Zpomalení internetu

Zpráva

zonik · #1 Příspěvek od **zonik** » 31 srp 2013 10:25

Už více jak dva týdny mám problémy s internetem. Některé stránky se nenačtou vůbec, některé hrozně pomalu, vyhledávače ale fungují normálně.

Děkuju za případnou radu

zonik · #2 Příspěvek od **zonik** » 31 srp 2013 10:33

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2013-08-31 11:29:09
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 76 GB (27%) free of 285 GB
Total RAM: 2045 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:15, on 31.8.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16502)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Martin\Dokumenty\Plocha\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\GoogleEULA\EULALauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [icq] C:\Users\Martin\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca00a16af0aeac) (gupdate1ca00a16af0aeac) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 8497 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\RealUpgradeLogonTaskS-1-5-21-2126688981-4244795158-810744998-1000.job
C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, vk@sergeykolosov.mp:0.3.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\extensions\
maps@ovi.com

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\
freeonlineradioplayerrecorder-v1-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-06-29 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-07 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-06-29 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"toolbar_eula_launcher"=C:\Program Files\GoogleEULA\EULALauncher.exe [2007-02-09 16896]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-06 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-06 8530464]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-06 81920]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2013-05-09 4858968]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2013-08-04 2532352]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-12-05 3093624]
"icq"=C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [2013-07-30 28698984]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\prwntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"msacm.sl_anet"=sl_anet.acm
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.lags"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-08-31 11:29:09 ----DC---- C:\rsit
2013-08-29 14:11:59 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-08-17 11:16:35 ----DC---- C:\Program Files\Mozilla Firefox
2013-08-15 22:26:05 ----D---- C:\Users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2013-08-15 22:26:04 ----D---- C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-08-15 22:06:44 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-08-15 22:02:11 ----DC---- C:\Program Files\Adobe Media Player
2013-08-14 16:36:53 ----A---- C:\Windows\system32\mshtmled.dll
2013-08-14 16:36:52 ----A---- C:\Windows\system32\vbscript.dll
2013-08-14 16:36:52 ----A---- C:\Windows\system32\ieui.dll
2013-08-14 16:36:51 ----A---- C:\Windows\system32\wininet.dll
2013-08-14 16:36:51 ----A---- C:\Windows\system32\msfeeds.dll
2013-08-14 16:36:51 ----A---- C:\Windows\system32\jsproxy.dll
2013-08-14 16:36:51 ----A---- C:\Windows\system32\ieUnatt.exe
2013-08-14 16:36:50 ----A---- C:\Windows\system32\jscript.dll
2013-08-14 16:36:49 ----A---- C:\Windows\system32\url.dll
2013-08-14 16:36:49 ----A---- C:\Windows\system32\jscript9.dll
2013-08-14 16:36:49 ----A---- C:\Windows\system32\iertutil.dll
2013-08-14 16:36:48 ----A---- C:\Windows\system32\urlmon.dll
2013-08-14 16:36:47 ----A---- C:\Windows\system32\ieframe.dll
2013-08-14 16:36:46 ----A---- C:\Windows\system32\mshtml.dll
2013-08-14 10:56:12 ----A---- C:\Windows\system32\icaapi.dll
2013-08-14 10:56:12 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-08-14 10:56:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-08-14 10:55:59 ----A---- C:\Windows\system32\tzres.dll
2013-08-14 10:55:55 ----A---- C:\Windows\system32\rpcrt4.dll
2013-08-14 10:55:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-08-14 10:55:52 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-08-14 10:55:51 ----A---- C:\Windows\system32\ntdll.dll
2013-08-14 10:53:43 ----A---- C:\Windows\system32\wintrust.dll
2013-08-14 10:53:43 ----A---- C:\Windows\system32\cryptsvc.dll
2013-08-14 10:53:43 ----A---- C:\Windows\system32\crypt32.dll
2013-08-14 10:53:42 ----A---- C:\Windows\system32\cryptnet.dll
2013-08-12 15:31:50 ----A---- C:\Windows\system32\PDFDocScout.DLL
2013-08-12 15:31:50 ----A---- C:\Windows\system32\PaintX.dll
2013-08-12 15:31:50 ----A---- C:\Windows\system32\ijl15.dll
2013-08-11 18:43:36 ----DC---- C:\Program Files\DiskInternals
2013-08-11 17:33:52 ----D---- C:\Users\Martin\AppData\Roaming\doublecmd
2013-08-11 17:33:47 ----DC---- C:\Program Files\Double Commander
2013-08-11 17:09:58 ----DC---- C:\Program Files\Recuva
2013-08-11 16:33:31 ----DC---- C:\Restoration
2013-08-11 13:05:52 ----D---- C:\Users\Martin\AppData\Roaming\MyHeritage
2013-08-11 13:05:52 ----D---- C:\ProgramData\MyHeritage
2013-08-11 13:03:52 ----D---- C:\Users\Martin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-08-11 13:02:57 ----DC---- C:\Program Files\MyHeritage
2013-08-04 18:26:50 ----A---- C:\Windows\system32\FTBSaver.scr

