Prosím o kontrolu logu Vyřešeno

[Ruth33]

po spuštění počítače se mi automaticky nespustil NOD32 - objevila se chybová hláška něco jako Chyba v komunikaci s jádrem.nikdy se to nestalo tak nevím co delat.Zde log z hijackthis.Děkuji


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:30, on 23.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Windows\PLFSetI.exe
C:\Windows\PLFSetL.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Users\Martina\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\Martina\AppData\Local\Opera\Opera\temporary_downloads\hijackthis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=Ph ... dium=start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [BootRacer] "C:\Program Files\BootRacer\Bootrace.exe" /2
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BootRacerServ - Greatis Software (c) - C:\Program Files\BootRacer\BootRacerServ.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9826 bytes

[Reklama]

[Damned]

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Ruth33]

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2851
Windows 6.0.6002 Service Pack 2

23.9.2009 18:11:08
mbam-log-2009-09-23 (18-11-08).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 101636
Uplynulý čas: 12 minute(s), 53 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[Damned]

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[Ruth33]

ComboFix 09-09-22.03 - Martina 23.09.2009 21:50.2.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2038.1006 [GMT 2:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2009-08-23 do 2009-09-23 )))))))))))))))))))))))))))))))
.

2009-09-23 20:00 . 2009-09-23 20:00 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-23 20:00 . 2009-09-23 20:00 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-09-23 20:00 . 2009-09-23 20:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-23 20:00 . 2009-09-23 20:00 -------- d-----w- c:\users\ADMINI~1\AppData\Local\temp
2009-09-23 19:50 . 2009-09-23 19:50 -------- d-----w- c:\users\Martina\AppData\Local\ESET
2009-09-22 15:03 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-22 15:03 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-22 15:03 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-22 15:03 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-22 15:03 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-22 15:03 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-22 15:03 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-22 15:03 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-20 22:12 . 2009-09-20 22:12 -------- d-----w- c:\users\Martina\AppData\Local\Microsoft Corporation
2009-09-20 22:11 . 2009-09-20 22:11 -------- d-----w- c:\program files\ESET
2009-09-20 22:10 . 2009-09-20 22:10 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-09-20 22:08 . 2009-09-20 22:08 -------- d-----w- c:\program files\BootRacer
2009-09-20 20:25 . 2009-09-20 20:34 -------- d-----w- c:\users\Martina\AppData\Roaming\Nero
2009-09-20 20:16 . 2009-09-20 20:20 -------- d-----w- c:\program files\Nero
2009-09-20 20:15 . 2009-09-20 20:21 -------- d-----w- c:\program files\Common Files\Nero
2009-09-20 20:15 . 2009-09-20 20:20 -------- d-----w- c:\programdata\Nero
2009-09-18 00:37 . 2009-09-18 00:37 -------- d-----w- c:\users\Martina\AppData\Roaming\DiskAid
2009-09-18 00:37 . 2009-09-18 00:37 -------- d-----w- c:\program files\DigiDNA
2009-09-17 17:39 . 2009-09-17 17:39 -------- d-----w- c:\programdata\GameXzone
2009-09-17 17:23 . 2009-09-17 17:23 -------- d-----w- c:\programdata\Fenomen Games
2009-09-16 19:13 . 2009-09-16 19:21 -------- d-----w- c:\users\Martina\AppData\Roaming\MyHeritage
2009-09-16 19:13 . 2009-09-16 19:16 -------- d-----w- c:\programdata\MyHeritage
2009-09-16 19:12 . 2009-09-16 19:12 -------- d-----w- c:\program files\Family Toolbar
2009-09-16 19:12 . 2003-07-06 11:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2009-09-16 19:12 . 2002-03-06 22:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2009-09-16 19:12 . 2009-09-16 19:12 -------- d-----w- c:\users\Martina\AppData\Roaming\The Complete Genealogy Reporter - FTB
2009-09-16 19:10 . 2009-09-16 19:12 -------- d-----w- C:\MyHeritage
2009-09-13 00:15 . 2009-09-13 00:17 -------- d-----w- c:\users\Martina\AppData\Roaming\cosmo ball
2009-09-12 23:12 . 2009-09-12 23:12 -------- d-----w- c:\programdata\OrbGames
2009-09-12 22:28 . 2009-09-12 22:28 -------- d-----w- c:\users\Martina\AppData\Local\EleFun Games
2009-09-12 21:06 . 2009-09-12 21:06 -------- d-----w- c:\programdata\Lost Treasures Of El Dorado
2009-09-11 23:58 . 2009-09-21 22:36 -------- d-----w- c:\program files\GameTop.com
2009-09-11 23:50 . 2009-09-11 23:55 -------- d-----w- c:\users\Martina\AppData\Local\MediaMonkey
2009-09-11 23:50 . 2009-09-11 23:51 -------- d-----w- c:\program files\MediaMonkey
2009-09-11 23:40 . 2009-09-11 23:40 -------- d---a-w- c:\windows\VDLL.DLL
2009-09-11 23:40 . 2009-09-11 23:40 -------- d---a-w- c:\windows\system32\runouce.exe
2009-09-11 23:40 . 2009-09-11 23:40 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-09-11 23:40 . 2009-09-11 23:40 -------- d---a-w- c:\windows\logo_1.exe
2009-09-11 23:26 . 2009-09-11 23:26 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-09-11 23:26 . 2009-09-11 23:26 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-09-11 23:26 . 2009-09-11 23:26 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-09-11 23:26 . 2009-09-11 23:26 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-09-11 23:26 . 2009-09-11 23:26 -------- d-----w- c:\programdata\MicroWorld
2009-09-10 23:08 . 2009-09-10 23:08 -------- d-----w- c:\users\Martina\AppData\Local\Apple_Inc
2009-09-10 23:07 . 2009-09-10 23:07 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-10 22:16 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-10 22:16 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-10 22:15 . 2009-09-10 22:15 -------- d-----w- c:\program files\iPod
2009-09-10 22:14 . 2009-09-10 22:16 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-10 22:14 . 2009-09-10 22:16 -------- d-----w- c:\program files\iTunes
2009-09-10 22:09 . 2009-09-10 22:09 -------- d-----w- c:\program files\QuickTime
2009-09-10 20:58 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-10 04:22 . 2009-09-10 04:22 351248 ----a-w- c:\windows\system32\FTBSaver.scr
2009-09-06 19:27 . 2009-09-23 20:00 -------- d-----w- c:\users\Martina\AppData\Local\temp
2009-09-05 18:22 . 2009-09-05 18:22 -------- d-----w- c:\users\Martina\AppData\Roaming\dvdcss
2009-09-04 19:59 . 2009-09-23 19:40 -------- d-----w- c:\users\Martina\AppData\Roaming\Tor
2009-09-04 19:59 . 2009-09-23 15:59 -------- d-----w- c:\users\Martina\AppData\Roaming\Vidalia
2009-09-04 19:59 . 2009-09-04 19:59 -------- d-----w- c:\program files\Vidalia Bundle
2009-09-03 23:18 . 2009-09-03 23:18 -------- d-----w- c:\program files\Common Files\eSellerate
2009-09-03 22:11 . 2009-09-03 22:11 -------- d-----w- c:\program files\Atari
2009-09-03 20:42 . 2009-09-03 21:31 -------- d-----w- c:\program files\The KMPlayer
2009-09-03 20:26 . 2009-09-03 20:26 -------- d-----w- c:\program files\RocketDock
2009-09-02 22:18 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 22:18 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-31 23:47 . 2009-08-31 23:48 -------- d-----w- c:\windows\system32\Adobe
2009-08-31 19:31 . 2009-08-31 19:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-31 19:31 . 2009-08-31 19:31 -------- d-----w- c:\program files\Java
2009-08-31 19:15 . 2009-09-11 07:13 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-31 19:14 . 2009-08-31 19:25 -------- d-----w- c:\users\Martina\AppData\Roaming\VuzeStream
2009-08-30 22:54 . 2009-08-30 22:54 -------- d-----w- c:\users\Martina\AppData\Roaming\Malwarebytes
2009-08-30 22:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-30 22:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-30 22:54 . 2009-08-30 22:54 -------- d-----w- c:\programdata\Malwarebytes
2009-08-30 22:54 . 2009-09-23 15:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-30 22:35 . 2009-09-23 15:25 -------- d-----w- c:\program files\trend micro
2009-08-30 22:25 . 2009-08-30 22:25 -------- d-----w- c:\users\Martina\Option
2009-08-30 00:59 . 2009-08-30 00:59 -------- d-----w- c:\program files\7-Zip
2009-08-29 15:00 . 2009-08-29 15:00 -------- d-----w- c:\programdata\Azureus
2009-08-29 14:59 . 2009-09-20 22:27 -------- d-----w- c:\users\Martina\AppData\Roaming\Azureus
2009-08-29 14:59 . 2009-09-09 22:00 -------- d-----w- c:\program files\AskBarDis
2009-08-29 14:41 . 2009-08-30 00:57 -------- d-----w- c:\program files\Vuze
2009-08-29 14:41 . 2009-08-29 14:41 -------- d-----w- c:\program files\Common Files\i4j_jres
2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-26 01:01 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 01:00 . 2009-07-22 18:49 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-21 08:53 . 2008-05-19 18:17 -------- d-----w- c:\programdata\McAfee
2009-09-16 19:12 . 2009-07-13 23:33 -------- d-----w- c:\program files\Opera
2009-09-13 22:55 . 2009-08-24 08:04 -------- d-----w- c:\users\Martina\AppData\Roaming\Apple Computer
2009-09-13 00:33 . 2009-07-11 23:17 1356 ----a-w- c:\users\Martina\AppData\Local\d3d9caps.dat
2009-09-11 09:05 . 2008-05-20 04:12 653866 ----a-w- c:\windows\system32\perfh005.dat
2009-09-11 09:05 . 2008-05-20 04:12 135906 ----a-w- c:\windows\system32\perfc005.dat
2009-09-11 07:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-11 07:03 . 2008-05-19 18:21 -------- d-----w- c:\programdata\Microsoft Help
2009-09-11 06:55 . 2009-07-11 23:17 -------- d-----w- c:\program files\Google
2009-09-10 22:14 . 2009-08-24 07:57 -------- d-----w- c:\program files\Common Files\Apple
2009-09-05 20:13 . 2009-08-04 17:33 952 --sha-w- c:\programdata\KGyGaAvL.sys
2009-09-03 22:11 . 2008-05-19 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-29 14:50 . 2009-08-20 17:43 -------- d-----w- c:\users\Martina\AppData\Roaming\XnView
2009-08-29 12:30 . 2009-08-29 12:30 1 ----a-w- c:\windows\system32\SysDVDtovideo.dat
2009-08-29 12:30 . 2009-08-06 21:48 -------- d-----w- c:\users\Martina\AppData\Roaming\DivX
2009-08-29 12:30 . 2009-08-29 12:30 -------- d-----w- c:\program files\MyDVDTools
2009-08-28 23:28 . 2009-08-19 21:56 -------- d-----w- c:\program files\Resco
2009-08-26 07:42 . 2009-07-13 23:26 -------- d-----w- c:\users\Martina\AppData\Roaming\Winamp
2009-08-25 21:44 . 2009-08-24 07:57 -------- d-----w- c:\programdata\Apple
