Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

mozila a vyskakujuce reklamy

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#16 Příspěvek od motji »

Můžete dát prosím ten soubor otestovat znovu, tak aby byl testovaný právě Váš soubor?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#17 Příspěvek od esperian26 »

no tak dufam ze uz to je OK ??

http://www.virustotal.com/reanalisis.ht ... 1267650662

Alebo toto

http://www.virustotal.com/analisis/ef4a ... 1267551221
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#18 Příspěvek od motji »

Soubor Vám pak smažu :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- spustte, klikněte na Run Scan
- po skončení skenu sem vložte obsah logů z OTL.Txt a Extras.txt
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#19 Příspěvek od esperian26 »

extras.txt

OTL Extras logfile created on: 4. 3. 2010 14:26:45 - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = C:\Users\Esperian\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,11 Gb Total Space | 60,56 Gb Free Space | 59,31% Space Free | Partition Type: NTFS
Drive D: | 40,04 Gb Total Space | 35,78 Gb Free Space | 89,38% Space Free | Partition Type: NTFS
Drive E: | 6,90 Gb Total Space | 1,41 Gb Free Space | 20,48% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ESPERIAN-PC
Current User Name: Esperian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A628780E-AD0B-4AEA-A185-C38ABA40B2C6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{A7A48107-B312-4E1D-A24B-4EADBDFA6C9B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DA491BEF-75F9-436C-8381-7962FCD60125}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EA9D2FA-E4CD-4296-820A-C25BBBB032A5}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{0EDFE5F2-1F43-4061-8094-70829CA06E6B}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{5B47B3DD-BA57-4EAB-9AFB-EB1291D3A499}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{939E7A91-44A8-4B4D-A5F8-B44366FDC5AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A874AC47-6D67-4346-98D2-CE0CF901051E}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{DE0FC5BF-120D-4273-A07F-BDE701B6DA1B}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"TCP Query User{14B2A38B-2587-47E0-B3EC-6CEF8A71CC0C}C:\program files\icq7.0\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"TCP Query User{169C0FF9-599C-42D7-B323-5CEED86DC636}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{4312A878-5344-44F3-93E7-5C535603C1E4}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{4F860FB4-8A8B-401A-AD13-EB89A306BB89}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{84FF3020-00FC-4D5B-AD00-14357EEA45F8}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{E2F67E48-2599-4496-81FE-84E42A9EE7AA}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{5204CD0D-CB78-44D6-866F-941F6A8D8F46}C:\program files\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{5476BF74-C683-4C2F-AA62-FF45AC5321F4}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{A3883A46-AE1B-47EE-B478-B092EAA8B856}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{CB2531DE-3F9A-46B2-B2CC-D16B53905AD1}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{DE250F94-6ED4-4BE8-AF05-C089906B01C0}C:\program files\icq7.0\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"UDP Query User{E9647ACD-E322-43B5-A559-E76186357922}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{340F521E-3576-4E1A-B75C-EB0ACF751379}" = HP Wireless Assistant
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}" = Microsoft Security Essentials
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{582287DA-0806-4AC0-BF19-C15E3A466034}" = LightScribe System Software 1.12.33.2
"{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}" = HP Help and Support
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}_STANDARD_{F69A7281-8297-47E2-B583-36EAA37C89EE}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-040E-0000-0000000FF1CE}_STANDARD_{573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}_STANDARD_{8AF3A9EB-FBB9-449F-AC11-94CE39930037}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91C0B95B-B83A-4828-A775-BBE2DD421051}" = Nero 7 Ultra Edition
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}" = Microsoft Antimalware
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 8.0 Professional Edition
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A81000000003}" = Adobe Reader 8.1.0 - Czech
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{B640E7CC-7091-4A24-AE76-2140065D2054}" = HP User Guides 0110
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem Driver
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D3E7A2A5-A059-4A44-949B-21FBD371A8B8}" = Paint.NET v3.5
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1568757-E564-4cb5-8980-9333119A4384}" = F300
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb
"{F86AD773-5BC0-499B-9F48-4E0D5FED759D}" = Windows Live Zabezpečení rodiny
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"7D6D030B3D73FCCA3D4E45319380F315DFBE7A54" = Balíček ovladače systému Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AOL Toolbar" = AOL Toolbar 5.0
"A-one Video Convertor_is1" = A-one Video Convertor 6.36
"Ares" = Ares 2.1.4
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"foobar2000" = foobar2000 v1.0
"Foxit Reader" = Foxit Reader
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"ICQToolbar" = ICQ Toolbar
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.6.0 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"NVIDIA Drivers" = NVIDIA Drivers
"ObjectDock" = ObjectDock
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SopCast" = SopCast 3.0.3
"Spyware Terminator_is1" = Spyware Terminator
"STANDARD" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2. 3. 2010 2:12:44 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 3. 2010 10:44:53 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 2. 3. 2010 12:57:59 | Computer Name = Esperian-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace Corel Paint Shop Pro Photo.exe, verze 12.0.0.0,
časové razítko 0x46d4af2f, chybující modul CoreGUI.dll, verze 6.0.6002.18005, časové
razítko 0x49e03821, kód výjimky 0xc0000135, posun chyby 0x00009eed, ID procesu 0xdbc,
čas spuštění aplikace 0x01caba2980f512e8.

Error - 2. 3. 2010 16:06:05 | Computer Name = Esperian-PC | Source = Google Update | ID = 20
Description =

Error - 3. 3. 2010 9:31:48 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 3. 3. 2010 10:41:13 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 3. 3. 2010 11:40:49 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 3. 3. 2010 13:03:15 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 3. 3. 2010 16:21:22 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

Error - 4. 3. 2010 2:21:44 | Computer Name = Esperian-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 22. 2. 2010 16:19:18 | Computer Name = Esperian-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 182
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 15. 2. 2010 11:33:05 | Computer Name = Esperian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 15. 2. 2010 16:03:18 | Computer Name = Esperian-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 00226903D3BC
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 15. 2. 2010 16:03:49 | Computer Name = Esperian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 15. 2. 2010 16:04:44 | Computer Name = Esperian-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 15. 2. 2010 17:41:00 | Computer Name = Esperian-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 00226903D3BC
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 15. 2. 2010 17:41:29 | Computer Name = Esperian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 15. 2. 2010 17:42:27 | Computer Name = Esperian-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 16. 2. 2010 5:08:37 | Computer Name = Esperian-PC | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 192.168.1.2 pro síťovou kartu s adresou 00226903D3BC
byla serverem DHCP 192.168.1.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 16. 2. 2010 5:09:49 | Computer Name = Esperian-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 16. 2. 2010 5:10:03 | Computer Name = Esperian-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#20 Příspěvek od esperian26 »

OTL.TXT

OTL logfile created on: 4. 3. 2010 14:26:45 - Run 1
OTL by OldTimer - Version 3.1.33.0 Folder = C:\Users\Esperian\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 52,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,11 Gb Total Space | 60,56 Gb Free Space | 59,31% Space Free | Partition Type: NTFS
Drive D: | 40,04 Gb Total Space | 35,78 Gb Free Space | 89,38% Space Free | Partition Type: NTFS
Drive E: | 6,90 Gb Total Space | 1,41 Gb Free Space | 20,48% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ESPERIAN-PC
Current User Name: Esperian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/04 14:26:21 | 000,552,960 | ---- | M] (OldTimer Tools) -- C:\Users\Esperian\Downloads\OTL.exe
PRC - [2010/01/29 01:28:00 | 002,366,312 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\CToolbar.exe
PRC - [2010/01/26 20:52:25 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010/01/26 20:52:22 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010/01/26 20:52:18 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010/01/22 22:57:10 | 001,011,712 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/01/16 04:19:22 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/13 18:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/02 17:36:52 | 000,203,800 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
PRC - [2009/07/02 17:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/25 15:15:26 | 000,361,808 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008/01/15 15:18:10 | 000,016,200 | R--- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007/12/14 13:35:34 | 000,531,784 | R--- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2010/03/04 14:26:21 | 000,552,960 | ---- | M] (OldTimer Tools) -- C:\Users\Esperian\Downloads\OTL.exe
MOD - [2009/04/10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/26 20:52:22 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/02 17:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/02/18 11:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/25 15:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2010/01/26 20:52:18 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009/11/04 11:47:20 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2009/11/04 11:47:18 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\pwdspio.sys -- (pwdspio)
DRV - [2009/09/05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/21 02:08:00 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009/08/21 02:08:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009/08/21 02:08:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/18 18:48:04 | 000,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/06/18 18:48:04 | 000,042,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/03 13:39:00 | 000,042,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/24 23:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/04/17 19:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/29 14:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:32:48 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/01 02:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 02:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 02:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.dymasearch.com/"
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.2
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..keyword.URL: "http://www.dymasearch.com/search.php?src=tops&q="
FF - prefs.js..keyword.enabled: true
FF - prefs.js..browser.search.defaulturl: "http://www.dymasearch.com/search.php?src=tops&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2010/02/26 14:32:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/07 15:55:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/07 15:55:35 | 000,000,000 | ---D | M]