======List of files/folders modified in the last 1 month======

2013-08-31 11:29:20 ----D---- C:\Windows\Temp
2013-08-31 11:29:20 ----D---- C:\Windows\Prefetch
2013-08-31 11:29:11 ----DC---- C:\Program Files\Trend Micro
2013-08-31 09:56:48 ----SHD---- C:\System Volume Information
2013-08-29 16:39:08 ----D---- C:\Windows\winsxs
2013-08-29 16:18:56 ----D---- C:\Windows\system32\catroot
2013-08-29 16:17:10 ----D---- C:\Windows\System32
2013-08-29 14:07:37 ----D---- C:\Windows\system32\catroot2
2013-08-27 16:04:21 ----D---- C:\Windows
2013-08-25 18:19:17 ----SHD---- C:\Windows\Installer
2013-08-25 18:19:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2013-08-18 18:10:17 ----RDC---- C:\Program Files
2013-08-18 18:04:11 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2013-08-18 17:55:43 ----D---- C:\Users\Martin\AppData\Roaming\ICQ
2013-08-17 23:42:51 ----DC---- C:\Program Files\Mozilla Maintenance Service
2013-08-16 11:41:48 ----D---- C:\Windows\Debug
2013-08-15 22:09:05 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2013-08-15 22:06:44 ----D---- C:\ProgramData
2013-08-15 22:06:43 ----D---- C:\ProgramData\Adobe
2013-08-15 22:06:29 ----D---- C:\Program Files\Common Files\Adobe
2013-08-15 22:04:16 ----D---- C:\Program Files\Adobe
2013-08-15 22:02:55 ----RSD---- C:\Windows\Fonts
2013-08-14 18:29:28 ----D---- C:\Windows\Microsoft.NET
2013-08-14 18:28:41 ----RSD---- C:\Windows\assembly
2013-08-14 18:19:21 ----D---- C:\Windows\rescache
2013-08-14 17:55:06 ----D---- C:\Windows\system32\drivers
2013-08-14 17:55:04 ----D---- C:\Windows\system32\cs-CZ
2013-08-14 17:55:03 ----D---- C:\Windows\system32\migration
2013-08-14 17:55:03 ----D---- C:\Program Files\Internet Explorer
2013-08-14 16:50:05 ----D---- C:\Windows\system32\MRT
2013-08-14 16:47:24 ----A---- C:\Windows\system32\mrt.exe
2013-08-14 16:45:32 ----D---- C:\ProgramData\Microsoft Help
2013-08-14 16:40:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-08-14 16:40:05 ----D---- C:\Windows\inf
2013-08-11 19:08:11 ----DC---- C:\Program Files\EASEUS
2013-08-11 18:07:12 ----HD---- C:\Program Files\InstallShield Installation Information
2013-08-11 16:06:12 ----D---- C:\Windows\system32\Tasks
2013-08-11 16:03:06 ----D---- C:\Windows\system32\Msdtc
2013-08-11 16:03:03 ----D---- C:\Windows\system32\wbem
2013-08-11 16:02:04 ----D---- C:\Windows\system32\config
2013-08-11 16:01:44 ----D---- C:\Windows\Tasks
2013-08-11 16:01:44 ----D---- C:\Windows\system32\spool
2013-08-11 16:01:44 ----D---- C:\Windows\registration
2013-08-11 16:01:44 ----D---- C:\ProgramData\PMB Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AFS;AFS; C:\Windows\system32\drivers\AFS.sys [2010-12-05 77004]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-20 443448]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 56080]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 66336]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-06 8230496]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-08 1136600]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2006-12-22 449536]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2009-07-01 436480]
S3 catchme;catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PAC7302;CANYON USB PC CAMERA; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-11-08 458752]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2013-05-09 46808]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca00a16af0aeac;Služba Google Update (gupdate1ca00a16af0aeac); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-09 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-07 194104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-15 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-09 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-08-17 117656]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe []

-----------------EOF-----------------

#3 Příspěvek od **vyosek** » 31 srp 2013 13:19

Zdravim

Spustte MiniTool dle kolegy

stell píše:daj spustit tento program
http://www.bleepingcomputer.com/downloa ... box/dl/65/

Spustit>.zafajknut.
1:Report IEPROXY
2:Report FFPROXY
3:List comtent OFF HOSTS
4:List IP CONFIGURATION
5:LIST WINSOCK...
6:List Last 10 EvENTS..
7:Only problems
8:Klik GO a log nech ti da do fora.

Aplikace ke stažení:

Po stažení FRSTLauncher spustte, objevi se mozna varovani od antiviru, ignorujte a nechte FRSTL spustit

Následně dojde ke stažení FRST a inicializaci

Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na Ano.
Dooznačíme položku Addition.txt - viz obrázek.
Klikneme na tlačítko Scan čímž spustíme skenování.
Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
Po uzavření logu se FRSTLauncher.exe ukončí a na ploše nám zbyde utilta FRST a dva logy FRST.txt a Addition.txt - nic z toho zatím nemažeme.

zonik · #4 Příspěvek od **zonik** » 31 srp 2013 13:48

MiniToolBox by Farbar Version: 13-07-2013
Ran by Martin (administrator) on 31-08-2013 at 14:45:23
Running from "C:\Users\Martin\Dokumenty\Plocha"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel(R) 82566DC-2 Gigabit Network Connection = Připojení k místní síti (Connected)

# ----------------------------------
# Konfigurace protokolu IPv4
# ----------------------------------
pushd interface ipv4

reset

popd
# Konec konfigurace protokolu IPv4

Konfigurace protokolu IP syst‚mu Windows

N zev hostitele . . . . . . . . . : Martin-PC
Prim rnˇ pýˇpona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridnˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne

Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:

Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Intel(R) 82566DC-2 Gigabit Network Connection
Fyzick Adresa. . . . . . . . . . : 00-19-DB-B9-C2-62
Protokol DHCP povolen . . . . . . : Ano
Automatick konfigurace povolena : Ano
Adresa IPv4 . . . . . . . . . . . : 10.0.0.139(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 31. srpna 2013 14:32:52
Z p…jźka vyprçˇ . . . . . . . . . : 31. srpna 2013 15:32:52
Věchozˇ br na . . . . . . . . . . : 10.0.0.138
Server DHCP . . . . . . . . . . . : 10.0.0.138
Servery DNS . . . . . . . . . . . : 10.0.0.138
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti*:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : isatap.{281EDDE4-893B-484A-9C0E-E51C58FBB1EB}
Fyzick Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Pýipojenˇ k mˇstnˇ sˇti* 3:

Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick Adresa. . . . . . . . . . : 02-00-54-55-4E-01
Protokol DHCP povolen . . . . . . : Ne
Automatick konfigurace povolena : Ano
Adresa IPv6. . . . . . . . . . . : 2001:0:5ef5:79fb

2ad1:f5ff:ff74(Preferovan‚)
Spojenˇ - mˇstnˇ adresa IPv6 . . . : fe80:

2ad1:f5ff:ff74%8(Preferovan‚)
Věchozˇ br na . . . . . . . . . . : ::
NetBIOS nad TCP/IP. . . . . . . . : zak z no
Server: mygateway1.ar7
Address: 10.0.0.138

N zev: google.com
Addresses: 2a00

4001:809::1004
173.194.113.32
173.194.113.35
173.194.113.37
173.194.113.34
173.194.113.36
173.194.113.46
173.194.113.40
173.194.113.33
173.194.113.38
173.194.113.41
173.194.113.39

Pýˇkaz PING na google.com [173.194.113.32] - 32 bajt… dat:

OdpovŘÔ od 173.194.113.32: bajty=32 źas=23ms TTL=53

OdpovŘÔ od 173.194.113.32: bajty=32 źas=21ms TTL=53

Statistika ping pro 173.194.113.32:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 21ms, Maximum = 23ms, Pr…mŘr = 22ms

Server: mygateway1.ar7
Address: 10.0.0.138

N zev: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109

Pýˇkaz PING na yahoo.com [98.139.183.24] - 32 bajt… dat:

OdpovŘÔ od 98.139.183.24: bajty=32 źas=174ms TTL=45

OdpovŘÔ od 98.139.183.24: bajty=32 źas=245ms TTL=47

Statistika ping pro 98.139.183.24:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 174ms, Maximum = 245ms, Pr…mŘr = 209ms

Pýˇkaz PING na 127.0.0.1 - 32 bajt… dat:

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=128

Statistika ping pro 127.0.0.1:

Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),

Pýibli§n doba do pýijetˇ odezvy v milisekund ch:

Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms

===========================================================================
Seznam rozhranˇ
9 ...00 19 db b9 c2 62 ...... Intel(R) 82566DC-2 Gigabit Network Connection
1 ........................... Software Loopback Interface 1
14 ...00 00 00 00 00 00 00 e0 isatap.{281EDDE4-893B-484A-9C0E-E51C58FBB1EB}
8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 10.0.0.138 10.0.0.139 20
10.0.0.0 255.255.255.0 Propojen‚ 10.0.0.139 276
10.0.0.139 255.255.255.255 Propojen‚ 10.0.0.139 276
10.0.0.255 255.255.255.255 Propojen‚ 10.0.0.139 276
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 10.0.0.139 276
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 10.0.0.139 276
===========================================================================
Trval‚ trasy:
¦ dn‚

IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
8 18 ::/0 Propojen‚
1 306 ::1/128 Propojen‚
8 18 2001::/32 Propojen‚
8 266 2001:0:5ef5:79fb

2ad1:f5ff:ff74/128
Propojen‚
8 266 fe80::/64 Propojen‚
8 266 fe80:

2ad1:f5ff:ff74/128
Propojen‚
1 306 ff00::/8 Propojen‚
8 266 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Společnost Microsoft)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/31/2013 11:24:16 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2120. ID zprávy: [0x2509].

Error: (08/31/2013 11:22:23 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 2732. ID zprávy: [0x2509].

Error: (08/29/2013 10:06:42 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 12156. ID zprávy: [0x2509].

Error: (08/29/2013 10:04:55 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 4968. ID zprávy: [0x2509].

Error: (08/29/2013 09:57:24 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 14736. ID zprávy: [0x2509].

Error: (08/29/2013 09:14:59 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 13612. ID zprávy: [0x2509].

Error: (08/29/2013 09:05:04 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 12616. ID zprávy: [0x2509].

Error: (08/29/2013 08:57:14 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.1008 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 8248. ID zprávy: [0x2509].

Error: (08/29/2013 04:11:13 PM) (Source: Application Error) (User: )
Description: Chybující aplikace firefox.exe, verze 23.0.1.4974, časové razítko 0x520bc252, chybující modul xul.dll, verze 23.0.1.4974, časové razítko 0x520bc166, kód výjimky 0xc0000005, posun chyby 0x0017af08,
ID procesu 0x17f4, čas spuštění aplikace 0xfirefox.exe0.

Error: (08/25/2013 11:32:48 PM) (Source: Application Hang) (User: )
Description: Program Picasa3.exe verze 3.9.136.20 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 4124
Čas zahájení: 01cea1da85ec9560
Čas ukončení: 8

System errors:
=============
Error: (08/31/2013 02:36:28 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: výchozí pro počítačmístníAktivace{000C101C-0000-0000-C000-000000000046}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (pomocí LRPC)

Error: (08/31/2013 02:34:28 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/31/2013 01:08:42 PM) (Source: atapi) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Ide\IdePort0.

Error: (08/31/2013 09:23:02 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: výchozí pro počítačmístníAktivace{000C101C-0000-0000-C000-000000000046}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (pomocí LRPC)

Error: (08/31/2013 09:21:23 AM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/30/2013 01:50:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: výchozí pro počítačmístníAktivace{000C101C-0000-0000-C000-000000000046}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (pomocí LRPC)

Error: (08/30/2013 01:47:42 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Error: (08/29/2013 05:20:17 PM) (Source: volsnap) (User: )
Description: Stínové kopie svazku C: byly přerušeny kvůli selhání výpočtu volného místa.