2009-08-25 21:43 . 2009-08-25 21:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-25 01:11 . 2008-05-19 18:35 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-24 08:50 . 2009-08-24 08:33 -------- d-----w- c:\users\Martina\AppData\Roaming\Any DVD Converter Professional
2009-08-24 08:34 . 2009-08-24 08:33 -------- d-----w- c:\program files\Any DVD Converter Professional
2009-08-24 08:04 . 2009-08-24 08:03 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-24 08:03 . 2009-08-24 08:01 -------- d-----w- c:\programdata\Apple Computer
2009-08-24 08:02 . 2009-08-24 08:02 -------- d-----w- c:\program files\Bonjour
2009-08-24 08:00 . 2009-08-24 08:00 -------- d-----w- c:\program files\Apple Software Update
2009-08-22 22:30 . 2009-08-22 22:30 -------- d-----w- c:\program files\Novomatic
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-20 17:40 . 2009-08-20 17:40 -------- d-----w- c:\program files\XnView
2009-08-19 21:56 . 2009-08-19 21:56 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-18 20:24 . 2009-08-18 20:24 -------- d-----w- c:\programdata\InterVideo
2009-08-15 20:03 . 2009-08-15 20:03 -------- d-----w- c:\users\Martina\AppData\Roaming\Ashampoo
2009-08-15 19:59 . 2009-07-21 18:28 -------- d-----w- c:\users\Martina\AppData\Roaming\PC Suite
2009-08-14 20:59 . 2009-08-14 20:59 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-14 20:59 . 2009-08-14 20:58 -------- d-----w- c:\program files\Common Files\Real
2009-08-14 20:58 . 2009-08-14 20:58 -------- d-----w- c:\program files\Real
2009-08-14 16:27 . 2009-09-10 21:00 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 21:00 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 21:00 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 21:00 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 21:00 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 21:00 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 21:00 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 21:00 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 21:00 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 21:00 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 21:00 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-06 22:54 . 2009-08-06 22:54 -------- d-----w- c:\programdata\ashampoo
2009-08-06 22:54 . 2009-07-31 23:41 -------- d-----w- c:\program files\Ashampoo
2009-08-06 21:49 . 2009-08-06 21:46 -------- d-----w- c:\program files\DivX
2009-08-06 21:49 . 2009-08-06 21:46 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-08-06 21:46 . 2009-08-06 21:46 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-08-04 17:34 . 2009-07-11 23:33 -------- d-----w- c:\programdata\Corel
2009-08-04 17:33 . 2009-08-04 17:33 -------- d-----w- c:\users\Martina\AppData\Roaming\InterVideo
2009-08-04 17:33 . 2009-08-04 17:33 -------- d-----w- c:\users\Martina\AppData\Roaming\Corel
2009-08-02 23:29 . 2009-08-02 22:01 -------- d-----w- c:\program files\Common Files\SPBA
2009-08-02 22:01 . 2009-08-02 22:01 -------- d-----w- c:\programdata\UIB
2009-08-02 22:00 . 2009-07-12 00:54 -------- d-----w- c:\programdata\Broadcom
2009-08-02 21:51 . 2009-07-11 23:38 -------- d-----w- c:\program files\eSobi
2009-07-31 23:28 . 2009-07-31 23:28 -------- d-----w- c:\program files\RealWorld Change Cursor
2009-07-31 12:47 . 2009-07-31 12:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-22 22:22 . 2009-07-22 22:22 100680 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-21 21:52 . 2009-07-29 19:31 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 19:31 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 19:31 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 19:31 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-14 09:07 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-14 09:06 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-14 09:07 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-14 09:07 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-14 09:06 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 17:18 . 2009-07-11 23:19 100680 ----a-w- c:\users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-13 23:33 . 2009-07-13 23:39 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-13 23:32 . 2009-07-13 23:33 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-07-12 08:47 . 2009-07-12 08:47 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-07-12 00:52 . 2007-08-20 10:34 204800 ----a-w- c:\windows\system32\igfxCoIn_v1318.dll
2009-07-12 00:52 . 2007-08-20 10:25 910720 ----a-w- c:\windows\system32\igmedkrn.dll
2009-07-12 00:52 . 2009-07-12 00:52 399896 ----a-w- c:\windows\system32\igxpun.exe
2009-07-12 00:52 . 2009-07-12 00:52 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-07-12 00:28 . 2009-07-12 00:34 17448 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2009-07-12 00:28 . 2009-07-12 00:34 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2009-07-12 00:28 . 2009-07-12 00:34 28464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-07-12 00:28 . 2009-07-12 00:34 99880 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2009-07-12 00:28 . 2009-07-12 00:34 81448 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2009-07-11 23:18 . 2009-07-11 23:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-11 23:18 . 2009-07-11 23:18 315392 ----a-w- c:\windows\HideWin.exe
2009-07-11 19:01 . 2009-09-10 21:00 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-07-11 19:01 . 2009-09-10 21:00 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-07-11 19:01 . 2009-09-10 21:00 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-07-11 19:01 . 2009-09-10 21:00 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-07-11 17:03 . 2009-09-10 21:00 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Vidalia"="c:\program files\Vidalia Bundle\Vidalia\vidalia.exe" [2009-07-12 5113430]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-13 520024]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"NokiaMusic FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-02 2327840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-14 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-31 149280]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-21 6144000]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"BootRacer"="c:\program files\BootRacer\Bootrace.exe" [2009-01-14 1548392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2009-7-12 535336]
Privoxy.lnk - c:\program files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):01,65,15,6f,c9,21,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2564349104-897431367-2084069007-1003]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5D84111C-57B7-4992-BC68-C666979917BF}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6884FF46-F981-4823-A7C4-D8CF794323D3}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{9DCB7025-EB4F-448F-BADB-EBBEDDAB0788}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{DF5A2A51-AD76-4E6D-B5B0-59CCB177AA5D}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{FFB997BD-3E9A-47F5-9D11-F5B4071EF6F7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{7DAE3262-5554-44BC-8305-EF735781FDE3}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{AE3E9577-FDF2-492E-8D8F-BD62125AFB8D}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"TCP Query User{04F65C2D-3374-4775-96DF-E1D4CE8822B7}c:\\program files\\novomatic\\multi-gaminator (22in1)\\game.exe"= UDP:c:\program files\novomatic\multi-gaminator (22in1)\game.exe:game
"UDP Query User{15DFC397-A4CB-49AF-B2D3-86F5BBB99ED7}c:\\program files\\novomatic\\multi-gaminator (22in1)\\game.exe"= TCP:c:\program files\novomatic\multi-gaminator (22in1)\game.exe:game
"{1F1FDA14-DCA7-4851-8D81-90B33DCB8A56}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{15E36493-D4A1-4172-9F1C-21CE29EA5C12}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{66995378-A328-4384-A991-8AFF5FC0B3FE}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{72A95DDB-ADBA-4819-BF80-858A9F83DED5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{0F293163-3C01-4664-9B5C-B86ADA951D58}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6E5FF3D8-FD52-496D-B280-3A022B80FD7D}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{160040C4-B836-404D-AA11-5BAF833EF70D}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{E8701DE9-E258-48F3-89EA-B68951546BA7}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{2ED1AAD7-429F-42E7-992E-C543DF085EF3}"= UDP:c:\users\Martina\AppData\Roaming\VuzeStream\VuzeStream.exe:Vuze Streaming Assistant
"{D0B71F49-F1A0-4A3B-BCB6-62C747ABA5C6}"= TCP:c:\users\Martina\AppData\Roaming\VuzeStream\VuzeStream.exe:Vuze Streaming Assistant
"TCP Query User{3E761DD9-BCC3-4D10-9A1B-EB878BD72A76}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{A2224724-97AC-446B-8C02-74DBCA89EE6D}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{629FE96C-6C8C-4F1C-8818-A9AA39127EA7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{35604A11-301A-45A2-BA17-6B546DBDC87E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{A5FD2E36-2353-4ECF-85CC-50B1FB996B51}c:\\program files\\gametop.com\\extreme racers\\extreme racers.exe"= UDP:c:\program files\gametop.com\extreme racers\extreme racers.exe:Cipher Game Engine
"UDP Query User{CD784A2A-11E9-4538-94A0-B7F0AF2590FC}c:\\program files\\gametop.com\\extreme racers\\extreme racers.exe"= TCP:c:\program files\gametop.com\extreme racers\extreme racers.exe:Cipher Game Engine
"TCP Query User{E99D8B63-574E-4A83-AAE0-8E0E32D67EE2}c:\\program files\\iphone tunnel suite\\bin\\itunnel.exe"= UDP:c:\program files\iphone tunnel suite\bin\itunnel.exe:iTunnel
"UDP Query User{AD6C34CE-650B-45AD-B96E-4C26151A99AA}c:\\program files\\iphone tunnel suite\\bin\\itunnel.exe"= TCP:c:\program files\iphone tunnel suite\bin\itunnel.exe:iTunnel
"TCP Query User{8205F240-E36E-4037-A463-F5B1C1387473}c:\\users\\martina\\appdata\\local\\opera\\opera\\temporary_downloads\\aircrack_ng_1.0\\aircrack-ng-1.0-rc1-win\\bin\\buddy-ng.exe"= UDP:c:\users\martina\appdata\local\opera\opera\temporary_downloads\aircrack_ng_1.0\aircrack-ng-1.0-rc1-win\bin\buddy-ng.exe:buddy-ng.exe
"UDP Query User{7957350E-64AE-4125-A797-09858125C3E3}c:\\users\\martina\\appdata\\local\\opera\\opera\\temporary_downloads\\aircrack_ng_1.0\\aircrack-ng-1.0-rc1-win\\bin\\buddy-ng.exe"= TCP:c:\users\martina\appdata\local\opera\opera\temporary_downloads\aircrack_ng_1.0\aircrack-ng-1.0-rc1-win\bin\buddy-ng.exe:buddy-ng.exe