[2010/01/26 17:30:41 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Extensions
[2010/01/26 17:31:54 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\extensions
[2010/01/26 17:31:51 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/03/03 21:42:52 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions
[2010/01/26 17:46:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/08 20:46:51 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/01/26 17:46:08 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/01/27 18:44:18 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/01/26 18:22:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/02/26 16:18:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/31 20:46:42 | 000,000,000 | ---D | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{d7ba87f4-c901-47b7-af80-18d75313aad1}
[2010/02/12 16:42:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/26 16:18:49 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\elemhidehelper@adblockplus.org
[2010/02/17 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\nitsansfbskins@nitsan.binnun.co.il
[2010/01/27 07:37:38 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\sk@dictionaries.addons.mozilla.org
[2008/07/10 13:07:28 | 000,000,944 | ---- | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\searchplugins\icqplugin.xml
[2010/02/14 17:45:02 | 000,000,254 | ---- | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\searchplugins\Search.xml
[2010/03/01 18:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/14 17:45:04 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{1fb5773a-b865-de68-e5e5-6a85582f658b}
[2010/01/16 02:31:40 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010/01/16 02:31:40 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2007/07/26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/01/16 02:31:40 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010/01/16 02:31:40 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010/01/16 02:31:40 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010/01/16 02:31:40 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Dots.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Dots.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/02 21:13:08 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\Moje prezentace Corel
[2010/03/02 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Corel
[2010/03/02 21:12:13 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Corel
[2010/03/02 21:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010/03/02 21:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2010/03/01 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Malwarebytes
[2010/03/01 21:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/01 21:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/01 21:46:23 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/01 21:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/01 21:43:41 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Esperian\Desktop\mbam-setup.exe
[2010/03/01 18:49:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/03/01 18:49:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/03/01 18:49:08 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\temp
[2010/03/01 18:29:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/03/01 18:27:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/02/26 20:01:29 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/02/26 20:01:29 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/02/26 20:01:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/02/26 20:01:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/02/26 20:00:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/02/26 17:41:02 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/02/26 16:52:15 | 000,044,567 | ---- | C] (jpshortstuff) -- C:\Users\Esperian\Desktop\Kenco.exe
[2010/02/26 16:50:55 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Desktop\GooredFix Backups
[2010/02/26 16:50:12 | 000,070,858 | ---- | C] (jpshortstuff) -- C:\Users\Esperian\Desktop\GooredFix.exe
[2010/02/26 16:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/02/26 16:22:59 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/26 14:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010/02/24 11:36:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/24 11:36:17 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/24 11:36:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/24 11:36:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/24 11:36:13 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/24 11:36:13 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/24 11:36:13 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/24 11:36:12 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/24 11:36:12 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/24 11:36:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/02/24 11:36:10 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/02/24 11:36:08 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/02/24 11:36:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/02/21 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010/02/18 19:00:33 | 000,000,000 | ---D | C] -- C:\72c92e84267b60dea49239
[2010/02/17 17:30:30 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Desktop\zuz
[2010/02/16 18:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010/02/16 18:33:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\My PSP Files
[2010/02/16 18:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010/02/14 22:35:49 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Microsoft Games
[2010/02/14 18:31:28 | 000,626,688 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTImageFile.dll
[2010/02/14 18:31:22 | 000,312,320 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTVideoView.dll
[2010/02/14 18:31:19 | 000,188,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoFile.dll
[2010/02/14 18:31:15 | 000,249,856 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\Windows\System32\NCTQuickTimeFile.dll
[2010/02/14 18:31:14 | 000,764,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTRMFile.dll
[2010/02/14 18:31:11 | 000,215,552 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMVFile.dll
[2010/02/14 18:31:03 | 000,495,104 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoCoreM.dll
[2010/02/14 18:30:56 | 000,382,464 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAVIFile.dll
[2010/02/14 18:30:55 | 000,780,288 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoCompress.dll
[2010/02/14 18:30:55 | 000,090,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioFormatSettings3.dll
[2010/02/14 18:30:54 | 002,846,720 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioCompress3.dll
[2010/02/14 18:30:53 | 000,778,240 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioCompress2.dll
[2010/02/14 18:30:53 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll
[2010/02/14 18:30:53 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010/02/14 18:30:45 | 000,856,064 | ---- | C] (Essien Research & Development) -- C:\Windows\System32\mpgfiltr.ax
[2010/02/14 18:30:45 | 000,475,136 | ---- | C] (DMSoft Technologies) -- C:\Windows\System32\SkinCrafter.dll
[2010/02/14 18:30:45 | 000,147,456 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomqtenc.dll
[2010/02/14 18:30:45 | 000,081,920 | ---- | C] (Viscom Software) -- C:\Windows\System32\viscomwave.dll
[2010/02/14 18:30:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\RMBin
[2010/02/14 18:30:44 | 000,421,888 | ---- | C] (Gabest) -- C:\Windows\System32\RealMediaSplitter.ax
[2010/02/14 18:30:44 | 000,208,896 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\VideoEdit.ocx
[2010/02/14 18:30:44 | 000,139,264 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomqtde.dll
[2010/02/14 18:30:37 | 000,000,000 | ---D | C] -- C:\Program Files\A-one Video Convertor
[2010/02/14 17:46:54 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Apple Computer
[2010/02/12 18:20:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\ABBYY
[2010/02/12 18:20:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\ABBYY
[2010/02/12 18:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[2010/02/12 18:06:07 | 000,000,000 | ---D | C] -- C:\temp
[2010/02/12 17:17:11 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Tracing
[2010/02/12 17:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/02/12 17:07:56 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010/02/12 17:07:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/02/12 17:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/02/12 17:04:29 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/02/12 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/02/12 17:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/02/12 17:01:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/02/12 17:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/02/12 17:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/02/12 16:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/02/10 19:59:36 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\foobar2000
[2010/02/10 19:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/02/10 07:36:31 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 07:36:31 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 07:36:15 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/10 07:36:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 07:36:10 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 07:36:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/08 21:07:24 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Opera
[2010/02/08 21:07:24 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Opera
[2010/02/08 21:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010/02/07 20:32:06 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\CyberLink
[2010/02/07 20:31:53 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/02/07 20:31:52 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/02/07 20:31:52 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/02/07 20:31:51 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/02/07 20:31:50 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/02/07 20:31:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CSY
[2010/02/07 15:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/02/07 15:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/02/07 15:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/02/07 15:52:52 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Apple
[2010/02/07 15:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/02/07 15:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/02/05 19:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/02/05 19:05:37 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Downloaded Installations
[2010/02/05 19:05:20 | 000,016,896 | ---- | C] (Danish Wireless Design A/S) -- C:\Windows\System32\drivers\FlashUsb.sys
[2010/02/05 19:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\infineon
[2010/02/05 19:04:04 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010/02/05 19:04:04 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010/02/05 19:04:04 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010/02/05 19:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010/02/05 19:02:08 | 000,000,000 | ---D | C] -- C:\KP500
[2010/02/05 19:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010/02/04 20:53:32 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\DivX
[2010/02/04 16:53:05 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\Downloads
[2010/02/04 16:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/02/04 16:45:16 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Google
[2010/02/04 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/02/04 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/02/04 16:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

========== Files - Modified Within 30 Days ==========

[2010/03/04 14:31:08 | 003,145,728 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT
[2010/03/04 14:23:23 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/03/04 14:22:45 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/03/04 14:22:44 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/04 14:22:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/04 14:22:27 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/04 14:22:19 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/04 14:22:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/04 14:22:12 | 1877,381,120 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/04 12:28:13 | 000,524,288 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/03/04 12:28:13 | 000,065,536 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/03/03 22:06:01 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/03 21:54:12 | 000,006,580 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/03/03 21:54:10 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\55A6E63418.sys
[2010/03/03 15:51:09 | 003,203,481 | -H-- | M] () -- C:\Users\Esperian\AppData\Local\IconCache.db
[2010/03/02 21:11:12 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2010/03/01 21:46:35 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 21:44:02 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Esperian\Desktop\mbam-setup.exe
[2010/03/01 18:43:38 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/03/01 18:15:19 | 000,672,508 | ---- | M] () -- C:\Users\Esperian\Desktop\scan0001.jpg
[2010/02/28 19:47:48 | 000,012,611 | ---- | M] () -- C:\Users\Esperian\Desktop\list.docx
[2010/02/27 19:37:22 | 000,009,728 | ---- | M] () -- C:\Users\Esperian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/27 19:02:15 | 003,388,021 | ---- | M] () -- C:\Users\Esperian\Desktop\Hymna slovenskej hokejovej reprezentacie - My na to mame.mp3
[2010/02/27 17:18:26 | 739,159,736 | ---- | M] () -- C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi
[2010/02/26 19:58:24 | 003,873,931 | R--- | M] () -- C:\Users\Esperian\Desktop\ComboFix.exe
[2010/02/26 17:40:39 | 413,157,407 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/26 16:52:15 | 000,044,567 | ---- | M] (jpshortstuff) -- C:\Users\Esperian\Desktop\Kenco.exe
[2010/02/26 16:50:12 | 000,070,858 | ---- | M] (jpshortstuff) -- C:\Users\Esperian\Desktop\GooredFix.exe
[2010/02/24 13:44:55 | 000,069,968 | ---- | M] () -- C:\Users\Esperian\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/24 13:42:56 | 000,302,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/23 07:40:19 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/23 07:40:19 | 000,590,348 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010/02/23 07:40:19 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/23 07:40:19 | 000,114,900 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010/02/23 07:40:19 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/22 21:06:19 | 000,389,120 | R--- | M] () -- C:\Users\Esperian\Desktop\Programovací jazyk_Uč_TEXT.doc
[2010/02/21 15:59:49 | 000,000,364 | ---- | M] () -- C:\Users\Esperian\Desktop\rytmus_20-_20musis_20mat_20nadej_20_28feat._20tina_29_20upld.mp3
[2010/02/21 14:27:21 | 000,015,120 | ---- | M] () -- C:\Users\Esperian\Desktop\psychologia.docx
[2010/02/21 11:47:27 | 000,026,183 | ---- | M] () -- C:\Users\Esperian\Documents\Manažment 2.docx
[2010/02/21 11:47:27 | 000,000,800 | ---- | M] () -- C:\Users\Esperian\Desktop\Manažment 2.lnk
[2010/02/21 02:27:26 | 000,000,788 | ---- | M] () -- C:\Users\Esperian\Desktop\SopCast.lnk
[2010/02/21 00:41:56 | 000,014,756 | ---- | M] () -- C:\Users\Esperian\Documents\Psychológia a.docx
[2010/02/20 15:02:05 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini
[2010/02/19 15:27:34 | 000,096,848 | ---- | M] () -- C:\Users\Esperian\Desktop\oco.pdf
[2010/02/18 11:14:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForEsperian.job
[2010/02/18 09:40:12 | 000,000,270 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/02/17 16:37:13 | 000,265,717 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[02].jpg
[2010/02/17 16:36:56 | 000,268,252 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36.jpg
[2010/02/17 16:36:39 | 000,236,419 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.19.jpg
[2010/02/17 16:36:24 | 000,219,058 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[03].jpg
[2010/02/17 16:36:06 | 000,263,370 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[01].jpg
[2010/02/17 16:35:51 | 000,242,842 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.20.jpg
[2010/02/16 20:38:46 | 000,000,072 | ---- | M] () -- C:\Windows\CmdPrint.INI
[2010/02/16 18:48:49 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/02/15 17:43:53 | 000,011,776 | ---- | M] () -- C:\Users\Esperian\Documents\Vážená redakcia prosím Vás o.docx
[2010/02/15 14:01:31 | 000,198,262 | ---- | M] () -- C:\Users\Esperian\Desktop\cc_20100215_140104.reg
[2010/02/14 18:31:30 | 000,000,837 | ---- | M] () -- C:\Users\Esperian\Desktop\A-one Video Convertor.lnk
[2010/02/14 16:06:52 | 000,014,968 | ---- | M] () -- C:\Users\Esperian\Desktop\Manzment 2.docx
[2010/02/12 17:03:14 | 000,000,762 | ---- | M] () -- C:\Users\Esperian\Documents\Sdílené složky.lnk
[2010/02/10 20:08:03 | 032,152,927 | ---- | M] () -- C:\Users\Esperian\Desktop\04_-_Ne-Yo_-_Mad.flac
[2010/02/10 19:59:08 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/02/09 20:56:55 | 000,013,260 | ---- | M] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE.docx
[2010/02/09 19:30:26 | 000,011,343 | ---- | M] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE zuzka.docx
[2010/02/09 12:26:36 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/07 22:02:07 | 000,011,032 | ---- | M] () -- C:\Users\Esperian\Documents\Jubileum.docx
[2010/02/07 20:31:54 | 003,063,561 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/02/07 20:31:53 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/02/07 20:31:52 | 002,864,396 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/02/07 20:31:51 | 002,331,174 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/02/07 20:31:50 | 002,231,606 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/02/06 00:20:52 | 000,010,936 | ---- | M] () -- C:\Users\Esperian\Documents\Dohoda o vysporiadaní.docx
[2010/02/05 19:01:28 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini

========== Files Created - No Company Name ==========

[2010/03/02 21:12:39 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\55A6E63418.sys
[2010/03/02 21:11:12 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2010/03/01 21:46:35 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 18:16:08 | 000,672,508 | ---- | C] () -- C:\Users\Esperian\Desktop\scan0001.jpg
[2010/02/28 19:47:47 | 000,012,611 | ---- | C] () -- C:\Users\Esperian\Desktop\list.docx
[2010/02/27 19:02:04 | 003,388,021 | ---- | C] () -- C:\Users\Esperian\Desktop\Hymna slovenskej hokejovej reprezentacie - My na to mame.mp3
[2010/02/26 20:01:29 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/02/26 20:01:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/02/26 20:01:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/02/26 20:01:29 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/02/26 20:01:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/02/26 19:57:50 | 003,873,931 | R--- | C] () -- C:\Users\Esperian\Desktop\ComboFix.exe
[2010/02/26 17:40:39 | 413,157,407 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/02/22 21:06:20 | 000,389,120 | R--- | C] () -- C:\Users\Esperian\Desktop\Programovací jazyk_Uč_TEXT.doc
[2010/02/21 15:59:49 | 000,000,364 | ---- | C] () -- C:\Users\Esperian\Desktop\rytmus_20-_20musis_20mat_20nadej_20_28feat._20tina_29_20upld.mp3
[2010/02/21 14:27:20 | 000,015,120 | ---- | C] () -- C:\Users\Esperian\Desktop\psychologia.docx
[2010/02/21 11:47:27 | 000,000,800 | ---- | C] () -- C:\Users\Esperian\Desktop\Manažment 2.lnk
[2010/02/21 11:47:26 | 000,026,183 | ---- | C] () -- C:\Users\Esperian\Documents\Manažment 2.docx
[2010/02/21 02:27:26 | 000,000,788 | ---- | C] () -- C:\Users\Esperian\Desktop\SopCast.lnk
[2010/02/21 00:41:54 | 000,014,756 | ---- | C] () -- C:\Users\Esperian\Documents\Psychológia a.docx
[2010/02/19 15:27:34 | 000,096,848 | ---- | C] () -- C:\Users\Esperian\Desktop\oco.pdf
[2010/02/18 09:40:12 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/02/17 16:30:31 | 000,219,058 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[03].jpg
[2010/02/17 16:30:28 | 000,268,252 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36.jpg
[2010/02/17 16:30:28 | 000,265,717 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[02].jpg
[2010/02/17 16:30:28 | 000,263,370 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[01].jpg
[2010/02/17 16:30:28 | 000,242,842 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.20.jpg
[2010/02/17 16:30:28 | 000,236,419 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.19.jpg
[2010/02/16 20:38:44 | 000,000,072 | ---- | C] () -- C:\Windows\CmdPrint.INI
[2010/02/16 18:48:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/02/16 18:30:55 | 000,006,580 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/02/15 14:01:13 | 000,198,262 | ---- | C] () -- C:\Users\Esperian\Desktop\cc_20100215_140104.reg
[2010/02/14 22:27:06 | 000,011,776 | ---- | C] () -- C:\Users\Esperian\Documents\Vážená redakcia prosím Vás o.docx
[2010/02/14 18:31:30 | 000,000,837 | ---- | C] () -- C:\Users\Esperian\Desktop\A-one Video Convertor.lnk
[2010/02/14 18:30:52 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/02/14 16:06:50 | 000,014,968 | ---- | C] () -- C:\Users\Esperian\Desktop\Manzment 2.docx
[2010/02/12 17:03:14 | 000,000,762 | ---- | C] () -- C:\Users\Esperian\Documents\Sdílené složky.lnk
[2010/02/10 19:59:08 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/02/10 19:53:25 | 032,152,927 | ---- | C] () -- C:\Users\Esperian\Desktop\04_-_Ne-Yo_-_Mad.flac
[2010/02/09 19:29:44 | 000,011,343 | ---- | C] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE zuzka.docx
[2010/02/09 15:30:27 | 000,013,260 | ---- | C] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE.docx
[2010/02/09 12:26:36 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/07 22:02:06 | 000,011,032 | ---- | C] () -- C:\Users\Esperian\Documents\Jubileum.docx
[2010/02/07 16:14:49 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForEsperian.job
[2010/02/06 00:20:51 | 000,010,936 | ---- | C] () -- C:\Users\Esperian\Documents\Dohoda o vysporiadaní.docx
[2010/02/05 19:01:05 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010/02/05 19:01:05 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010/02/05 18:26:54 | 739,159,736 | ---- | C] () -- C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi
[2010/02/04 16:55:30 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/04 16:55:29 | 000,000,996 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 18:04:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/28 16:14:23 | 000,009,728 | ---- | C] () -- C:\Users\Esperian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/27 19:00:58 | 000,016,456 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010/01/27 19:00:55 | 000,011,088 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010/01/27 17:15:22 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/27 17:15:18 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/27 17:15:10 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/27 17:15:10 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/27 17:15:04 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010/01/27 17:15:03 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/01/27 15:48:50 | 000,002,400 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/01/26 20:52:18 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010/01/26 18:34:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\QSwitch.txt
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\DSwitch.txt
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\AtStart.txt
[2010/01/26 15:51:46 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/26 15:51:17 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi:TOC.WMV
< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#21 Příspěvek od motji »

:arrow: Tuto stránku znáte?
hxxp://sk.start3.mozilla.com/firefox?cl ... k:official

:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
@Alternate Data Stream - 64 bytes -> C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi:TOC.WMV
FF - prefs.js..browser.startup.homepage: "http://www.dymasearch.com/"
FF - prefs.js..keyword.URL: "http://www.dymasearch.com/search.php?src=tops&q="
FF - prefs.js..keyword.enabled: true
FF - prefs.js..browser.search.defaulturl: "http://www.dymasearch.com/search.php?src=tops&q="

:files
C:\Users\Esperian\Downloads\MediaPlayerCodecInstall.exe

:COMMANDS
[Reboot]
-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde :)


:arrow: tuto složku znáte?
C:\Users\Esperian\Desktop\zuz

:arrow: Máte zapnuté dva rezidentní štíty u antispy - jeden vypněte, mohli by se prát.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#22 Příspěvek od esperian26 »

1.myslite tuto stranku ??
http://sk.start3.mozilla.com/firefox?cl ... k:official
ano je to uvodna stranka ktoru mam nastavenu v mozile ... ak je potrebne mozem ju zmenit ..

2. tak fixol som to a log pridam v dalsom prispevku .