Error: (08/29/2013 04:21:10 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: výchozí pro počítačmístníAktivace{000C101C-0000-0000-C000-000000000046}NT AUTHORITYNETWORK SERVICES-1-5-20LocalHost (pomocí LRPC)

Error: (08/29/2013 04:18:54 PM) (Source: Service Control Manager) (User: )
Description: i8042prt

Microsoft Office Sessions:
=========================
Error: (01/25/2011 05:44:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.

Error: (04/15/2010 06:01:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

Error: (03/07/2008 05:16:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2566 seconds with 1980 seconds of active time. This session ended with a crash.

CodeIntegrity Errors:
===================================
Date: 2013-06-02 22:58:18.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-02 22:58:18.717
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-02 22:58:18.506
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-06-02 22:58:18.238
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:40:21.100
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:40:20.887
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:40:20.664
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:40:20.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:38:06.992
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-05-05 14:38:06.761
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchrome150browserrecordhelper.dll because the set of per-page image hashes could not be found on the system.

**** End of log ****

zonik · #5 Příspěvek od **zonik** » 31 srp 2013 13:53

can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-08-2013 03
Ran by Martin (administrator) on MARTIN-PC on 31-08-2013 14:50:20
Running from C:\Users\Martin\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(MyHeritage) C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
() C:\Program Files\Pando Networks\Media Booster\PMB.exe
(ICQ) C:\Users\Martin\AppData\Roaming\ICQM\icq.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [toolbar_eula_launcher] - C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [413696 2008-03-28] (Apple Inc.)
HKLM\...\Run: [USBToolTip] - C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [86016 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8530464 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [avast] - C:\Program Files\Alwil Software\Avast5\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Family Tree Builder Update] - C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-08-04] (MyHeritage)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [BindDirectlyToPropertySetStorage] 0
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-05] ()
HKCU\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [28698984 2013-07-30] (ICQ)
HKCU\...\Policies\Explorer: [NoDrives] 0
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU -No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\freeonlineradioplayerrecorder-v1-customized-web-search.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ovi Maps 3D browser plugin - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\maps@ovi.com
FF Extension: mp4downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\mp4downloader@jeff.net.xpi
FF Extension: vk - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\vk@sergeykolosov.mp.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/webhp?hl=cs&tab=iw
CHR RestoreOnStartup: "hxxp://www.google.cz/webhp?hl=cs&tab=iw"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.62\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (RealNetworks Rhapsody Player Engine) - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll No File
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 gupdate1ca00a16af0aeac; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-09] (Google Inc.)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [x]

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1136600 2007-01-08] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R0 AFS; C:\Windows\System32\Drivers\AFS.sys [77004 2010-12-05] (Oak Technology Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-06-28] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-06-28] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [175176 2013-06-28] ()
S3 AVerFx2hbtv; C:\Windows\System32\drivers\AVerFx2hbtv.sys [436480 2009-07-01] (AVerMedia TECHNOLOGIES, Inc.)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-09-20] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-08-31 14:49 - 2013-08-31 14:49 - 00000000 ___DC C:\FRST
2013-08-31 14:49 - 2013-08-31 14:49 - 00000000 ____D C:\Users\Martin\AppData\Local\qb0FACB2.5E
2013-08-31 14:45 - 2013-08-31 14:46 - 00018717 _____ C:\Users\Martin\Dokumenty\Plocha\Result.txt
2013-08-31 14:38 - 2013-08-31 14:38 - 00760937 _____ (Farbar) C:\Users\Martin\Dokumenty\Plocha\MiniToolBox.exe
2013-08-31 11:29 - 2013-08-31 11:30 - 00000000 ___DC C:\rsit
2013-08-29 21:57 - 2013-08-31 14:25 - 00000000 ____D C:\Users\Martin\Dokumenty\vypalit
2013-08-29 14:11 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-25 20:55 - 2013-08-25 20:56 - 00000000 ____D C:\Users\Martin\Dokumenty\Prvni damy
2013-08-21 14:16 - 2013-08-21 14:16 - 32074284 _____ C:\Users\Martin\Zemřel Andropov 1984.wav
2013-08-21 14:06 - 2013-08-21 14:06 - 36333612 _____ C:\Users\Martin\Zemřel Brežněv 1982.wav
2013-08-17 11:16 - 2013-08-17 11:16 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-15 22:26 - 2013-08-15 22:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-08-15 22:26 - 2013-08-15 22:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2013-08-15 22:06 - 2013-08-15 22:06 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-08-15 22:02 - 2013-08-15 22:02 - 00000000 ___DC C:\Program Files\Adobe Media Player
2013-08-14 16:36 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-14 16:36 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-14 16:36 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-14 16:36 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-14 16:36 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-14 16:36 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-14 16:36 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-14 16:36 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-14 16:36 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-14 16:36 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-14 16:36 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-14 16:36 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-14 16:36 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-14 16:36 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-14 16:36 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-14 16:36 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-14 10:56 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-14 10:56 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-14 10:56 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-14 10:55 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-14 10:55 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-14 10:55 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-14 10:55 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-14 10:55 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-14 10:53 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-14 10:53 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-14 10:53 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-14 10:53 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-12 15:32 - 2013-08-12 15:32 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2013-08-12 15:31 - 2012-08-02 08:56 - 00606208 _____ (Lorenzi Davide) C:\Windows\system32\HexUniRTFBox.ocx
2013-08-12 15:31 - 2010-06-17 19:49 - 02029056 _____ (Bytescout) C:\Windows\system32\PDFDocScout.DLL
2013-08-12 15:31 - 2003-07-06 14:07 - 00372736 _____ (Intel Corporation) C:\Windows\system32\ijl15.dll
2013-08-12 15:31 - 2002-03-07 01:19 - 00454656 _____ () C:\Windows\system32\PaintX.dll
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ___DC C:\Program Files\DiskInternals
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2013-08-11 17:33 - 2013-08-11 17:36 - 00000000 ____D C:\Users\Martin\AppData\Roaming\doublecmd
2013-08-11 17:33 - 2013-08-11 17:33 - 00000000 ___DC C:\Program Files\Double Commander
2013-08-11 17:09 - 2013-08-12 09:15 - 00000000 ___DC C:\Program Files\Recuva
2013-08-11 16:33 - 2013-08-11 16:33 - 00000000 ___DC C:\Restoration
2013-08-11 13:05 - 2013-08-12 15:32 - 00000000 ____D C:\Users\Martin\AppData\Roaming\MyHeritage
2013-08-11 13:05 - 2013-08-12 15:32 - 00000000 ____D C:\ProgramData\MyHeritage
2013-08-11 13:05 - 2013-08-11 13:08 - 00000000 ____D C:\Users\Martin\Dokumenty\MyHeritage
2013-08-11 13:03 - 2013-08-11 13:03 - 00000000 ____D C:\Users\Martin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-08-11 13:02 - 2013-08-12 15:31 - 00000000 ___DC C:\Program Files\MyHeritage
2013-08-06 14:14 - 2013-08-16 12:37 - 00000000 ____D C:\Users\Martin\Dokumenty\DT2014
2013-08-05 16:33 - 2013-08-05 16:33 - 00000000 ____D C:\Users\Martin\KBCertifikat
2013-08-04 18:26 - 2013-08-04 18:26 - 00930336 _____ (MyHeritage) C:\Windows\system32\FTBSaver.scr