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [14.7.2009 1:33 64160]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16.1.2008 10:26 30312]
R2 BootRacerServ;BootRacerServ;c:\program files\BootRacer\BootRacerServ.exe [14.1.2009 15:30 57088]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3.3.2008 13:11 16384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [14.5.2009 15:49 93312]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [19.5.2008 20:35 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [6.4.2008 22:42 50424]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.4.2007 20:09 11032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28.3.2008 13:44 210432]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4.4.2008 3:03 131072]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [12.7.2009 2:34 28464]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [1.8.2009 1:41 410976]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 MA8630C;MA8630C;c:\windows\System32\drivers\ma8630c.sys [21.7.2009 22:59 23248]
S3 MA8630M;MA8630M;c:\windows\System32\drivers\ma8630m.sys [21.7.2009 22:59 25428]
S3 MA8630U;MA8630U;c:\windows\System32\drivers\ma8630u.sys [21.7.2009 22:59 53586]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24.11.2008 22:31 29263712]
S3 TpChoice;Touch Pad Detection Filter driver;c:\windows\System32\drivers\TpChoice.sys [7.5.2008 8:39 17968]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - EHTTPSRV
*NewlyCreated* - EKRN

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-09-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.gametop.com/?utm_source=Ph ... dium=start
mStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\wpclsp.dll
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-23 22:00
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5468)
c:\windows\System32\SysHook.dll
.
Celkový čas: 2009-09-23 22:03
ComboFix-quarantined-files.txt 2009-09-23 20:03

Před spuštěním: Volných bajtů: 41 771 573 248
Po spuštění: Volných bajtů: 42 255 589 376

378 --- E O F --- 2009-09-22 15:03

[Damned]

Máš tam ještě McAfee?
Byl vyzkoušen reinstal NODa?

[Ruth33]

McAfee uz nemám a nod ted jede v pohodě kdyz jsem restartovala notas

[Damned]

Co jsem o tomto našel, tak tato chyba se někdy objeví, někdy ne. Spíše bych to asi řešil s podporou ESETu.
Odstraníme zbytečnosti a ten McAfee.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\system32\eEmpty.exe
c:\users\Martina\AppData\Local\d3d9caps.dat
c:\programdata\KGyGaAvL.sys

Folder::
c:\windows\system32\runouce.exe
c:\windows\RUNDL132.EXE
c:\windows\logo_1.exe
c:\windows\VDLL.DLL
c:\program files\AskBarDis
c:\programdata\McAfee

Driver::
KGyGaAvL

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000000




Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

[Ruth33]

ComboFix 09-09-23.02 - Martina 24.09.2009 19:06.3.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2038.903 [GMT 2:00]
Spuštěný z: c:\users\Martina\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martina\Desktop\CFScript.txt
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý


FILE ::
"c:\programdata\KGyGaAvL.sys"
"c:\users\Martina\AppData\Local\d3d9caps.dat"
"c:\windows\system32\eEmpty.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\programdata\KGyGaAvL.sys
c:\programdata\McAfee
c:\programdata\McAfee\MSC\Cache\McSubDB.Bak
c:\programdata\McAfee\MSC\mcini.ini
c:\programdata\McAfee\MSC\McSubDB.Dat
c:\users\Martina\AppData\Local\d3d9caps.dat
c:\windows\logo_1.exe
c:\windows\RUNDL132.EXE
c:\windows\system32\eEmpty.exe
c:\windows\system32\runouce.exe
c:\windows\VDLL.DLL

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-08-24 do 2009-09-24 )))))))))))))))))))))))))))))))
.