3. ano poznam tu zlozku ale uz je pre mna nepotrebna (nachadzaju sa v nej len nejake scanny ktore som robil)

4.uz som ho vypol
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#23 Příspěvek od esperian26 »

tak tu je ten log

OTL logfile created on: 4. 3. 2010 21:19:16 - Run 2
OTL by OldTimer - Version 3.1.33.0 Folder = c:\Users\Esperian\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 54,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 102,11 Gb Total Space | 59,63 Gb Free Space | 58,40% Space Free | Partition Type: NTFS
Drive D: | 40,04 Gb Total Space | 35,78 Gb Free Space | 89,38% Space Free | Partition Type: NTFS
Drive E: | 6,90 Gb Total Space | 1,41 Gb Free Space | 20,48% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ESPERIAN-PC
Current User Name: Esperian
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/03/04 14:26:21 | 000,552,960 | ---- | M] (OldTimer Tools) -- c:\Users\Esperian\Downloads\OTL.exe
PRC - [2010/01/29 01:28:00 | 002,366,312 | ---- | M] (Crawler.com) -- C:\Program Files\Crawler\CToolbar.exe
PRC - [2010/01/26 20:52:25 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2010/01/26 20:52:22 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2010/01/26 20:52:18 | 002,166,784 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
PRC - [2010/01/22 22:57:10 | 001,011,712 | ---- | M] (Ares Development Group) -- C:\Program Files\Ares\Ares.exe
PRC - [2010/01/16 04:19:22 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/09/13 18:52:50 | 001,048,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2009/07/02 17:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/25 15:15:26 | 000,361,808 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008/01/15 15:18:10 | 000,016,200 | R--- | M] () -- C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007/12/14 13:35:34 | 000,531,784 | R--- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2007/06/27 19:04:00 | 001,213,736 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/06/27 19:03:40 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\System32\PSIService.exe


========== Modules (SafeList) ==========

MOD - [2010/03/04 14:26:21 | 000,552,960 | ---- | M] (OldTimer Tools) -- c:\Users\Esperian\Downloads\OTL.exe
MOD - [2009/04/10 23:21:40 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/01/26 20:52:22 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009/09/25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/24 12:36:45 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2009/08/05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009/07/02 17:36:52 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/02/18 11:38:44 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/04/25 15:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - [2010/01/26 20:52:18 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2009/11/04 11:47:20 | 000,016,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\pwdrvio.sys -- (pwdrvio)
DRV - [2009/11/04 11:47:18 | 000,011,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\pwdspio.sys -- (pwdspio)
DRV - [2009/09/05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2009/08/21 02:08:00 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2009/08/21 02:08:00 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2009/08/21 02:08:00 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2009/08/05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009/07/23 21:01:00 | 009,791,072 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/06/18 18:48:04 | 000,142,832 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2009/06/18 18:48:04 | 000,042,480 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2008/10/03 03:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/05/03 13:39:00 | 000,042,528 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/24 23:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/04/21 20:59:04 | 000,062,976 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008/04/17 19:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/29 14:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/21 03:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/21 03:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/21 03:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/21 03:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/21 03:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/21 03:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/21 03:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/21 03:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/21 03:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/21 03:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008/01/21 03:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/21 03:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/21 03:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/21 03:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/21 03:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/21 03:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/21 03:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/21 03:32:48 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008/01/21 03:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/21 03:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/21 03:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/21 03:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/21 03:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/21 03:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/21 03:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/21 03:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/11/01 02:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/11/01 02:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007/11/01 02:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/18 00:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/11 09:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 16:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 08:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\BCMWL6.SYS -- (BCM43XV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {4BBDD651-70CF-4821-84F8-2B918CF89CA3}:6.3.2
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: ""


FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\firefox\ [2010/02/26 14:32:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/07 15:55:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/07 15:55:35 | 000,000,000 | ---D | M]

[2010/01/26 17:30:41 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Extensions
[2010/01/26 17:31:54 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\extensions
[2010/01/26 17:31:51 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/03/03 21:42:52 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions
[2010/01/26 17:46:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/08 20:46:51 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/01/26 17:46:08 | 000,000,000 | ---D | M] (FEBE) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3}
[2010/01/27 18:44:18 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/01/26 18:22:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/02/26 16:18:49 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/31 20:46:42 | 000,000,000 | ---D | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{d7ba87f4-c901-47b7-af80-18d75313aad1}
[2010/02/12 16:42:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/26 16:18:49 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\elemhidehelper@adblockplus.org
[2010/02/17 19:49:08 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\nitsansfbskins@nitsan.binnun.co.il
[2010/01/27 07:37:38 | 000,000,000 | ---D | M] -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.esp\extensions\sk@dictionaries.addons.mozilla.org
[2008/07/10 13:07:28 | 000,000,944 | ---- | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\searchplugins\icqplugin.xml
[2010/02/14 17:45:02 | 000,000,254 | ---- | M] () -- C:\Users\Esperian\AppData\Roaming\Mozilla\Firefox\Profiles\3as5qc0p.default\searchplugins\Search.xml
[2010/03/01 18:49:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/14 17:45:04 | 000,000,000 | ---D | M] (z) -- C:\Program Files\Mozilla Firefox\extensions\{1fb5773a-b865-de68-e5e5-6a85582f658b}
[2010/01/16 02:31:40 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2010/01/16 02:31:40 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2007/07/26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010/01/16 02:31:40 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2010/01/16 02:31:40 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2010/01/16 02:31:40 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2010/01/16 02:31:40 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2006/09/18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SpywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\ctbr.dll (Crawler.com)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Dots.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Dots.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/03/04 21:11:49 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/03/02 21:13:08 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\Moje prezentace Corel
[2010/03/02 21:13:07 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Corel
[2010/03/02 21:12:13 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Corel
[2010/03/02 21:12:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010/03/02 21:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Corel
[2010/03/01 21:46:39 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Malwarebytes
[2010/03/01 21:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/03/01 21:46:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/03/01 21:46:23 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/03/01 21:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/03/01 21:43:41 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Esperian\Desktop\mbam-setup.exe
[2010/03/01 18:49:13 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/03/01 18:49:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010/03/01 18:49:08 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\temp
[2010/03/01 18:29:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010/03/01 18:27:34 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/02/26 20:01:29 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/02/26 20:01:29 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/02/26 20:01:28 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/02/26 20:01:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/02/26 20:00:55 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/02/26 17:41:02 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/02/26 16:52:15 | 000,044,567 | ---- | C] (jpshortstuff) -- C:\Users\Esperian\Desktop\Kenco.exe
[2010/02/26 16:50:55 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Desktop\GooredFix Backups
[2010/02/26 16:50:12 | 000,070,858 | ---- | C] (jpshortstuff) -- C:\Users\Esperian\Desktop\GooredFix.exe
[2010/02/26 16:22:59 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/02/26 16:22:59 | 000,000,000 | ---D | C] -- C:\rsit
[2010/02/26 14:31:48 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010/02/24 11:36:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/02/24 11:36:17 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/02/24 11:36:16 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/02/24 11:36:14 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/02/24 11:36:13 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/02/24 11:36:13 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/02/24 11:36:13 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/02/24 11:36:12 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010/02/24 11:36:12 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/02/24 11:36:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/02/24 11:36:10 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010/02/24 11:36:08 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010/02/24 11:36:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010/02/21 02:27:24 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010/02/18 19:00:33 | 000,000,000 | ---D | C] -- C:\72c92e84267b60dea49239
[2010/02/17 17:30:30 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Desktop\zuz
[2010/02/16 18:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010/02/16 18:33:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\My PSP Files
[2010/02/16 18:29:23 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010/02/14 22:35:49 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Microsoft Games
[2010/02/14 18:31:28 | 000,626,688 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTImageFile.dll
[2010/02/14 18:31:22 | 000,312,320 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTVideoView.dll
[2010/02/14 18:31:19 | 000,188,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoFile.dll
[2010/02/14 18:31:15 | 000,249,856 | ---- | C] (Online Media Technologies Company Ltd.) -- C:\Windows\System32\NCTQuickTimeFile.dll
[2010/02/14 18:31:14 | 000,764,416 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTRMFile.dll
[2010/02/14 18:31:11 | 000,215,552 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMVFile.dll
[2010/02/14 18:31:03 | 000,495,104 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoCoreM.dll
[2010/02/14 18:30:56 | 000,382,464 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAVIFile.dll
[2010/02/14 18:30:55 | 000,780,288 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTVideoCompress.dll
[2010/02/14 18:30:55 | 000,090,112 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioFormatSettings3.dll
[2010/02/14 18:30:54 | 002,846,720 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioCompress3.dll
[2010/02/14 18:30:53 | 000,778,240 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioCompress2.dll
[2010/02/14 18:30:53 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp70.dll
[2010/02/14 18:30:53 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010/02/14 18:30:45 | 000,856,064 | ---- | C] (Essien Research & Development) -- C:\Windows\System32\mpgfiltr.ax
[2010/02/14 18:30:45 | 000,475,136 | ---- | C] (DMSoft Technologies) -- C:\Windows\System32\SkinCrafter.dll
[2010/02/14 18:30:45 | 000,147,456 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomqtenc.dll
[2010/02/14 18:30:45 | 000,081,920 | ---- | C] (Viscom Software) -- C:\Windows\System32\viscomwave.dll
[2010/02/14 18:30:45 | 000,000,000 | ---D | C] -- C:\Windows\System32\RMBin
[2010/02/14 18:30:44 | 000,421,888 | ---- | C] (Gabest) -- C:\Windows\System32\RealMediaSplitter.ax
[2010/02/14 18:30:44 | 000,208,896 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\VideoEdit.ocx
[2010/02/14 18:30:44 | 000,139,264 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\System32\viscomqtde.dll
[2010/02/14 18:30:37 | 000,000,000 | ---D | C] -- C:\Program Files\A-one Video Convertor
[2010/02/14 17:46:54 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Apple Computer
[2010/02/12 18:20:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\ABBYY
[2010/02/12 18:20:20 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\ABBYY
[2010/02/12 18:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
[2010/02/12 18:06:07 | 000,000,000 | ---D | C] -- C:\temp
[2010/02/12 17:17:11 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Tracing
[2010/02/12 17:08:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/02/12 17:07:56 | 000,054,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010/02/12 17:07:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/02/12 17:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/02/12 17:04:29 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/02/12 17:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010/02/12 17:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/02/12 17:01:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/02/12 17:01:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/02/12 17:01:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/02/12 16:51:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/02/10 19:59:36 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\foobar2000
[2010/02/10 19:58:59 | 000,000,000 | ---D | C] -- C:\Program Files\foobar2000
[2010/02/10 07:36:31 | 003,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/02/10 07:36:31 | 003,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/02/10 07:36:15 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/02/10 07:36:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/02/10 07:36:10 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2010/02/10 07:36:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/02/08 21:07:24 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\Opera
[2010/02/08 21:07:24 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Opera
[2010/02/08 21:04:00 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2010/02/07 20:32:06 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\CyberLink
[2010/02/07 20:31:53 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/02/07 20:31:52 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/02/07 20:31:52 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/02/07 20:31:51 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/02/07 20:31:50 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/02/07 20:31:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CSY
[2010/02/07 15:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/02/07 15:54:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/02/07 15:53:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/02/07 15:52:52 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Apple
[2010/02/07 15:52:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/02/07 15:52:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/02/05 19:05:42 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/02/05 19:05:37 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Downloaded Installations
[2010/02/05 19:05:20 | 000,016,896 | ---- | C] (Danish Wireless Design A/S) -- C:\Windows\System32\drivers\FlashUsb.sys
[2010/02/05 19:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\infineon
[2010/02/05 19:04:04 | 000,024,960 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbmodem.sys
[2010/02/05 19:04:04 | 000,020,864 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbdiag.sys
[2010/02/05 19:04:04 | 000,013,056 | ---- | C] (LG Electronics Inc.) -- C:\Windows\System32\drivers\lgusbbus.sys
[2010/02/05 19:03:59 | 000,000,000 | ---D | C] -- C:\Program Files\LG Electronics
[2010/02/05 19:02:08 | 000,000,000 | ---D | C] -- C:\KP500
[2010/02/05 19:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2010/02/04 20:53:32 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Roaming\DivX
[2010/02/04 16:53:05 | 000,000,000 | ---D | C] -- C:\Users\Esperian\Documents\Downloads
[2010/02/04 16:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010/02/04 16:45:16 | 000,000,000 | ---D | C] -- C:\Users\Esperian\AppData\Local\Google
[2010/02/04 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/02/04 16:45:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010/02/04 16:45:09 | 000,000,000 | ---D | C] -- C:\Program Files\DivX