==================== One Month Modified Files and Folders =======

2013-08-31 14:49 - 2013-08-31 14:49 - 00000000 ___DC C:\FRST
2013-08-31 14:49 - 2013-08-31 14:49 - 00000000 ____D C:\Users\Martin\AppData\Local\qb0FACB2.5E
2013-08-31 14:49 - 2010-10-31 21:40 - 00000000 ____D C:\Users\Martin\Dokumenty\Plocha
2013-08-31 14:46 - 2013-08-31 14:45 - 00018717 _____ C:\Users\Martin\Dokumenty\Plocha\Result.txt
2013-08-31 14:41 - 2011-10-26 11:21 - 01601884 ____N C:\Windows\WindowsUpdate.log
2013-08-31 14:39 - 2012-08-14 13:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-31 14:38 - 2013-08-31 14:38 - 00760937 _____ (Farbar) C:\Users\Martin\Dokumenty\Plocha\MiniToolBox.exe
2013-08-31 14:35 - 2009-07-09 16:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-31 14:35 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-31 14:32 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-31 14:32 - 2006-11-02 14:47 - 00003568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-31 14:32 - 2006-11-02 14:47 - 00003568 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-31 14:31 - 2006-11-02 15:01 - 00032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-31 14:25 - 2013-08-29 21:57 - 00000000 ____D C:\Users\Martin\Dokumenty\vypalit
2013-08-31 14:14 - 2009-07-09 16:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-31 13:28 - 2011-03-14 09:35 - 00000960 _____ C:\Windows\Tasks\Google Software Updater.job
2013-08-31 11:30 - 2013-08-31 11:29 - 00000000 ___DC C:\rsit
2013-08-31 11:29 - 2010-07-22 12:17 - 00000000 ___DC C:\Program Files\Trend Micro
2013-08-31 11:23 - 2008-02-04 12:56 - 00000000 ___RD C:\Users\Martin\Dokumenty
2013-08-31 11:23 - 2008-02-04 12:56 - 00000000 ____D C:\Users\Martin
2013-08-31 11:06 - 2012-08-25 13:31 - 00000000 ____D C:\Users\Martin\Dokumenty\Moje Videa
2013-08-30 21:13 - 2008-10-18 15:51 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2013-08-25 20:56 - 2013-08-25 20:55 - 00000000 ____D C:\Users\Martin\Dokumenty\Prvni damy
2013-08-25 18:19 - 2008-11-22 13:20 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-08-23 09:48 - 2013-07-09 09:40 - 00000000 ____D C:\Users\Martin\kbpki
2013-08-21 14:16 - 2013-08-21 14:16 - 32074284 _____ C:\Users\Martin\Zemřel Andropov 1984.wav
2013-08-21 14:06 - 2013-08-21 14:06 - 36333612 _____ C:\Users\Martin\Zemřel Brežněv 1982.wav
2013-08-18 18:04 - 2008-10-16 22:59 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2013-08-18 17:55 - 2008-02-06 12:53 - 00000000 ____D C:\Users\Martin\AppData\Roaming\ICQ
2013-08-18 11:01 - 2013-06-30 11:01 - 00000288 _____ C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job
2013-08-17 23:42 - 2012-08-30 19:20 - 00000000 ___DC C:\Program Files\Mozilla Maintenance Service
2013-08-17 11:16 - 2013-08-17 11:16 - 00000000 ___DC C:\Program Files\Mozilla Firefox
2013-08-16 12:37 - 2013-08-06 14:14 - 00000000 ____D C:\Users\Martin\Dokumenty\DT2014
2013-08-16 12:37 - 2011-09-30 20:54 - 00000000 ____D C:\Users\Martin\Dokumenty\Obec
2013-08-16 12:29 - 2013-07-30 17:02 - 00000000 ____D C:\Users\Martin\Dokumenty\5 let Pojebu
2013-08-16 12:26 - 2009-04-27 14:07 - 00000000 ____D C:\Users\Martin\Dokumenty\Miksuv fotak
2013-08-16 12:20 - 2013-04-28 10:35 - 00000000 ____D C:\Users\Martin\Dokumenty\Historie - czech
2013-08-16 12:18 - 2013-04-28 10:26 - 00000000 ____D C:\Users\Martin\Dokumenty\Prezidenti CR
2013-08-16 11:35 - 2010-11-07 12:02 - 00000000 ___HD C:\Users\Martin\Dokumenty\Plocha\.picasaoriginals
2013-08-16 08:42 - 2006-11-02 14:47 - 03829280 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-15 22:26 - 2013-08-15 22:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-08-15 22:26 - 2013-08-15 22:26 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2013-08-15 22:11 - 2008-02-04 13:47 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2013-08-15 22:09 - 2008-02-04 13:47 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Adobe
2013-08-15 22:08 - 2008-02-04 12:56 - 00145456 _____ C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-15 22:06 - 2013-08-15 22:06 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-08-15 22:06 - 2008-04-04 21:34 - 00000000 ____D C:\ProgramData\Adobe
2013-08-15 22:06 - 2008-04-04 21:34 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-08-15 22:04 - 2007-05-31 15:17 - 00000000 ____D C:\Program Files\Adobe
2013-08-15 22:02 - 2013-08-15 22:02 - 00000000 ___DC C:\Program Files\Adobe Media Player
2013-08-14 18:29 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-14 18:19 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-14 16:50 - 2013-07-13 01:13 - 00000000 ____D C:\Windows\system32\MRT