2009-09-24 17:20 . 2009-09-24 17:20 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-09-24 17:20 . 2009-09-24 17:20 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-09-24 17:20 . 2009-09-24 17:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-09-24 17:20 . 2009-09-24 17:20 -------- d-----w- c:\users\ADMINI~1\AppData\Local\temp
2009-09-23 19:50 . 2009-09-23 19:50 -------- d-----w- c:\users\Martina\AppData\Local\ESET
2009-09-22 15:03 . 2009-06-15 14:53 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-22 15:03 . 2009-06-15 14:52 499712 ----a-w- c:\windows\system32\kerberos.dll
2009-09-22 15:03 . 2009-06-15 14:54 175104 ----a-w- c:\windows\system32\wdigest.dll
2009-09-22 15:03 . 2009-06-15 14:53 270848 ----a-w- c:\windows\system32\schannel.dll
2009-09-22 15:03 . 2009-06-15 23:15 439864 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-09-22 15:03 . 2009-06-15 14:53 72704 ----a-w- c:\windows\system32\secur32.dll
2009-09-22 15:03 . 2009-06-15 14:52 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2009-09-22 15:03 . 2009-06-15 12:48 9728 ----a-w- c:\windows\system32\lsass.exe
2009-09-20 22:12 . 2009-09-20 22:12 -------- d-----w- c:\users\Martina\AppData\Local\Microsoft Corporation
2009-09-20 22:11 . 2009-09-20 22:11 -------- d-----w- c:\program files\ESET
2009-09-20 22:10 . 2009-09-20 22:10 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-09-20 22:08 . 2009-09-20 22:08 -------- d-----w- c:\program files\BootRacer
2009-09-20 20:25 . 2009-09-20 20:34 -------- d-----w- c:\users\Martina\AppData\Roaming\Nero
2009-09-20 20:16 . 2009-09-20 20:20 -------- d-----w- c:\program files\Nero
2009-09-20 20:15 . 2009-09-20 20:21 -------- d-----w- c:\program files\Common Files\Nero
2009-09-20 20:15 . 2009-09-20 20:20 -------- d-----w- c:\programdata\Nero
2009-09-18 00:37 . 2009-09-18 00:37 -------- d-----w- c:\users\Martina\AppData\Roaming\DiskAid
2009-09-18 00:37 . 2009-09-18 00:37 -------- d-----w- c:\program files\DigiDNA
2009-09-17 17:39 . 2009-09-17 17:39 -------- d-----w- c:\programdata\GameXzone
2009-09-17 17:23 . 2009-09-17 17:23 -------- d-----w- c:\programdata\Fenomen Games
2009-09-16 19:13 . 2009-09-16 19:21 -------- d-----w- c:\users\Martina\AppData\Roaming\MyHeritage
2009-09-16 19:13 . 2009-09-16 19:16 -------- d-----w- c:\programdata\MyHeritage
2009-09-16 19:12 . 2009-09-16 19:12 -------- d-----w- c:\program files\Family Toolbar
2009-09-16 19:12 . 2003-07-06 11:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2009-09-16 19:12 . 2002-03-06 22:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2009-09-16 19:12 . 2009-09-16 19:12 -------- d-----w- c:\users\Martina\AppData\Roaming\The Complete Genealogy Reporter - FTB
2009-09-16 19:10 . 2009-09-16 19:12 -------- d-----w- C:\MyHeritage
2009-09-13 00:15 . 2009-09-13 00:17 -------- d-----w- c:\users\Martina\AppData\Roaming\cosmo ball
2009-09-12 23:12 . 2009-09-12 23:12 -------- d-----w- c:\programdata\OrbGames
2009-09-12 22:28 . 2009-09-12 22:28 -------- d-----w- c:\users\Martina\AppData\Local\EleFun Games
2009-09-12 21:06 . 2009-09-12 21:06 -------- d-----w- c:\programdata\Lost Treasures Of El Dorado
2009-09-11 23:58 . 2009-09-21 22:36 -------- d-----w- c:\program files\GameTop.com
2009-09-11 23:50 . 2009-09-11 23:55 -------- d-----w- c:\users\Martina\AppData\Local\MediaMonkey
2009-09-11 23:50 . 2009-09-11 23:51 -------- d-----w- c:\program files\MediaMonkey
2009-09-11 23:26 . 2009-09-11 23:26 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-09-11 23:26 . 2009-09-11 23:26 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-09-11 23:26 . 2009-09-11 23:26 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-09-11 23:26 . 2009-09-11 23:26 -------- d-----w- c:\programdata\MicroWorld
2009-09-10 23:08 . 2009-09-10 23:08 -------- d-----w- c:\users\Martina\AppData\Local\Apple_Inc
2009-09-10 23:07 . 2009-09-10 23:07 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-10 22:16 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-10 22:16 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-10 22:15 . 2009-09-10 22:15 -------- d-----w- c:\program files\iPod
2009-09-10 22:14 . 2009-09-10 22:16 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-10 22:14 . 2009-09-10 22:16 -------- d-----w- c:\program files\iTunes
2009-09-10 22:09 . 2009-09-10 22:09 -------- d-----w- c:\program files\QuickTime
2009-09-10 20:58 . 2009-06-10 11:41 2868224 ----a-w- c:\windows\system32\mf.dll
2009-09-10 04:22 . 2009-09-10 04:22 351248 ----a-w- c:\windows\system32\FTBSaver.scr
2009-09-06 19:27 . 2009-09-24 17:20 -------- d-----w- c:\users\Martina\AppData\Local\temp
2009-09-05 18:22 . 2009-09-05 18:22 -------- d-----w- c:\users\Martina\AppData\Roaming\dvdcss
2009-09-04 19:59 . 2009-09-24 17:04 -------- d-----w- c:\users\Martina\AppData\Roaming\Tor
2009-09-04 19:59 . 2009-09-23 15:59 -------- d-----w- c:\users\Martina\AppData\Roaming\Vidalia
2009-09-04 19:59 . 2009-09-04 19:59 -------- d-----w- c:\program files\Vidalia Bundle
2009-09-03 23:18 . 2009-09-03 23:18 -------- d-----w- c:\program files\Common Files\eSellerate
2009-09-03 22:11 . 2009-09-03 22:11 -------- d-----w- c:\program files\Atari
2009-09-03 20:42 . 2009-09-03 21:31 -------- d-----w- c:\program files\The KMPlayer
2009-09-03 20:26 . 2009-09-03 20:26 -------- d-----w- c:\program files\RocketDock
2009-09-02 22:18 . 2009-08-29 00:14 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-09-02 22:18 . 2009-08-29 00:27 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-31 23:47 . 2009-08-31 23:48 -------- d-----w- c:\windows\system32\Adobe
2009-08-31 19:31 . 2009-08-31 19:31 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-31 19:31 . 2009-08-31 19:31 -------- d-----w- c:\program files\Java
2009-08-31 19:15 . 2009-09-11 07:13 -------- d-----w- c:\program files\Microsoft Silverlight
2009-08-31 19:14 . 2009-08-31 19:25 -------- d-----w- c:\users\Martina\AppData\Roaming\VuzeStream
2009-08-30 22:54 . 2009-08-30 22:54 -------- d-----w- c:\users\Martina\AppData\Roaming\Malwarebytes
2009-08-30 22:54 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-30 22:54 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-30 22:54 . 2009-08-30 22:54 -------- d-----w- c:\programdata\Malwarebytes
2009-08-30 22:54 . 2009-09-23 15:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-30 22:35 . 2009-09-23 15:25 -------- d-----w- c:\program files\trend micro
2009-08-30 22:25 . 2009-08-30 22:25 -------- d-----w- c:\users\Martina\Option
2009-08-30 00:59 . 2009-08-30 00:59 -------- d-----w- c:\program files\7-Zip
2009-08-29 15:00 . 2009-08-29 15:00 -------- d-----w- c:\programdata\Azureus
2009-08-29 14:59 . 2009-09-20 22:27 -------- d-----w- c:\users\Martina\AppData\Roaming\Azureus
2009-08-29 14:41 . 2009-08-30 00:57 -------- d-----w- c:\program files\Vuze
2009-08-29 14:41 . 2009-08-29 14:41 -------- d-----w- c:\program files\Common Files\i4j_jres
2009-08-28 17:42 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 17:42 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-26 01:01 . 2009-06-22 10:09 2048 ----a-w- c:\windows\system32\tzres.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-23 21:18 . 2009-07-22 18:49 12 ----a-w- c:\windows\bthservsdp.dat
2009-09-16 19:12 . 2009-07-13 23:33 -------- d-----w- c:\program files\Opera
2009-09-13 22:55 . 2009-08-24 08:04 -------- d-----w- c:\users\Martina\AppData\Roaming\Apple Computer
2009-09-11 09:05 . 2008-05-20 04:12 653866 ----a-w- c:\windows\system32\perfh005.dat
2009-09-11 09:05 . 2008-05-20 04:12 135906 ----a-w- c:\windows\system32\perfc005.dat
2009-09-11 07:04 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-11 07:03 . 2008-05-19 18:21 -------- d-----w- c:\programdata\Microsoft Help
2009-09-11 06:55 . 2009-07-11 23:17 -------- d-----w- c:\program files\Google
2009-09-10 22:14 . 2009-08-24 07:57 -------- d-----w- c:\program files\Common Files\Apple
2009-09-03 22:11 . 2008-05-19 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-29 14:50 . 2009-08-20 17:43 -------- d-----w- c:\users\Martina\AppData\Roaming\XnView
2009-08-29 12:30 . 2009-08-29 12:30 1 ----a-w- c:\windows\system32\SysDVDtovideo.dat
2009-08-29 12:30 . 2009-08-06 21:48 -------- d-----w- c:\users\Martina\AppData\Roaming\DivX
2009-08-29 12:30 . 2009-08-29 12:30 -------- d-----w- c:\program files\MyDVDTools
2009-08-28 23:28 . 2009-08-19 21:56 -------- d-----w- c:\program files\Resco
2009-08-26 07:42 . 2009-07-13 23:26 -------- d-----w- c:\users\Martina\AppData\Roaming\Winamp