========== Files - Modified Within 30 Days ==========

[2010/03/04 21:22:27 | 003,145,728 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT
[2010/03/04 21:13:59 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/03/04 21:13:58 | 000,032,156 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/03/04 21:13:30 | 000,000,996 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/04 21:13:15 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/04 21:13:15 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/04 21:13:10 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/04 21:13:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/04 21:13:01 | 1877,360,640 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/04 21:11:56 | 000,524,288 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/03/04 21:11:56 | 000,065,536 | -HS- | M] () -- C:\Users\Esperian\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/03/04 21:06:00 | 000,001,000 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/04 18:30:33 | 002,039,512 | ---- | M] () -- C:\Users\Esperian\Desktop\video.flv
[2010/03/04 17:39:50 | 003,204,891 | -H-- | M] () -- C:\Users\Esperian\AppData\Local\IconCache.db
[2010/03/04 17:07:10 | 000,006,580 | -HS- | M] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/03/04 17:07:09 | 000,000,088 | RHS- | M] () -- C:\Windows\System32\55A6E63418.sys
[2010/03/04 16:26:38 | 000,010,725 | ---- | M] () -- C:\Users\Esperian\Desktop\Dedicnost hemofilie.docx
[2010/03/02 21:11:12 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2010/03/01 21:46:35 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 21:44:02 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Esperian\Desktop\mbam-setup.exe
[2010/03/01 18:43:38 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010/03/01 18:15:19 | 000,672,508 | ---- | M] () -- C:\Users\Esperian\Desktop\scan0001.jpg
[2010/02/28 19:47:48 | 000,012,611 | ---- | M] () -- C:\Users\Esperian\Desktop\list.docx
[2010/02/27 19:37:22 | 000,009,728 | ---- | M] () -- C:\Users\Esperian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/27 19:02:15 | 003,388,021 | ---- | M] () -- C:\Users\Esperian\Desktop\Hymna slovenskej hokejovej reprezentacie - My na to mame.mp3
[2010/02/27 17:18:26 | 739,159,736 | ---- | M] () -- C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi
[2010/02/26 19:58:24 | 003,873,931 | R--- | M] () -- C:\Users\Esperian\Desktop\ComboFix.exe
[2010/02/26 17:40:39 | 413,157,407 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/02/26 16:52:15 | 000,044,567 | ---- | M] (jpshortstuff) -- C:\Users\Esperian\Desktop\Kenco.exe
[2010/02/26 16:50:12 | 000,070,858 | ---- | M] (jpshortstuff) -- C:\Users\Esperian\Desktop\GooredFix.exe
[2010/02/24 13:44:55 | 000,069,968 | ---- | M] () -- C:\Users\Esperian\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/24 13:42:56 | 000,302,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/02/23 07:40:19 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/23 07:40:19 | 000,590,348 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010/02/23 07:40:19 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/23 07:40:19 | 000,114,900 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010/02/23 07:40:19 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/22 21:06:19 | 000,389,120 | R--- | M] () -- C:\Users\Esperian\Desktop\Programovací jazyk_Uč_TEXT.doc
[2010/02/21 15:59:49 | 000,000,364 | ---- | M] () -- C:\Users\Esperian\Desktop\rytmus_20-_20musis_20mat_20nadej_20_28feat._20tina_29_20upld.mp3
[2010/02/21 14:27:21 | 000,015,120 | ---- | M] () -- C:\Users\Esperian\Desktop\psychologia.docx
[2010/02/21 11:47:27 | 000,026,183 | ---- | M] () -- C:\Users\Esperian\Documents\Manažment 2.docx
[2010/02/21 11:47:27 | 000,000,800 | ---- | M] () -- C:\Users\Esperian\Desktop\Manažment 2.lnk
[2010/02/21 02:27:26 | 000,000,788 | ---- | M] () -- C:\Users\Esperian\Desktop\SopCast.lnk
[2010/02/21 00:41:56 | 000,014,756 | ---- | M] () -- C:\Users\Esperian\Documents\Psychológia a.docx
[2010/02/20 15:02:05 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini
[2010/02/19 15:27:34 | 000,096,848 | ---- | M] () -- C:\Users\Esperian\Desktop\oco.pdf
[2010/02/18 11:14:05 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForEsperian.job
[2010/02/18 09:40:12 | 000,000,270 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/02/17 16:37:13 | 000,265,717 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[02].jpg
[2010/02/17 16:36:56 | 000,268,252 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36.jpg
[2010/02/17 16:36:39 | 000,236,419 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.19.jpg
[2010/02/17 16:36:24 | 000,219,058 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[03].jpg
[2010/02/17 16:36:06 | 000,263,370 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.36_[01].jpg
[2010/02/17 16:35:51 | 000,242,842 | ---- | M] () -- C:\Users\Esperian\Desktop\P170210_12.20.jpg
[2010/02/16 20:38:46 | 000,000,072 | ---- | M] () -- C:\Windows\CmdPrint.INI
[2010/02/16 18:48:49 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/02/15 17:43:53 | 000,011,776 | ---- | M] () -- C:\Users\Esperian\Documents\Vážená redakcia prosím Vás o.docx
[2010/02/15 14:01:31 | 000,198,262 | ---- | M] () -- C:\Users\Esperian\Desktop\cc_20100215_140104.reg
[2010/02/14 18:31:30 | 000,000,837 | ---- | M] () -- C:\Users\Esperian\Desktop\A-one Video Convertor.lnk
[2010/02/14 16:06:52 | 000,014,968 | ---- | M] () -- C:\Users\Esperian\Desktop\Manzment 2.docx
[2010/02/12 17:03:14 | 000,000,762 | ---- | M] () -- C:\Users\Esperian\Documents\Sdílené složky.lnk
[2010/02/10 20:08:03 | 032,152,927 | ---- | M] () -- C:\Users\Esperian\Desktop\04_-_Ne-Yo_-_Mad.flac
[2010/02/10 19:59:08 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/02/09 20:56:55 | 000,013,260 | ---- | M] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE.docx
[2010/02/09 19:30:26 | 000,011,343 | ---- | M] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE zuzka.docx
[2010/02/09 12:26:36 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/07 22:02:07 | 000,011,032 | ---- | M] () -- C:\Users\Esperian\Documents\Jubileum.docx
[2010/02/07 20:31:54 | 003,063,561 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MobileTV.exe
[2010/02/07 20:31:53 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2010/02/07 20:31:52 | 002,864,396 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\MPV.exe
[2010/02/07 20:31:51 | 002,331,174 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Karaoke.exe
[2010/02/07 20:31:50 | 002,231,606 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\Games.exe
[2010/02/06 00:20:52 | 000,010,936 | ---- | M] () -- C:\Users\Esperian\Documents\Dohoda o vysporiadaní.docx
[2010/02/05 19:01:28 | 000,002,412 | ---- | M] () -- C:\Windows\System32\lgAxconfig.ini