2013-08-14 16:47 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 16:45 - 2007-06-01 09:43 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-14 16:40 - 2006-11-02 12:33 - 01547318 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-12 15:32 - 2013-08-12 15:32 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com
2013-08-12 15:32 - 2013-08-11 13:05 - 00000000 ____D C:\Users\Martin\AppData\Roaming\MyHeritage
2013-08-12 15:32 - 2013-08-11 13:05 - 00000000 ____D C:\ProgramData\MyHeritage
2013-08-12 15:31 - 2013-08-11 13:02 - 00000000 ___DC C:\Program Files\MyHeritage
2013-08-12 09:15 - 2013-08-11 17:09 - 00000000 ___DC C:\Program Files\Recuva
2013-08-11 19:08 - 2009-02-16 22:36 - 00000000 ___DC C:\Program Files\EASEUS
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ___DC C:\Program Files\DiskInternals
2013-08-11 18:43 - 2013-08-11 18:43 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals
2013-08-11 18:07 - 2007-05-31 20:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-08-11 17:36 - 2013-08-11 17:33 - 00000000 ____D C:\Users\Martin\AppData\Roaming\doublecmd
2013-08-11 17:33 - 2013-08-11 17:33 - 00000000 ___DC C:\Program Files\Double Commander
2013-08-11 16:33 - 2013-08-11 16:33 - 00000000 ___DC C:\Restoration
2013-08-11 16:06 - 2006-11-02 12:23 - 00002577 _____ C:\Windows\system32\config.nt
2013-08-11 16:03 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-08-11 16:02 - 2006-11-02 12:22 - 64487424 _____ C:\Windows\system32\config\software_previous
2013-08-11 16:02 - 2006-11-02 12:22 - 42467328 _____ C:\Windows\system32\config\components_previous
2013-08-11 16:02 - 2006-11-02 12:22 - 38010880 _____ C:\Windows\system32\config\system_previous
2013-08-11 16:02 - 2006-11-02 12:22 - 00524288 _____ C:\Windows\system32\config\default_previous
2013-08-11 16:02 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2013-08-11 16:02 - 2006-11-02 12:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2013-08-11 16:01 - 2012-12-05 19:00 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-11 16:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\spool
2013-08-11 16:01 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\registration
2013-08-11 13:08 - 2013-08-11 13:05 - 00000000 ____D C:\Users\Martin\Dokumenty\MyHeritage
2013-08-11 13:03 - 2013-08-11 13:03 - 00000000 ____D C:\Users\Martin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-08-05 16:33 - 2013-08-05 16:33 - 00000000 ____D C:\Users\Martin\KBCertifikat
2013-08-04 18:26 - 2013-08-04 18:26 - 00930336 _____ (MyHeritage) C:\Windows\system32\FTBSaver.scr
2013-08-02 06:09 - 2013-08-29 14:11 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-01 13:57 - 2013-04-28 11:24 - 00000000 ____D C:\Users\Martin\Dokumenty\Scenaře

Files to move or delete:
====================
C:\Users\Martin\lkp.exe
C:\Users\Martin\AppData\Local\Temp\kbpki\b1a68fca876cfc030a8d.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Scheduled Tasks (whitelisted) ===========

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

==================== Supplementary Scan (All) ================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\prwntdrv

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"scforceoption"=dword:00000000
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"FilterAdministratorToken"=dword:00000000
"EnableUIADesktopToggle"=dword:00000000
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=dword:00000000
"NoDrives"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval"=dword:00000001
"FirewallDisableNotify"=dword:00000000
"AntiVirusDisableNotify"=dword:00000000
"UpdatesDisableNotify"=dword:00000000
"AntiVirusOverride"=dword:00000000
"AntiSpywareOverride"=dword:00000000
"FirewallOverride"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"="midimap.dll"
"wavemapper"="msacm32.drv"
"MSVideo8"="VfWWDM32.dll"
"msacm.imaadpcm"="imaadp32.acm"
"msacm.msadpcm"="msadp32.acm"
"msacm.msg711"="msg711.acm"
"msacm.msgsm610"="msgsm32.acm"
"vidc.cvid"="iccvid.dll"
"vidc.iv31"="ir32_32.dll"
"vidc.iv32"="ir32_32.dll"
"vidc.iv41"="ir41_32.ax"
"VIDC.IYUV"="iyuv_32.dll"
"vidc.mrle"="msrle32.dll"
"vidc.msvc"="msvidc32.dll"
"VIDC.UYVY"="msyuv.dll"
"VIDC.YUY2"="msyuv.dll"
"VIDC.YVU9"="tsbyuv.dll"
"VIDC.YVYU"="msyuv.dll"
"vidc.iv50"="ir50_32.dll"
"msacm.l3acm"="l3codeca.acm"
"msacm.sl_anet"="sl_anet.acm"
"vidc.XVID"="xvidvfw.dll"
"vidc.mjpg"="pvmjpg30.dll"
"wave"="wdmaud.drv"
"midi"="wdmaud.drv"
"mixer"="wdmaud.drv"
"aux"="wdmaud.drv"
"wave1"="wdmaud.drv"
"mixer1"="wdmaud.drv"
"vidc.lags"="lagarith.dll"
"VIDC.FFDS"="ff_vfw.dll"
"msacm.ac3acm"="ac3acm.acm"
"msacm.l3codecp"="l3codecp.acm"