2009-08-25 21:44 . 2009-08-24 07:57 -------- d-----w- c:\programdata\Apple
2009-08-25 21:43 . 2009-08-25 21:43 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-08-25 01:11 . 2008-05-19 18:35 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-24 08:50 . 2009-08-24 08:33 -------- d-----w- c:\users\Martina\AppData\Roaming\Any DVD Converter Professional
2009-08-24 08:34 . 2009-08-24 08:33 -------- d-----w- c:\program files\Any DVD Converter Professional
2009-08-24 08:04 . 2009-08-24 08:03 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-08-24 08:03 . 2009-08-24 08:01 -------- d-----w- c:\programdata\Apple Computer
2009-08-24 08:02 . 2009-08-24 08:02 -------- d-----w- c:\program files\Bonjour
2009-08-24 08:00 . 2009-08-24 08:00 -------- d-----w- c:\program files\Apple Software Update
2009-08-22 22:30 . 2009-08-22 22:30 -------- d-----w- c:\program files\Novomatic
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-08-20 18:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-08-20 17:40 . 2009-08-20 17:40 -------- d-----w- c:\program files\XnView
2009-08-19 21:56 . 2009-08-19 21:56 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-08-18 20:24 . 2009-08-18 20:24 -------- d-----w- c:\programdata\InterVideo
2009-08-15 20:03 . 2009-08-15 20:03 -------- d-----w- c:\users\Martina\AppData\Roaming\Ashampoo
2009-08-15 19:59 . 2009-07-21 18:28 -------- d-----w- c:\users\Martina\AppData\Roaming\PC Suite
2009-08-14 20:59 . 2009-08-14 20:59 -------- d-----w- c:\program files\Common Files\xing shared
2009-08-14 20:59 . 2009-08-14 20:58 -------- d-----w- c:\program files\Common Files\Real
2009-08-14 20:58 . 2009-08-14 20:58 -------- d-----w- c:\program files\Real
2009-08-14 16:27 . 2009-09-10 21:00 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-10 21:00 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-10 21:00 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-10 21:00 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-10 21:00 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-10 21:00 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-10 21:00 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-10 21:00 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-10 21:00 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-10 21:00 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-10 21:00 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-06 22:54 . 2009-08-06 22:54 -------- d-----w- c:\programdata\ashampoo
2009-08-06 22:54 . 2009-07-31 23:41 -------- d-----w- c:\program files\Ashampoo
2009-08-06 21:49 . 2009-08-06 21:46 -------- d-----w- c:\program files\DivX
2009-08-06 21:49 . 2009-08-06 21:46 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-08-06 21:46 . 2009-08-06 21:46 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-08-04 17:34 . 2009-07-11 23:33 -------- d-----w- c:\programdata\Corel
2009-08-04 17:33 . 2009-08-04 17:33 -------- d-----w- c:\users\Martina\AppData\Roaming\InterVideo
2009-08-04 17:33 . 2009-08-04 17:33 -------- d-----w- c:\users\Martina\AppData\Roaming\Corel
2009-08-02 23:29 . 2009-08-02 22:01 -------- d-----w- c:\program files\Common Files\SPBA
2009-08-02 22:01 . 2009-08-02 22:01 -------- d-----w- c:\programdata\UIB
2009-08-02 22:00 . 2009-07-12 00:54 -------- d-----w- c:\programdata\Broadcom
2009-08-02 21:51 . 2009-07-11 23:38 -------- d-----w- c:\program files\eSobi
2009-07-31 23:28 . 2009-07-31 23:28 -------- d-----w- c:\program files\RealWorld Change Cursor
2009-07-31 12:47 . 2009-07-31 12:47 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-22 22:22 . 2009-07-22 22:22 100680 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-21 21:52 . 2009-07-29 19:31 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 19:31 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 19:31 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 19:31 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 13:54 . 2009-08-14 09:07 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-15 12:40 . 2009-08-14 09:06 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-07-15 12:39 . 2009-08-14 09:07 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-15 12:39 . 2009-08-14 09:07 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-15 12:39 . 2009-08-14 09:06 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 17:18 . 2009-07-11 23:19 100680 ----a-w- c:\users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-13 23:33 . 2009-07-13 23:39 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-13 23:32 . 2009-07-13 23:33 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-07-12 08:47 . 2009-07-12 08:47 6656 ----a-w- c:\windows\system32\kbd106n.dll
2009-07-12 00:52 . 2007-08-20 10:34 204800 ----a-w- c:\windows\system32\igfxCoIn_v1318.dll
2009-07-12 00:52 . 2007-08-20 10:25 910720 ----a-w- c:\windows\system32\igmedkrn.dll
2009-07-12 00:52 . 2009-07-12 00:52 399896 ----a-w- c:\windows\system32\igxpun.exe
2009-07-12 00:52 . 2009-07-12 00:52 319456 ----a-w- c:\windows\system32\difxapi.dll
2009-07-12 00:28 . 2009-07-12 00:34 17448 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2009-07-12 00:28 . 2009-07-12 00:34 233472 ----a-w- c:\windows\system32\BtwRSupport.dll
2009-07-12 00:28 . 2009-07-12 00:34 28464 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-07-12 00:28 . 2009-07-12 00:34 99880 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2009-07-12 00:28 . 2009-07-12 00:34 81448 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2009-07-11 23:18 . 2009-07-11 23:18 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-07-11 23:18 . 2009-07-11 23:18 315392 ----a-w- c:\windows\HideWin.exe
2009-07-11 19:01 . 2009-09-10 21:00 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-07-11 19:01 . 2009-09-10 21:00 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-07-11 19:01 . 2009-09-10 21:00 513536 ----a-w- c:\windows\system32\wlansvc.dll
2009-07-11 19:01 . 2009-09-10 21:00 65024 ----a-w- c:\windows\system32\wlanapi.dll
2009-07-11 17:03 . 2009-09-10 21:00 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-09-23_20.00.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-09-24 16:53 58122 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-09-24 16:53 86948 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-11 23:08 . 2009-09-24 16:59 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-11 23:08 . 2009-09-23 15:58 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-11 23:08 . 2009-09-23 15:58 98304 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-11 23:08 . 2009-09-24 16:59 98304 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-11 23:08 . 2009-09-24 16:59 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-11 23:08 . 2009-09-23 15:58 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-11 23:19 . 2009-09-23 20:12 8280 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2564349104-897431367-2084069007-1003_UserData.bin
+ 2009-09-24 16:50 . 2009-09-24 16:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-09-23 01:02 . 2009-09-23 01:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-09-24 16:50 . 2009-09-24 16:50 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-09-23 01:02 . 2009-09-23 01:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-06-25 1414144]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Vidalia"="c:\program files\Vidalia Bundle\Vidalia\vidalia.exe" [2009-07-12 5113430]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"PLFSetL"="c:\windows\PLFSetL.exe" [2007-07-05 94208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-07-13 520024]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"NokiaMusic FastStart"="c:\program files\Nokia\Nokia Music\NokiaMusic.exe" [2009-07-02 2327840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-08-14 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-31 149280]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-08 305440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-05-21 6144000]
"Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-11-21 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
"BootRacer"="c:\program files\BootRacer\Bootrace.exe" [2009-01-14 1548392]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe [2009-7-12 535336]
Privoxy.lnk - c:\program files\Vidalia Bundle\Privoxy\privoxy.exe [2006-11-20 250368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 13:24 567560 ----a-w- c:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):01,65,15,6f,c9,21,ca,01