========== Files Created - No Company Name ==========

[2010/03/04 18:30:22 | 002,039,512 | ---- | C] () -- C:\Users\Esperian\Desktop\video.flv
[2010/03/04 16:26:36 | 000,010,725 | ---- | C] () -- C:\Users\Esperian\Desktop\Dedicnost hemofilie.docx
[2010/03/02 21:12:39 | 000,000,088 | RHS- | C] () -- C:\Windows\System32\55A6E63418.sys
[2010/03/02 21:11:12 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro Photo X2.lnk
[2010/03/01 21:46:35 | 000,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/01 18:16:08 | 000,672,508 | ---- | C] () -- C:\Users\Esperian\Desktop\scan0001.jpg
[2010/02/28 19:47:47 | 000,012,611 | ---- | C] () -- C:\Users\Esperian\Desktop\list.docx
[2010/02/27 19:02:04 | 003,388,021 | ---- | C] () -- C:\Users\Esperian\Desktop\Hymna slovenskej hokejovej reprezentacie - My na to mame.mp3
[2010/02/26 20:01:29 | 000,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/02/26 20:01:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/02/26 20:01:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/02/26 20:01:29 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/02/26 20:01:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/02/26 19:57:50 | 003,873,931 | R--- | C] () -- C:\Users\Esperian\Desktop\ComboFix.exe
[2010/02/26 17:40:39 | 413,157,407 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/02/22 21:06:20 | 000,389,120 | R--- | C] () -- C:\Users\Esperian\Desktop\Programovací jazyk_Uč_TEXT.doc
[2010/02/21 15:59:49 | 000,000,364 | ---- | C] () -- C:\Users\Esperian\Desktop\rytmus_20-_20musis_20mat_20nadej_20_28feat._20tina_29_20upld.mp3
[2010/02/21 14:27:20 | 000,015,120 | ---- | C] () -- C:\Users\Esperian\Desktop\psychologia.docx
[2010/02/21 11:47:27 | 000,000,800 | ---- | C] () -- C:\Users\Esperian\Desktop\Manažment 2.lnk
[2010/02/21 11:47:26 | 000,026,183 | ---- | C] () -- C:\Users\Esperian\Documents\Manažment 2.docx
[2010/02/21 02:27:26 | 000,000,788 | ---- | C] () -- C:\Users\Esperian\Desktop\SopCast.lnk
[2010/02/21 00:41:54 | 000,014,756 | ---- | C] () -- C:\Users\Esperian\Documents\Psychológia a.docx
[2010/02/19 15:27:34 | 000,096,848 | ---- | C] () -- C:\Users\Esperian\Desktop\oco.pdf
[2010/02/18 09:40:12 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/02/17 16:30:31 | 000,219,058 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[03].jpg
[2010/02/17 16:30:28 | 000,268,252 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36.jpg
[2010/02/17 16:30:28 | 000,265,717 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[02].jpg
[2010/02/17 16:30:28 | 000,263,370 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.36_[01].jpg
[2010/02/17 16:30:28 | 000,242,842 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.20.jpg
[2010/02/17 16:30:28 | 000,236,419 | ---- | C] () -- C:\Users\Esperian\Desktop\P170210_12.19.jpg
[2010/02/16 20:38:44 | 000,000,072 | ---- | C] () -- C:\Windows\CmdPrint.INI
[2010/02/16 18:48:47 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/02/16 18:30:55 | 000,006,580 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2010/02/15 14:01:13 | 000,198,262 | ---- | C] () -- C:\Users\Esperian\Desktop\cc_20100215_140104.reg
[2010/02/14 22:27:06 | 000,011,776 | ---- | C] () -- C:\Users\Esperian\Documents\Vážená redakcia prosím Vás o.docx
[2010/02/14 18:31:30 | 000,000,837 | ---- | C] () -- C:\Users\Esperian\Desktop\A-one Video Convertor.lnk
[2010/02/14 18:30:52 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010/02/14 16:06:50 | 000,014,968 | ---- | C] () -- C:\Users\Esperian\Desktop\Manzment 2.docx
[2010/02/12 17:03:14 | 000,000,762 | ---- | C] () -- C:\Users\Esperian\Documents\Sdílené složky.lnk
[2010/02/10 19:59:08 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\foobar2000.lnk
[2010/02/10 19:53:25 | 032,152,927 | ---- | C] () -- C:\Users\Esperian\Desktop\04_-_Ne-Yo_-_Mad.flac
[2010/02/09 19:29:44 | 000,011,343 | ---- | C] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE zuzka.docx
[2010/02/09 15:30:27 | 000,013,260 | ---- | C] () -- C:\Users\Esperian\Desktop\CURRICULUM VITAE.docx
[2010/02/09 12:26:36 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010/02/07 22:02:06 | 000,011,032 | ---- | C] () -- C:\Users\Esperian\Documents\Jubileum.docx
[2010/02/07 16:14:49 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForEsperian.job
[2010/02/06 00:20:51 | 000,010,936 | ---- | C] () -- C:\Users\Esperian\Documents\Dohoda o vysporiadaní.docx
[2010/02/05 19:01:05 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2010/02/05 19:01:05 | 000,002,412 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2010/02/05 18:26:54 | 739,159,736 | ---- | C] () -- C:\Users\Esperian\Desktop\peklo-s-princeznou-2009.avi
[2010/02/04 16:55:30 | 000,001,000 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/04 16:55:29 | 000,000,996 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/28 18:04:29 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/01/28 16:14:23 | 000,009,728 | ---- | C] () -- C:\Users\Esperian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/27 19:00:58 | 000,016,456 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2010/01/27 19:00:55 | 000,011,088 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2010/01/27 17:15:22 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/01/27 17:15:18 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/01/27 17:15:10 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/01/27 17:15:10 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/01/27 17:15:04 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2010/01/27 17:15:03 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/01/27 15:48:50 | 000,002,400 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/01/26 20:52:18 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2010/01/26 18:34:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\QSwitch.txt
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\DSwitch.txt
[2010/01/26 17:15:34 | 000,000,000 | ---- | C] () -- C:\Users\Esperian\AppData\Local\AtStart.txt
[2010/01/26 15:51:46 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/26 15:51:17 | 000,032,156 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2006/11/02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 10:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
< End of report >


Ale neviem preco len jeden ked predtym vyhodilo 2
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#24 Příspěvek od motji »

Protože tohle nebyl sken, ale něco jsme mazali :)
Jak to ted vypadá s počítačem? Skáčou Vám stále ty reklamy?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#25 Příspěvek od esperian26 »

Aha ... :D

No tak zatial je vsetko OK ... uviidm ako to bude dalej ...

Dakujem velmi pekne
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#26 Příspěvek od motji »

:arrow: Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


:arrow: Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázekzáložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázekzáložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy :arrow: ok :arrow: zavřít

Obrázek Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



:arrow: Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

:arrow: Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#27 Příspěvek od esperian26 »

Spravil som vsetko ako ste hovorili a ten ccleaner pouzivam casto , no a PC sa zatial sprava normalne , ziadne reklami ani nic podobne ... dakujem velmi pekne .. a tu je este ten log