==================== Drive and Memory info ===================

Drive c: (BOOT) (Fixed) (Total:278.49 GB) (Free:73.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.59 GB) (Free:2.44 GB) FAT32

Available physical RAM: 793.71 MB
Total physical RAM: 2045.45 MB
Percentage of memory in use: 61%

LastRegBack: 2013-08-31 14:44

==================== End Of Log ==============================

#6 Příspěvek od **vyosek** » 31 srp 2013 15:46

Tvorba fixlistu pro FRST

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

Start
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [toolbar_eula_launcher] - C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [413696 2008-03-28] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Family Tree Builder Update] - C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-08-04] (MyHeritage)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [BindDirectlyToPropertySetStorage] 0
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-05] ()
HKCU\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [28698984 2013-07-30] (ICQ)
HKCU\...\Policies\Explorer: [NoDrives] 0

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: msdaipp - No CLSID Value -

R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [x]

C:\Users\Martin\lkp.exe
C:\Users\Martin\AppData\Local\Temp\kbpki\b1a68fca876cfc030a8d.dll
C:\Program Files\PANDORA.TV

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Hosts:
CMD: shutdown /r /f /t 2
End

Ulozte vytvoreny TXT jako fixlist.txt
Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

Kliknete na Fix
Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

zonik · #7 Příspěvek od **zonik** » 31 srp 2013 16:25

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-08-2013 03
Ran by Martin at 2013-08-31 17:18:39 Run:1
Running from C:\Users\Martin\Dokumenty\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [toolbar_eula_launcher] - C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [413696 2008-03-28] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [Family Tree Builder Update] - C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2532352 2013-08-04] (MyHeritage)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [BindDirectlyToPropertySetStorage] 0
HKLM\...\Policies\Explorer: [NoDrives] 0
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-05] ()
HKCU\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [28698984 2013-07-30] (ICQ)
HKCU\...\Policies\Explorer: [NoDrives] 0

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: (No Name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - No File
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File
Handler: msdaipp - No CLSID Value -

R2 PanService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [625304 2012-09-28] (Pandora.TV)
S3 catchme; \??\C:\Users\Martin\AppData\Local\Temp\catchme.sys [x]

C:\Users\Martin\lkp.exe
C:\Users\Martin\AppData\Local\Temp\kbpki\b1a68fca876cfc030a8d.dll
C:\Program Files\PANDORA.TV

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Hosts:
CMD: shutdown /r /f /t 2
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\toolbar_eula_launcher => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Family Tree Builder Update => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDrives => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{1392b8d2-5c05-419f-a8f6-b9f15a596612} => Value deleted successfully.
HKCR\CLSID\{1392b8d2-5c05-419f-a8f6-b9f15a596612} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => Key deleted successfully.
HKCR\CLSID\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1392B8D2-5C05-419F-A8F6-B9F15A596612} => Value deleted successfully.
HKCR\CLSID\{1392B8D2-5C05-419F-A8F6-B9F15A596612} => Key not found.
HKCR\PROTOCOLS\Handler\Handler: msdaipp - No CLSID Value - => Key not found.
PanService => Service deleted successfully.
catchme => Service deleted successfully.
C:\Users\Martin\lkp.exe => Moved successfully.
C:\Users\Martin\AppData\Local\Temp\kbpki\b1a68fca876cfc030a8d.dll => Moved successfully.
C:\Program Files\PANDORA.TV => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\Google Software Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => Moved successfully.
C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2126688981-4244795158-810744998-1000.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========

========= End of CMD: =========

The system needs a manual reboot.

==== End of Fixlog ====

zonik · #8 Příspěvek od **zonik** » 31 srp 2013 22:54

Smím se zeptat na další postup. Stránky se nenačítají mnohde vubec, někde zpoloviny, ale většinou to hrozně trvá?

#9 Příspěvek od **vyosek** » 01 zář 2013 06:29

Je v siti treba nejaky jiny PC, tam je vse OK??

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

zonik · #10 Příspěvek od **zonik** » 01 zář 2013 09:26

zkoušel sem to píchnout do notebooku a taky blbnou některé stránky. Znamená to tedy, že problém je v modemu a nebo u poskytovatele?