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2564349104-897431367-2084069007-1003]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5D84111C-57B7-4992-BC68-C666979917BF}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{6884FF46-F981-4823-A7C4-D8CF794323D3}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{9DCB7025-EB4F-448F-BADB-EBBEDDAB0788}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{DF5A2A51-AD76-4E6D-B5B0-59CCB177AA5D}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{FFB997BD-3E9A-47F5-9D11-F5B4071EF6F7}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{7DAE3262-5554-44BC-8305-EF735781FDE3}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{AE3E9577-FDF2-492E-8D8F-BD62125AFB8D}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"TCP Query User{04F65C2D-3374-4775-96DF-E1D4CE8822B7}c:\\program files\\novomatic\\multi-gaminator (22in1)\\game.exe"= UDP:c:\program files\novomatic\multi-gaminator (22in1)\game.exe:game
"UDP Query User{15DFC397-A4CB-49AF-B2D3-86F5BBB99ED7}c:\\program files\\novomatic\\multi-gaminator (22in1)\\game.exe"= TCP:c:\program files\novomatic\multi-gaminator (22in1)\game.exe:game
"{1F1FDA14-DCA7-4851-8D81-90B33DCB8A56}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{15E36493-D4A1-4172-9F1C-21CE29EA5C12}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{66995378-A328-4384-A991-8AFF5FC0B3FE}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{72A95DDB-ADBA-4819-BF80-858A9F83DED5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{0F293163-3C01-4664-9B5C-B86ADA951D58}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{6E5FF3D8-FD52-496D-B280-3A022B80FD7D}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{160040C4-B836-404D-AA11-5BAF833EF70D}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{E8701DE9-E258-48F3-89EA-B68951546BA7}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"{2ED1AAD7-429F-42E7-992E-C543DF085EF3}"= UDP:c:\users\Martina\AppData\Roaming\VuzeStream\VuzeStream.exe:Vuze Streaming Assistant
"{D0B71F49-F1A0-4A3B-BCB6-62C747ABA5C6}"= TCP:c:\users\Martina\AppData\Roaming\VuzeStream\VuzeStream.exe:Vuze Streaming Assistant
"TCP Query User{3E761DD9-BCC3-4D10-9A1B-EB878BD72A76}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser
"UDP Query User{A2224724-97AC-446B-8C02-74DBCA89EE6D}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser
"{629FE96C-6C8C-4F1C-8818-A9AA39127EA7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{35604A11-301A-45A2-BA17-6B546DBDC87E}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{A5FD2E36-2353-4ECF-85CC-50B1FB996B51}c:\\program files\\gametop.com\\extreme racers\\extreme racers.exe"= UDP:c:\program files\gametop.com\extreme racers\extreme racers.exe:Cipher Game Engine
"UDP Query User{CD784A2A-11E9-4538-94A0-B7F0AF2590FC}c:\\program files\\gametop.com\\extreme racers\\extreme racers.exe"= TCP:c:\program files\gametop.com\extreme racers\extreme racers.exe:Cipher Game Engine
"TCP Query User{E99D8B63-574E-4A83-AAE0-8E0E32D67EE2}c:\\program files\\iphone tunnel suite\\bin\\itunnel.exe"= UDP:c:\program files\iphone tunnel suite\bin\itunnel.exe:iTunnel
"UDP Query User{AD6C34CE-650B-45AD-B96E-4C26151A99AA}c:\\program files\\iphone tunnel suite\\bin\\itunnel.exe"= TCP:c:\program files\iphone tunnel suite\bin\itunnel.exe:iTunnel
"TCP Query User{8205F240-E36E-4037-A463-F5B1C1387473}c:\\users\\martina\\appdata\\local\\opera\\opera\\temporary_downloads\\aircrack_ng_1.0\\aircrack-ng-1.0-rc1-win\\bin\\buddy-ng.exe"= UDP:c:\users\martina\appdata\local\opera\opera\temporary_downloads\aircrack_ng_1.0\aircrack-ng-1.0-rc1-win\bin\buddy-ng.exe:buddy-ng.exe
"UDP Query User{7957350E-64AE-4125-A797-09858125C3E3}c:\\users\\martina\\appdata\\local\\opera\\opera\\temporary_downloads\\aircrack_ng_1.0\\aircrack-ng-1.0-rc1-win\\bin\\buddy-ng.exe"= TCP:c:\users\martina\appdata\local\opera\opera\temporary_downloads\aircrack_ng_1.0\aircrack-ng-1.0-rc1-win\bin\buddy-ng.exe:buddy-ng.exe

