (ManyCam) -- C:\WINDOWS\system32\drivers\mcvidrv.sys (ManyCam LLC)
DRV - (btnetBUs) -- C:\WINDOWS\system32\drivers\btnetBus.sys (IVT Corporation.)
DRV - (BtHidBus) -- C:\WINDOWS\system32\drivers\BtHidBus.sys (IVT Corporation.)
DRV - (AtiHDAudioService) -- C:\WINDOWS\system32\drivers\AtihdXP3.sys (Advanced Micro Devices)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (cpuz135) -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys (CPUID)
DRV - (litsgt) -- C:\WINDOWS\system32\drivers\litsgt.sys ()
DRV - (tansgt) -- C:\WINDOWS\system32\drivers\tansgt.sys ()
DRV - (Tetri5) -- C:\WINDOWS\system32\drivers\Tetri5.sys ()
DRV - (hwpsgt) -- C:\WINDOWS\system32\drivers\hwpsgt.sys ()
DRV - (lemsgt) -- C:\WINDOWS\system32\drivers\lemsgt.sys ()
DRV - (prmvmouse) -- C:\WINDOWS\system32\drivers\activmouse.sys (Promethean Technologies Ltd)
DRV - (ActivHidSerMini) -- C:\WINDOWS\system32\drivers\activhidsermini.sys (Promethean Technologies Ltd)
DRV - (IvtBtBUs) -- C:\WINDOWS\system32\drivers\IvtBtBus.sys (IVT Corporation.)
DRV - (s1039mdm) -- C:\WINDOWS\system32\drivers\s1039mdm.sys (MCCI Corporation)
DRV - (s1039unic) -- C:\WINDOWS\system32\drivers\s1039unic.sys (MCCI Corporation)
DRV - (s1039mgmt) -- C:\WINDOWS\system32\drivers\s1039mgmt.sys (MCCI Corporation)
DRV - (s1039obex) -- C:\WINDOWS\system32\drivers\s1039obex.sys (MCCI Corporation)
DRV - (s1039bus) -- C:\WINDOWS\system32\drivers\s1039bus.sys (MCCI Corporation)
DRV - (s1039nd5) -- C:\WINDOWS\system32\drivers\s1039nd5.sys (MCCI Corporation)
DRV - (s1039mdfl) -- C:\WINDOWS\system32\drivers\s1039mdfl.sys (MCCI Corporation)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (hwusbdev) -- C:\WINDOWS\system32\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV - (Huawei) -- C:\WINDOWS\system32\drivers\ewdcsc.sys (Huawei Tech. Co., Ltd.)
DRV - (tidnet) -- C:\WINDOWS\system32\drivers\tidnet.sys (Telefónica I+D)
DRV - (WinUSB) -- C:\WINDOWS\system32\drivers\winusb.sys (Microsoft Corporation)
DRV - (epfwtdir) -- C:\WINDOWS\system32\drivers\epfwtdir.sys (ESET)
DRV - (ehdrv) -- C:\WINDOWS\system32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\WINDOWS\system32\drivers\eamon.sys (ESET)
DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (VIAHdAudAddService) -- C:\WINDOWS\system32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (CamSuiteVAC) -- C:\WINDOWS\system32\drivers\CamSuiteVAC.sys ()
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvgts) -- C:\WINDOWS\system32\drivers\nvgts.sys (NVIDIA Corporation)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (nvnetbus) -- C:\WINDOWS\system32\drivers\nvnetbus.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\WINDOWS\system32\drivers\NVENETFD.sys (NVIDIA Corporation)
DRV - (monfilt) -- C:\WINDOWS\system32\drivers\monfilt.sys (Creative Technology Ltd.)
DRV - (PAC7302) -- C:\WINDOWS\system32\drivers\PAC7302.SYS (PixArt Imaging Inc.)
