VIRY.CZ

Zdravíčko,
před nějakou dobou se mi při psaní háčků a čárek se shiftem udělají dva háčky nebo čárky za sebou...tudíž není možné napsat např. aˇˇt, ´´oda atd. Podle podobného příspěvku tady na f´´oru jsem stáhl FRST a nechal oskenovat. Log z FRST postnu níže.
Druhý problém (horší ) je totálně zasekaný internet...někdy běží v klidu, jindy ho radši ani nezapínám, protože to čekání na načtení stránky je neuvěřitelné. Při měření rychlosti připojení k internetu mi download funguje dobře, ale upload a ping mi minutu od minuty vyhodí diametrálně odlišné výsledky (např. ping od 20ms do 15000ms). Log s RSIT postnu níže.
Můžete se mi prosím podívat na logy jestli tam nejsou nějaké potvůrky co tam být nemají? Děkuji.

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-07-2013
Ran by Giraffe (administrator) on 24-07-2013 15:49:30
Running from H:\Ftp files\Gir
Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe
(The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
() C:\Program Files\Trust Gaming Mouse\Mouse.exe
(Nero AG) C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(Pavel Chmelař) C:\Program Files\Wallpaper Changer\coolwpc.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
(Sunbelt Software, Inc.) C:\Program Files\Kerio\SbPFLnch.exe
() C:\Program Files\SiteAdvisor\6172\SAService.exe
(Sunbelt Software, Inc.) C:\Program Files\Kerio\SbPFSvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\NLClient.exe
(Sunbelt Software, Inc.) C:\Program Files\Kerio\SbPFCl.exe
(The Firebird Project) C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATICustomerCare] - C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [Acrobat Assistant 7.0] - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [HydraVisionDesktopManager] - C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [270336 2003-09-15] (ATI Technologies Inc.)
HKLM\...\Run: [Trust Gaming Mouse] - C:\Program Files\Trust Gaming Mouse\Mouse.exe [2245632 2011-01-17] ()
HKLM\...\Run: [RTHDCPL] - RTHDCPL.EXE [x]
HKLM\...\Run: [Alcmtr] - ALCMTR.EXE [x]
HKLM\...\Run: [ArcSoft Connection Service] - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x]
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2236080 2013-06-30] ()
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [X]
Winlogon\Notify\AtiExtEvent: Ati2evxx.dll (ATI Technologies Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKCU\...\Run: [CooLWPC3] - C:\Program Files\Wallpaper Changer\coolwpc.exe [1008128 2003-04-06] (Pavel Chmelař)
HKCU\...\Run: [MicroUpdate] - C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe [1613314 2013-04-17] ()
HKCU\...\Run: [DriverMax] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26] (Innovative Solutions)
HKCU\...\Run: [DriverMax_RESTART] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26] (Innovative Solutions)
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
HKU\Default User.WINDOWS\...\RunOnce: [tscuninstall] - %systemroot%\system32\tscupgrd.exe [ 2004-08-17] (Microsoft Corporation)
HKU\LocalService\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
HKU\Martin Polách\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [x]
HKU\Martin Polách\...\Run: [STYLEXP] - C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide [x]
HKU\Martin Polách\...\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [x]
HKU\Martin Polách\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
HKU\Martin Polách\...\Policies\system: [Wallpaper] 2‘|
HKU\NetworkService\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
BootExecute: autocheck autochk * OODBSsprestrt

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... rer:source?}
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={ ... orm=IE8SRC
SearchScopes: HKCU - {2218A386-DC5D-4678-98EB-111C7A530CCC} URL = http://flvdirect.iamwired.net/websearch ... earchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={1618 ... 2013-06-13 20:02:15&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT1750559
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKLM - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -&Adresa - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Společnost Microsoft)
Toolbar: HKCU -&Odkazy - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU -BS Player Toolbar - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
Toolbar: HKCU -Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {00000055-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... BC/fhg.CAB
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftup ... 8253050390
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftup ... 8253026906
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://active.macromedia.com/flash2/cabs/swflash.cab
Handler: ipp - No CLSID Value -
Handler: livecall - No CLSID Value -
Handler: msdaipp - No CLSID Value -
Handler: msnim - No CLSID Value -
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll ()
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4F45541D-8104-4422-88FF-E451CE369FE6}: [NameServer]85.207.76.5,85.207.86.5