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [14.7.2009 1:33 64160]
R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager;c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [16.1.2008 10:26 30312]
R2 BootRacerServ;BootRacerServ;c:\program files\BootRacer\BootRacerServ.exe [14.1.2009 15:30 57088]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3.3.2008 13:11 16384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [14.5.2009 15:49 93312]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [19.5.2008 20:35 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [6.4.2008 22:42 50424]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.4.2007 20:09 11032]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28.3.2008 13:44 210432]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4.4.2008 3:03 131072]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [12.7.2009 2:34 28464]
S3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 6\DfSdkS.exe [1.8.2009 1:41 410976]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S3 MA8630C;MA8630C;c:\windows\System32\drivers\ma8630c.sys [21.7.2009 22:59 23248]
S3 MA8630M;MA8630M;c:\windows\System32\drivers\ma8630m.sys [21.7.2009 22:59 25428]
S3 MA8630U;MA8630U;c:\windows\System32\drivers\ma8630u.sys [21.7.2009 22:59 53586]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24.11.2008 22:31 29263712]
S3 TpChoice;Touch Pad Detection Filter driver;c:\windows\System32\drivers\TpChoice.sys [7.5.2008 8:39 17968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-09-14 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 23:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.gametop.com/?utm_source=Ph ... dium=start
mStart Page = hxxp://search.myheritage.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\wpclsp.dll
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-24 19:20
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\windows\TEMP\TMP00000020749D67003894D685 524288 bytes executable