Logfile of random's system information tool 1.06 (written by random/random)
Run by Esperian at 2010-03-05 12:08:51
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 61 GB (59%) free of 105 GB
Total RAM: 1790 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:09:09, on 5. 3. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Esperian\Downloads\RSIT.exe
C:\Program Files\trend micro\Esperian.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Corel File Shell Monitor] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Služba Google Update (gupdate1caa5b117bd44c5) (gupdate1caa5b117bd44c5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7449 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\HPCeeScheduleForEsperian.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-01-29 1230184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2010-01-29 1230184]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-26 2166784]
"B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2009-06-15 182208]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
"Corel File Shell Monitor"=C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2008-01-15 16200]
"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2007-12-14 531784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ares"=C:\Program Files\Ares\Ares.exe [2010-01-22 1011712]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-26 3037696]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe [2010-01-22 1011712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15 70912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-01-12 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-02-26 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-03-14 202032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
C:\Program Files\HP\QuickPlay\QPService.exe [2008-04-01 468264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-26 3037696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe [2008-02-22 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-12-24 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-02 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Esperian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
C:\PROGRA~1\Stardock\OBJECT~1\OBJECT~1.EXE [2007-04-30 3450608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-03-05 12:08:51 ----D---- C:\rsit
2010-03-02 21:12:13 ----D---- C:\Users\Esperian\AppData\Roaming\Corel
2010-03-02 21:12:06 ----D---- C:\ProgramData\Corel
2010-03-02 21:09:57 ----D---- C:\Program Files\Common Files\Corel
2010-03-01 21:46:39 ----D---- C:\Users\Esperian\AppData\Roaming\Malwarebytes
2010-03-01 21:46:25 ----D---- C:\ProgramData\Malwarebytes
2010-03-01 21:46:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-01 18:49:13 ----SHD---- C:\$RECYCLE.BIN
2010-03-01 18:49:08 ----D---- C:\Windows\temp
2010-02-26 20:01:20 ----D---- C:\Windows\ERDNT
2010-02-26 17:41:02 ----D---- C:\Windows\Minidump
2010-02-26 16:22:59 ----D---- C:\Program Files\trend micro
2010-02-26 14:31:48 ----D---- C:\Program Files\Crawler
2010-02-24 11:36:48 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 11:36:17 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 11:36:16 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 11:36:14 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 11:36:13 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 11:36:13 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 11:36:13 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 11:36:12 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 11:36:12 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 11:36:12 ----A---- C:\Windows\system32\msdrm.dll
2010-02-24 11:36:10 ----A---- C:\Windows\system32\gameux.dll
2010-02-24 11:36:08 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-02-24 11:36:08 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-21 02:27:24 ----D---- C:\Program Files\SopCast
2010-02-18 19:00:33 ----D---- C:\72c92e84267b60dea49239
2010-02-16 20:38:44 ----A---- C:\Windows\CmdPrint.INI
2010-02-16 18:48:47 ----A---- C:\Windows\NeroDigital.ini
2010-02-16 18:34:58 ----D---- C:\ProgramData\InstallShield
2010-02-16 18:29:23 ----D---- C:\Program Files\Corel
2010-02-14 18:31:28 ----A---- C:\Windows\system32\NCTImageFile.dll
2010-02-14 18:31:22 ----A---- C:\Windows\system32\NCTVideoView.dll
2010-02-14 18:31:19 ----A---- C:\Windows\system32\NCTVideoFile.dll
2010-02-14 18:31:15 ----A---- C:\Windows\system32\NCTQuickTimeFile.dll
2010-02-14 18:31:14 ----A---- C:\Windows\system32\NCTRMFile.dll
2010-02-14 18:31:11 ----A---- C:\Windows\system32\NCTWMVFile.dll
2010-02-14 18:31:03 ----A---- C:\Windows\system32\NCTVideoCoreM.dll
2010-02-14 18:30:56 ----A---- C:\Windows\system32\NCTAVIFile.dll
2010-02-14 18:30:55 ----A---- C:\Windows\system32\NCTVideoCompress.dll
2010-02-14 18:30:55 ----A---- C:\Windows\system32\NCTAudioFormatSettings3.dll
2010-02-14 18:30:54 ----A---- C:\Windows\system32\NCTAudioCompress3.dll
2010-02-14 18:30:53 ----A---- C:\Windows\system32\NCTAudioCompress2.dll
2010-02-14 18:30:53 ----A---- C:\Windows\system32\msvcr70.dll
2010-02-14 18:30:53 ----A---- C:\Windows\system32\msvcp70.dll
2010-02-14 18:30:52 ----A---- C:\Windows\system32\lame_enc.dll
2010-02-14 18:30:45 ----D---- C:\Windows\system32\RMBin
2010-02-14 18:30:45 ----A---- C:\Windows\system32\viscomwave.dll
2010-02-14 18:30:45 ----A---- C:\Windows\system32\viscomqtenc.dll
2010-02-14 18:30:45 ----A---- C:\Windows\system32\SkinCrafter.dll
2010-02-14 18:30:44 ----A---- C:\Windows\system32\viscomqtde.dll
2010-02-14 18:30:37 ----D---- C:\Program Files\A-one Video Convertor
2010-02-12 18:20:20 ----D---- C:\Users\Esperian\AppData\Roaming\ABBYY
2010-02-12 18:16:50 ----D---- C:\Program Files\ABBYY FineReader 8.0 Professional Edition
2010-02-12 18:06:07 ----D---- C:\temp
2010-02-12 17:08:31 ----D---- C:\Program Files\Microsoft Silverlight
2010-02-12 17:07:56 ----DC---- C:\Windows\system32\DRVSTORE
2010-02-12 17:06:30 ----D---- C:\Program Files\Microsoft Sync Framework
2010-02-12 17:04:29 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-02-12 17:04:12 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-02-12 17:02:08 ----D---- C:\Program Files\Microsoft
2010-02-12 17:01:37 ----D---- C:\Program Files\Windows Live SkyDrive
2010-02-12 17:01:23 ----D---- C:\Program Files\Windows Live
2010-02-12 16:51:10 ----D---- C:\Program Files\Common Files\Windows Live
2010-02-10 19:59:36 ----D---- C:\Users\Esperian\AppData\Roaming\foobar2000
2010-02-10 19:58:59 ----D---- C:\Program Files\foobar2000
2010-02-10 07:36:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 07:36:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 07:36:15 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 07:36:13 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 07:36:13 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 07:36:13 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 07:36:13 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 07:36:12 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 07:36:11 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 07:36:10 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 07:36:10 ----A---- C:\Windows\system32\avifil32.dll
2010-02-08 21:07:24 ----D---- C:\Users\Esperian\AppData\Roaming\Opera
2010-02-08 21:04:00 ----D---- C:\Program Files\Opera
2010-02-07 20:32:06 ----D---- C:\Users\Esperian\AppData\Roaming\CyberLink
2010-02-07 15:54:16 ----D---- C:\ProgramData\Apple Computer
2010-02-07 15:54:16 ----D---- C:\Program Files\QuickTime
2010-02-07 15:53:08 ----D---- C:\Program Files\Common Files\Apple
2010-02-07 15:52:48 ----D---- C:\Program Files\Apple Software Update
2010-02-07 15:52:47 ----D---- C:\ProgramData\Apple

======List of files/folders modified in the last 1 months======

2010-03-05 11:46:31 ----D---- C:\WINDOWS
2010-03-05 11:44:25 ----D---- C:\Windows\system32\drivers
2010-03-04 20:34:18 ----D---- C:\Windows\Prefetch
2010-03-04 18:27:57 ----SHD---- C:\System Volume Information
2010-03-04 15:57:03 ----D---- C:\ProgramData\Spyware Terminator
2010-03-03 22:08:22 ----D---- C:\Users\Esperian\AppData\Roaming\Spyware Terminator
2010-03-02 21:12:39 ----D---- C:\Windows\System32
2010-03-02 21:12:16 ----SHD---- C:\Windows\Installer
2010-03-02 21:12:07 ----D---- C:\Config.Msi
2010-03-02 21:12:06 ----D---- C:\ProgramData
2010-03-02 21:09:57 ----D---- C:\Program Files\Common Files
2010-03-01 21:46:22 ----RD---- C:\Program Files
2010-03-01 18:43:38 ----A---- C:\Windows\system.ini
2010-03-01 18:36:55 ----D---- C:\Windows\AppPatch
2010-03-01 18:16:12 ----D---- C:\Users\Esperian\AppData\Roaming\Image Zone Express
2010-03-01 18:09:04 ----D---- C:\Windows\system32\WDI
2010-02-26 16:21:00 ----D---- C:\Windows\system32\catroot2
2010-02-25 16:57:37 ----D---- C:\Windows\system32\Tasks
2010-02-24 17:11:43 ----D---- C:\Windows\rescache
2010-02-24 11:57:07 ----RSD---- C:\Windows\Fonts
2010-02-24 11:57:07 ----D---- C:\Windows\system32\cs-CZ
2010-02-24 11:43:10 ----D---- C:\Windows\winsxs
2010-02-24 11:41:59 ----D---- C:\Windows\system32\catroot
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-23 07:40:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-23 07:40:17 ----D---- C:\Windows\inf
2010-02-20 16:31:21 ----SD---- C:\Users\Esperian\AppData\Roaming\Microsoft
2010-02-20 15:02:05 ----A---- C:\Windows\win.ini
2010-02-18 10:22:49 ----D---- C:\Windows\Tasks
2010-02-18 09:40:12 ----HD---- C:\Windows\system32\GroupPolicy
2010-02-16 18:34:45 ----SD---- C:\Windows\Downloaded Program Files
2010-02-16 18:34:44 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-15 13:53:31 ----D---- C:\Windows\Debug
2010-02-14 12:18:05 ----D---- C:\Windows\system32\LogFiles
2010-02-12 21:12:28 ----D---- C:\Windows\Microsoft.NET
2010-02-12 21:11:26 ----RSD---- C:\Windows\assembly
2010-02-12 17:06:13 ----SD---- C:\ProgramData\Microsoft
2010-02-12 17:01:46 ----D---- C:\Program Files\Common Files\microsoft shared
2010-02-12 16:41:44 ----D---- C:\ProgramData\NVIDIA
2010-02-10 21:08:54 ----D---- C:\Program Files\Windows Mail
2010-02-10 16:39:24 ----D---- C:\ProgramData\Microsoft Help
2010-02-07 16:14:40 ----D---- C:\Users\Esperian\AppData\Roaming\Hewlett-Packard
2010-02-07 16:09:50 ----D---- C:\ProgramData\Hewlett-Packard
2010-02-07 15:55:35 ----D---- C:\Program Files\Internet Explorer
2010-02-07 08:53:04 ----D---- C:\Program Files\Spyware Terminator

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-01-26 142592]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-10-03 222208]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-04-21 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2009-11-04 16456]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2009-11-04 11088]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2009-08-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2009-08-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2009-08-21 24960]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-04-15 94208]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-02-26 73728]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 Recovery Service for Windows;Recovery Service for Windows; C:\Windows\SMINST\BLService.exe [2008-04-25 361808]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-26 488960]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate1caa5b117bd44c5;Služba Google Update (gupdate1caa5b117bd44c5); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 133104]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-01-25 148832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
Nahoru
esperian26
Návštěvník
Návštěvník
Příspěvky: 17
Registrován: 26 úno 2010 16:26

Re: mozila a vyskakujuce reklamy

#28 Příspěvek od esperian26 »