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default
FF user.js: detected! => C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\user.js
FF Homepage: hxxp://seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Documents and Settings\Giraffe\Data aplikací\Facebook\npfbplugin_1_0_3.dll ( )
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Extension: (YouTube) - C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Sexy Girl II Chrome Theme - Arthur) - C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0
CHR Extension: (Gmail) - C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [200704 2006-08-11] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [913144 2012-03-07] (ESET)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [65536 2005-01-04] (The Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [1527893 2005-01-04] (The Firebird Project)
R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [217088 2007-03-11] (Hewlett-Packard Co.)
R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-11] (Hewlett-Packard Co.)
R2 InCDsrv; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [1440040 2007-08-04] (Nero AG)
R2 nlsvc; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [516096 2007-03-21] (Locktime Software)
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [225280 2005-05-11] (O&O Software GmbH)
S2 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH)
R2 SbPF.Launcher; C:\Program Files\Kerio\SbPFLnch.exe [95528 2008-10-31] (Sunbelt Software, Inc.)
R2 SiteAdvisor Service; C:\Program Files\SiteAdvisor\6172\SAService.exe [341280 2010-11-07] ()
R2 SPF4; C:\Program Files\Kerio\SbPFSvc.exe [1365288 2008-10-31] (Sunbelt Software, Inc.)
R2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-30] (AVG Secure Search)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" [x]
S2 StyleXPService;