DRV - (mcdbus) -- C:\WINDOWS\system32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (AmdLLD) -- C:\WINDOWS\system32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (AmdPPM) -- C:\WINDOWS\system32\drivers\AmdPPM.sys (Advanced Micro Devices)
DRV - (sfvfs02) -- C:\WINDOWS\system32\drivers\sfvfs02.sys (Protection Technology (StarForce))
DRV - (sfsync02) -- C:\WINDOWS\system32\drivers\sfsync02.sys (Protection Technology)
DRV - (sfdrv01a) -- C:\WINDOWS\system32\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (sfhlp02) -- C:\WINDOWS\system32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (aiptektp) -- C:\WINDOWS\system32\drivers\aiptektp.sys (WALTOP International Corp.)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\screamingbdriver.sys (Screaming Bee LLC)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (irsir) -- C:\WINDOWS\system32\drivers\irsir.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://atlas.centrum.cz/"
FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.0.6
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010.03.22 21:14:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.05.29 14:27:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.06.06 21:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.29 17:08:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.05.08 16:34:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 2.0.0.22\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2013.01.29 17:08:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.07.08 11:00:53 | 000,000,000 | ---D | M]

[2013.03.28 15:32:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Extensions
[2013.05.26 11:45:54 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\extensions
[2012.08.23 20:13:02 | 000,000,000 | ---D | M] (Freecorder 6) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\extensions\{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC}
[2011.06.20 16:05:40 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.05.26 11:45:54 | 000,032,675 | ---- | M] () (No name found) -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi
[2012.02.02 22:51:30 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-10.xml
[2012.02.19 18:37:46 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-11.xml
[2012.03.15 20:11:08 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-12.xml
[2012.06.03 10:52:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-13.xml
[2012.06.23 16:54:14 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-14.xml
[2012.07.19 16:24:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-15.xml
[2011.08.17 09:43:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-4.xml
[2011.09.01 21:32:47 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-5.xml
[2011.09.08 15:50:24 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-6.xml
[2011.09.28 21:02:52 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-7.xml
[2011.11.10 19:55:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-8.xml
[2011.12.21 15:44:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\icqplugin-9.xml
[2010.04.09 20:17:36 | 000,002,061 | ---- | M] () -- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla\Firefox\Profiles\me171hem.default\searchplugins\qipsearch.xml
[2013.06.05 17:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.06.05 17:52:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.06.06 21:07:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.06.06 21:07:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.06.05 17:52:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.06.06 21:07:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\UZIVATEL\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\ME171HEM.DEFAULT\EXTENSIONS\YOUTUBEDOWNLOADER@PETEROLAYEV.COM.XPI
[2012.12.18 16:28:14 | 000,186,584 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2012.05.08 16:35:47 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.02 22:51:14 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\uzivatel\Local Settings\Data aplikac\u00ED\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: OnLive Game Client Detector (Enabled) = C:\Program Files\OnLive\Plugin\npolgdet.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Dokumenty Google = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Freecorder 6 = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\edhilgpnlmgniclikjhefmadegchepcg\2.1.9_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Documents and Settings\uzivatel\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013.06.10 16:19:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\translator\WEBIE.DLL ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O4 - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2.exe (Promethean Technologies Group Ltd)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [atwtusb] C:\WINDOWS\System32\atwtusb.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [BD4D3F19C0E2D913F2435A456B4DD0B5CC4EE466._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Advanced: ShowSuperHidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Advanced: Hidden = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\Advanced: DontPrettyPath = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer\Add_UrlO.htm File not found
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer\Add_AllO.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\translator\WEBIE.DLL ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\translator\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\translator\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\translator\WEBIE.DLL ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E9E09684-F795-4577-94F7-036A32A7C228}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - (WgaLogon.dll) - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.12.04 19:52:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2013.02.27 17:41:01 | 000,000,716 | ---- | M] () - C:\autoexec.cfg -- [ NTFS ]
O32 - AutoRun File - [2010.09.08 09:26:33 | 000,000,075 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012.04.24 19:22:52 | 000,000,041 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2012.04.24 19:22:52 | 000,000,041 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========