a tu je info

info.txt logfile of random's system information tool 1.06 2010-03-05 12:09:14

======Uninstall list======

-->C:\Program Files\Conexant\SmartAudio\SETUP.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81000000003}
Adobe Shockwave Player-->MsiExec.exe /X{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {9A8C39B0-D27F-4F81-BE74-2FECF164707E}
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {CE23B3DC-18CC-46FC-A309-81D6670F8D3D}
Aktualizácia Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}
AOL Toolbar 5.0-->"C:\Program Files\AOL\AOL Toolbar 5.0\uninstall.exe"
A-one Video Convertor 6.36-->"C:\Program Files\A-one Video Convertor\unins000.exe"
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ares 2.1.4-->"C:\Program Files\Ares\uninstall.exe"
Asistent pro přihlášení ke službě Windows Live-->MsiExec.exe /I{3E62B27C-342F-4B44-9331-CA4BC59A586F}
Atheros Driver Installation Program-->C:\Program Files\InstallShield Installation Information\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}\setup.exe -runfromtemp -l0x0005
Balíček ovladače systému Windows - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\flashusb.inf_c8396fa4\flashusb.inf
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco EAP-FAST Module-->MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module-->MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module-->MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IWAHerza.INF
Corel Paint Shop Pro Photo X2-->MsiExec.exe /X{64E72FB1-2343-4977-B4A8-262CD53D0BD3}
Crawler Toolbar with Web Security Guard-->C:\PROGRA~1\Crawler\CToolbar.exe uninst
CyberLink DVD Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
foobar2000 v1.0-->"C:\Program Files\foobar2000\uninstall.exe" _?=C:\Program Files\foobar2000
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\4.0.249.89\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_HERMOSA_HSF\UIU32m.exe -U -IHPQHERzm.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}\setup.exe" -l0x9 -removeonly
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.7-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}\setup.exe" -l0x9 -removeonly
HP Help and Support-->MsiExec.exe /X{8DF92D68-F8EE-4F9C-89A2-26254C1C4B6B}
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B-->C:\Program Files\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr01.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
HP Quick Launch Buttons 6.40 D3-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0005 uninst
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0110-->MsiExec.exe /I{B640E7CC-7091-4A24-AE76-2140065D2054}
HP Wireless Assistant-->MsiExec.exe /I{340F521E-3576-4E1A-B75C-EB0ACF751379}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
Infineon USB driver 1.0.0.6-->"C:\Program Files\infineon\FlashUtility\drivers\Infineon USB driver\V1.0.0.6\unins000.exe"
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Codec Pack 5.6.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LabelPrint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\setup.exe" -uninstall
LG USB Modem Driver-->"C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -runfromtemp -l0x001bLG -removeonly
LightScribe System Software 1.12.33.2-->MsiExec.exe /X{582287DA-0806-4AC0-BF19-C15E3A466034}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware-->MsiExec.exe /X{A0A77CDC-2419-4D5C-AD2C-E09E5926B806}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {F69A7281-8297-47E2-B583-36EAA37C89EE}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {8AF3A9EB-FBB9-449F-AC11-94CE39930037}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {573CA1BB-C8A3-46C4-993E-DB4043D9BFCD}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Standard 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall STANDARD /dll OSETUP.DLL
Microsoft Office Standard 2007-->MsiExec.exe /X{90120000-0012-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Essentials\setup.exe /x
Microsoft Security Essentials-->MsiExec.exe /I{48B3FB4D-CE22-488C-8E9F-24EBB77EAC0F}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}
Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nástroj pro odesílání služby Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Nero 7 Ultra Edition-->MsiExec.exe /X{91C0B95B-B83A-4828-A775-BBE2DD421051}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0005 -removeonly
NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
Opera 10.10-->MsiExec.exe /X{FB8148DD-C575-4B0A-9F6C-0CFC46937930}
Paint.NET v3.5-->MsiExec.exe /X{D3E7A2A5-A059-4A44-949B-21FBD371A8B8}
Power2Go-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\setup.exe" -uninstall
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickPlay SlingPlayer 0.4.6-->"C:\Program Files\HP\QuickPlay\unins000.exe"
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}
Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Skype web features-->MsiExec.exe /I{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}
Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SopCast 3.0.3-->C:\Program Files\SopCast\uninst.exe
Spyware Terminator-->"C:\Program Files\Spyware Terminator\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Outlook 2007 Junk Email Filter (kb977719)-->msiexec /package {90120000-0012-0000-0000-0000000FF1CE} /uninstall {C0C92202-5215-4EFA-B0B9-B3A0DEABCDF1}
USB Flash Port Driver-->MsiExec.exe /I{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Windows Live Communications Platform-->MsiExec.exe /I{ED00D08A-3C5F-488D-93A0-A04F21F23956}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}
Windows Live Fotogalerie-->MsiExec.exe /X{1D097338-B4FA-4F29-9C43-8D7A970A007E}
Windows Live Mail-->MsiExec.exe /I{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}
Windows Live Messenger-->MsiExec.exe /X{71E40B32-5173-4538-8996-5822DD18E8D4}
Windows Live Movie Maker-->MsiExec.exe /X{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}
Windows Live Sync-->MsiExec.exe /X{068B46A0-8858-4CEB-80BC-A4AE787A05FC}
Windows Live Toolbar-->MsiExec.exe /X{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}
Windows Live Writer-->MsiExec.exe /X{479A749B-1684-4881-8266-BF8DD22251E7}
Windows Live Zabezpečení rodiny-->MsiExec.exe /X{F86AD773-5BC0-499B-9F48-4E0D5FED759D}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

======Security center information======

AS: Windows Defender
AS: Spyware Terminator (disabled)

======System event log======

Computer Name: Esperian-PC
Event Code: 4386
Message: Služba Windows Servicing požádala o restartování za účelem dokončení procesu změny aktualizace 948610-13_neutral_LDR z balíčku KB948610(Update) do stavu Fázování(Staging).
Record Number: 12834
Source Name: Microsoft-Windows-Servicing
Time Written: 20100127134534.000000-000
Event Type: Informace
User: Esperian-PC\Esperian

Computer Name: Esperian-PC
Event Code: 4386
Message: Služba Windows Servicing požádala o restartování za účelem dokončení procesu změny aktualizace 948610-12_neutral_GDR z balíčku KB948610(Update) do stavu Fázování(Staging).
Record Number: 12833
Source Name: Microsoft-Windows-Servicing
Time Written: 20100127134534.000000-000
Event Type: Informace
User: Esperian-PC\Esperian

Computer Name: Esperian-PC
Event Code: 4386
Message: Služba Windows Servicing požádala o restartování za účelem dokončení procesu změny aktualizace 948610-11_neutral_LDR z balíčku KB948610(Update) do stavu Fázování(Staging).
Record Number: 12832
Source Name: Microsoft-Windows-Servicing
Time Written: 20100127134534.000000-000
Event Type: Informace
User: Esperian-PC\Esperian

Computer Name: Esperian-PC
Event Code: 4386
Message: Služba Windows Servicing požádala o restartování za účelem dokončení procesu změny aktualizace 948610-10_neutral_GDR z balíčku KB948610(Update) do stavu Fázování(Staging).
Record Number: 12831
Source Name: Microsoft-Windows-Servicing
Time Written: 20100127134534.000000-000
Event Type: Informace
User: Esperian-PC\Esperian

Computer Name: Esperian-PC
Event Code: 4386
Message: Služba Windows Servicing požádala o restartování za účelem dokončení procesu změny aktualizace 948610-9_neutral_LDR z balíčku KB948610(Update) do stavu Fázování(Staging).
Record Number: 12830
Source Name: Microsoft-Windows-Servicing
Time Written: 20100127134534.000000-000
Event Type: Informace
User: Esperian-PC\Esperian

=====Application event log=====

Computer Name: Esperian-PC
Event Code: 223
Message: WinMail (2344) WindowsMail0: Začíná zálohování souboru protokolu (rozsah C:\Users\Esperian\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Esperian\AppData\Local\Microsoft\Windows Mail\edb00001.log).
Record Number: 55
Source Name: ESENT
Time Written: 20100126161444.000000-000
Event Type: Informace
User:

Computer Name: Esperian-PC
Event Code: 221
Message: WinMail (2344) WindowsMail0: Končí zálohování souboru C:\Users\Esperian\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 54
Source Name: ESENT
Time Written: 20100126161444.000000-000
Event Type: Informace
User:

Computer Name: Esperian-PC
Event Code: 220
Message: WinMail (2344) WindowsMail0: Začíná zálohování souboru C:\Users\Esperian\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (velikost 2 Mb).
Record Number: 53
Source Name: ESENT
Time Written: 20100126161444.000000-000
Event Type: Informace
User:

Computer Name: Esperian-PC
Event Code: 210
Message: WinMail (2344) WindowsMail0: Probíhá spouštění úplného zálohování.
Record Number: 52
Source Name: ESENT
Time Written: 20100126161444.000000-000
Event Type: Informace
User:

Computer Name: Esperian-PC
Event Code: 102
Message: WinMail (2344) WindowsMail0: Databázový stroj (6.00.6001.0000) spustil novou instanci (0).
Record Number: 51
Source Name: ESENT
Time Written: 20100126161443.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Esperian-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-DGM90M24RU7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x214
Název procesu: C:\WINDOWS\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 113
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100126161454.922198-000
Event Type: Úspěch auditu
User:

Computer Name: Esperian-PC
Event Code: 4648
Message: Došlo k pokusu o přihlášení pomocí explicitního pověření.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: WIN-DGM90M24RU7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Účet, jehož pověření bylo použito:
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Cílový server:
Název cílového serveru: localhost
Další informace: localhost

Informace o procesu:
ID procesu: 0x214
Název procesu: C:\WINDOWS\System32\services.exe

Informace o síti:
Síťová adresa: -
Port: -

Tato událost je generována, pokud se proces pokusí přihlásit k účtu explicitním zadáním pověření tohoto účtu. K tomu nejčastěji dochází v dávkových konfiguracích, například naplánovaných úlohách, nebo při použití příkazu RUNAS.
Record Number: 112
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100126161454.922198-000
Event Type: Úspěch auditu
User:

Computer Name: Esperian-PC
Event Code: 4905
Message: Došlo k pokusu zrušit registraci zdroje události zabezpečení.

Předmět
ID zabezpečení: S-1-5-18
Název účtu: WIN-DGM90M24RU7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Proces:
ID procesu: 0xe94
Název procesu: C:\WINDOWS\System32\VSSVC.exe

Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x325e5b
Record Number: 111
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100126161231.926998-000
Event Type: Úspěch auditu
User:

Computer Name: Esperian-PC
Event Code: 4904
Message: Došlo k pokusu zaregistrovat zdroj události zabezpečení.

Předmět :
ID zabezpečení: S-1-5-18
Název účtu: WIN-DGM90M24RU7$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Proces:
ID procesu: 0xe94
Název procesu: C:\WINDOWS\System32\VSSVC.exe

Zdroj události:
Název zdroje: VSSAudit
ID zdroje události: 0x325e5b
Record Number: 110
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100126161231.926998-000
Event Type: Úspěch auditu
User:

Computer Name: Esperian-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-1272261070-1556258247-3665504125-1000
Název účtu: Esperian
Název domény: Esperian-PC
ID přihlášení: 0xb65c4
Record Number: 109
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100126161228.182998-000
Event Type: Úspěch auditu
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\CyberLink\Power2Go;C:\Program Files\Common Files\DivX Shared;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=17
"PROCESSOR_IDENTIFIER"=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=0301
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Presario
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: mozila a vyskakujuce reklamy

#29 Příspěvek od motji »

:arrow: Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.


Log vypadá v pořádku.
Kdyby byli problémy, ozvěte se :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“