zonik · #11 Příspěvek od **zonik** » 01 zář 2013 16:51

ComboFix 13-08-31.01 - Martin 01.09.2013 17:35:59.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2045.1184 [GMT 2:00]
Spuštěný z: c:\users\Martin\Dokumenty\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-01 do 2013-09-01 )))))))))))))))))))))))))))))))
.
.
2013-09-01 15:45 . 2013-09-01 15:45 -------- d-----w- c:\users\Martin\AppData\Local\temp
2013-09-01 15:45 . 2013-09-01 15:45 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-01 15:45 . 2013-09-01 15:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-31 15:15 . 2013-08-31 15:15 -------- d-----w- c:\users\Martin\AppData\Local\qb95B202.D3
2013-08-31 12:49 . 2013-08-31 15:18 -------- dc----w- C:\FRST
2013-08-31 09:29 . 2013-08-31 09:30 -------- dc----w- C:\rsit
2013-08-30 11:56 . 2013-08-06 07:28 7166848 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AC92854C-E8BC-4E26-BCD9-27A4313D2DD4}\mpengine.dll
2013-08-29 12:11 . 2013-08-02 04:09 1548288 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-08-15 20:26 . 2013-08-15 20:26 -------- d-----w- c:\users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2013-08-15 20:26 . 2013-08-15 20:26 -------- d-----w- c:\users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-08-15 20:06 . 2013-08-15 20:06 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-08-15 20:02 . 2013-08-15 20:02 -------- dc----w- c:\program files\Adobe Media Player
2013-08-14 08:56 . 2013-06-15 13:22 15872 ----a-w- c:\windows\system32\icaapi.dll
2013-08-14 08:56 . 2013-06-15 11:23 24064 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 08:56 . 2013-07-05 04:53 905664 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-08-14 08:55 . 2013-07-17 19:41 2048 ----a-w- c:\windows\system32\tzres.dll
2013-08-14 08:55 . 2013-07-10 09:47 783360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-08-14 08:55 . 2013-07-08 04:55 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-08-14 08:55 . 2013-07-08 04:55 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-14 08:55 . 2013-07-09 12:10 1205168 ----a-w- c:\windows\system32\ntdll.dll
2013-08-14 08:53 . 2013-07-08 04:20 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-08-14 08:53 . 2013-07-08 04:16 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-08-14 08:53 . 2013-07-08 04:16 992768 ----a-w- c:\windows\system32\crypt32.dll
2013-08-14 08:53 . 2013-07-08 04:16 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-08-12 13:31 . 2010-06-17 17:49 2029056 ----a-w- c:\windows\system32\PDFDocScout.DLL
2013-08-12 13:31 . 2003-07-06 12:07 372736 ----a-w- c:\windows\system32\ijl15.dll
2013-08-12 13:31 . 2002-03-06 23:19 454656 ----a-w- c:\windows\system32\PaintX.dll
2013-08-12 13:31 . 2012-08-02 06:56 606208 ----a-w- c:\windows\system32\HexUniRTFBox.ocx
2013-08-11 16:43 . 2013-08-11 16:43 -------- dc----w- c:\program files\DiskInternals
2013-08-11 15:33 . 2013-08-11 15:36 -------- d-----w- c:\users\Martin\AppData\Roaming\doublecmd
2013-08-11 15:33 . 2013-08-11 15:33 -------- dc----w- c:\program files\Double Commander
2013-08-11 15:09 . 2013-08-12 07:15 -------- dc----w- c:\program files\Recuva
2013-08-11 14:33 . 2013-08-11 14:33 -------- dc----w- C:\Restoration
2013-08-11 11:05 . 2013-08-12 13:32 -------- d-----w- c:\users\Martin\AppData\Roaming\MyHeritage
2013-08-11 11:05 . 2013-08-12 13:32 -------- d-----w- c:\programdata\MyHeritage
2013-08-11 11:03 . 2013-08-11 11:03 -------- d-----w- c:\users\Martin\AppData\Roaming\The Complete Genealogy Reporter - FTB
2013-08-11 11:02 . 2013-08-12 13:31 -------- dc----w- c:\program files\MyHeritage
2013-08-05 14:33 . 2013-08-05 14:33 -------- d-----w- c:\users\Martin\KBCertifikat
2013-08-04 16:26 . 2013-08-04 16:26 930336 ----a-w- c:\windows\system32\FTBSaver.scr
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-15 07:55 . 2012-08-14 11:26 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-15 07:55 . 2012-08-14 11:26 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-29 00:49 . 2013-06-29 00:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-29 00:49 . 2012-06-15 09:01 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-06-29 00:49 . 2010-06-03 13:38 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-27 22:11 . 2013-03-12 22:41 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 22:11 . 2011-03-02 16:40 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-27 22:11 . 2008-11-10 11:02 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-04 01:50 . 2013-07-11 08:06 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-04-11 22:10 . 2013-08-17 09:16 263064 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 579024 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"icq"="c:\users\Martin\AppData\Roaming\ICQM\icq.exe" [2013-07-29 28698984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-05-10 4468736]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-06 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-06 81920]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-05-09 4858968]
.
c:\users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-08 1136600]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-30 17:14 1177552 ----a-w- c:\program files\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-01 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-09 22:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - ExtSQL: 2013-07-08 16:26; mp4downloader@jeff.net; c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\extensions\mp4downloader@jeff.net.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-AdobeBridge - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files\PANDORA.TV\PanService\unins001.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-01 17:45
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
Celkový čas: 2013-09-01 17:48:20
ComboFix-quarantined-files.txt 2013-09-01 15:48
ComboFix2.txt 2011-06-01 18:25
.
Před spuštěním: Volných bajtů: 68 416 397 312
Po spuštění: Volných bajtů: 68 424 110 080
.
- - End Of File - - 95AA4041B3259370DDA9EF5E1C77ABEC
5C616939100B85E558DA92B899A0FC36

#12 Příspěvek od **vyosek** » 01 zář 2013 19:37

Ano vypada to na chybu routeru ci u poskytovatel. Zkuste nejprve restartovat vsechny prvky v datove ceste (router, modem...) = na par minutek je odpojit od internetu...

zonik · #13 Příspěvek od **zonik** » 03 zář 2013 16:11

Tak to pomohlo, tak se ti omlouvám, že sem otravoval se zdánlivou malicherností. Omluva a děkuju Ti

#14 Příspěvek od **vyosek** » 03 zář 2013 20:10

Tak jeste uklidime

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Zpomalení internetu

Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu

Re: Zpomalení internetu