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2009-09-24 19:23
ComboFix-quarantined-files.txt 2009-09-24 17:23
ComboFix2.txt 2009-09-23 20:03

Před spuštěním: Volných bajtů: 42 304 729 088
Po spuštění: Volných bajtů: 42 271 395 840



398 --- E O F --- 2009-09-24 17:00
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:48, on 24.9.2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Windows\PLFSetI.exe
C:\Windows\PLFSetL.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\system32\igfxext.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Users\Martina\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\PC Connectivity Solution\Transports\NclIrSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.gametop.com/?utm_source=Ph ... dium=start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKLM\..\Policies\Explorer\Run: [BootRacer] "C:\Program Files\BootRacer\Bootrace.exe" /2
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O20 - Winlogon Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BootRacerServ - Greatis Software (c) - C:\Program Files\BootRacer\BootRacerServ.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9768 bytes

[Damned]

Jak se chová NOD?

[Ruth33]

NOD se chová normalne .Tohle jsem skopírovala z karanteny nevím jestli se to má smazat nebo co s tím.Jinak pc je v pořádku.

24.9.2009 19:06:39 Rezidentní ochrana soubor C:\Users\Martina\AppData\Local\Temp\Av-test.txt Eicar testovací soubor vyléčen smazáním - uložen do karantény Martina-PC\Martina Tato skutečnost byla zjištěna na nově vytvořeném souboru aplikací: C:\Windows\System32\CF26997.exe.
23.9.2009 21:50:34 Rezidentní ochrana soubor C:\Users\Martina\AppData\Local\Temp\Av-test.txt Eicar testovací soubor vyléčen smazáním - uložen do karantény Martina-PC\Martina Tato skutečnost byla zjištěna na nově vytvořeném souboru aplikací: C:\Windows\System32\CF26330.exe.
23.9.2009 18:08:46 Rezidentní ochrana soubor C:\Users\Martina\AppData\Local\temp\NERO1004997\unit_app_75\Toolbar.exe Win32/Toolbar.AskSBar potenciálně nechtěná aplikace nelze léčit NT AUTHORITY\SYSTEM Tato skutečnost byla zjištěna při pokusu o přístup k souboru aplikací: C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe.

[Damned]

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

(pozn.Pokud máš AVG, avast! nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, avast! i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG,avast!, Aviru.)


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.

ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Karanténu NODu smaž
Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.