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [48128 2008-04-14] (Microsoft Corporation)
S3 ActivHidSerMini; C:\Windows\System32\DRIVERS\activhidsermini.sys [54656 2007-11-09] (Promethean Technologies Ltd)
R1 AFS2K; C:\Windows\System32\Drivers\AFS2K.sys [82380 2008-05-15] (Oak Technology Inc.)
R3 ati2mtag; C:\Windows\System32\DRIVERS\ati2mtag.sys [7874560 2012-11-16] (ATI Technologies Inc.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-06-30] (AVG Technologies)
S3 Cap7134; C:\Windows\System32\DRIVERS\Cap7134.sys [348160 2003-03-07] (Philips Semiconductors)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R0 d347bus; C:\Windows\System32\DRIVERS\d347bus.sys [155136 2004-08-22] ( )
R0 d347prt; C:\Windows\System32\Drivers\d347prt.sys [5248 2004-08-22] ( )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-09-13] (DT Soft Ltd)
R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [148504 2012-03-14] (ESET)
R3 Epfwndis; C:\Windows\System32\DRIVERS\Epfwndis.sys [40336 2012-03-14] (ESET)
R1 epfwtdi; C:\Windows\System32\DRIVERS\epfwtdi.sys [61936 2012-03-14] (ESET)
R3 HdAudAddService; C:\Windows\System32\drivers\AtiHdAud.sys [84992 2006-12-28] (ATI Research Inc.)
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [138752 2010-06-16] (Windows (R) Server 2003 DDK provider)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49920 2007-03-08] (HP)
S3 HPZipr12; C:\Windows\System32\DRIVERS\HPZipr12.sys [16496 2007-03-08] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2007-03-08] (HP)
R2 hwpsgt; C:\Windows\System32\DRIVERS\hwpsgt.sys [137344 2012-12-17] ()
R0 imagedrv; C:\Windows\System32\Drivers\imagedrv.sys [11304 2007-08-08] (Ahead Software AG)
R0 imagesrv; C:\Windows\System32\DRIVERS\imagesrv.sys [132904 2007-08-08] (Ahead Software AG)
R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [125224 2007-08-04] (Nero AG)
R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [38952 2007-08-04] (Nero AG)
U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [17448 2007-08-04] (Nero AG)
R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [40488 2007-08-04] (Nero AG)
S3 k750bus; C:\Windows\System32\DRIVERS\k750bus.sys [55216 2005-07-07] (MCCI)
S3 k750mdfl; C:\Windows\System32\DRIVERS\k750mdfl.sys [6576 2005-07-07] (MCCI)
S3 k750mdm; C:\Windows\System32\DRIVERS\k750mdm.sys [89872 2005-07-07] (MCCI)
S3 k750mgmt; C:\Windows\System32\DRIVERS\k750mgmt.sys [81728 2005-07-07] (MCCI)
S3 k750obex; C:\Windows\System32\DRIVERS\k750obex.sys [79488 2005-07-07] (MCCI)
R2 lemsgt; C:\Windows\System32\DRIVERS\lemsgt.sys [9472 2012-12-17] ()
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [28464 2011-12-29] (COMPAL ELECTRONIC INC.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
S3 NABTSFEC; C:\Windows\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 nltdi; C:\WINDOWS\system32\drivers\nltdi.sys [82200 2007-04-23] (Locktime Software)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [50704 2013-01-26] (CACE Technologies, Inc.)
R3 NVENETFD; C:\Windows\System32\DRIVERS\NVENETFD.sys [54016 2007-11-17] (NVIDIA Corporation)
R0 nvgts; C:\Windows\System32\DRIVERS\nvgts.sys [102400 2007-08-09] (NVIDIA Corporation)
R3 nvnetbus; C:\Windows\System32\DRIVERS\nvnetbus.sys [22016 2007-11-17] (NVIDIA Corporation)
S3 PhTVTune; C:\Windows\System32\DRIVERS\PhTVTune.sys [24000 2003-03-07] (Philips Semiconductors)
R3 Rasirda; C:\Windows\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [8944 2009-01-15] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SASENUM; C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [7408 2009-01-15] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [55024 2009-01-15] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SbFw; C:\Windows\System32\drivers\SbFw.sys [270888 2008-10-31] (Sunbelt Software, Inc.)
R3 SBFWIMCL; C:\Windows\System32\DRIVERS\sbfwim.sys [65576 2008-06-21] (Sunbelt Software, Inc.)
R1 sbhips; C:\Windows\system32\drivers\sbhips.sys [66600 2008-06-21] (Sunbelt Software, Inc.)
S3 SLIP; C:\Windows\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Corporation)
S3 streamip; C:\Windows\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Corporation)
R3 trustms; C:\Windows\System32\drivers\trustms.sys [9600 2010-11-15] ()
S3 WSTCODEC; C:\Windows\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Corporation)
S3 catchme; \??\C:\DOCUME~1\Giraffe\LOCALS~1\Temp\catchme.sys [x]
S4 IntelIde; No ImagePath
S3 irsir; system32\DRIVERS\irsir.sys [x]
S3 prmvmouse; system32\DRIVERS\activmouse.sys [x]
S3 rtl8139; system32\DRIVERS\RTL8139.SYS [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x86\Sandra.sys [x]

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\61883.sys 914A9709FC3BF419AD2F85547F2A4832
C:\Windows\System32\DRIVERS\ACPI.sys 4FE34F1F3126B61FCC6B2043AA8112C9
C:\Windows\System32\Drivers\ACPIEC.sys AFDFF022A01F0B11C776F0860C3B282F
C:\Windows\System32\DRIVERS\activhidsermini.sys 53CFC03048A48B04B3710D0587BEB808
C:\Windows\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\Windows\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\Windows\System32\Drivers\AFS2K.sys B34B1AB0A7690A0E2301FEC6D17B2FC1
C:\Windows\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\Windows\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\Windows\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\Windows\System32\DRIVERS\ati2mtag.sys 50D7EE1C07BC1E549FAE797668A90E1E
C:\Windows\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\Windows\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\Windows\System32\DRIVERS\avc.sys F8E6956A614F15A0860474C5E2A7DE6B
C:\WINDOWS\system32\drivers\avgtpx86.sys C6C470CD49FE9DBA0F082540D7AF7642
C:\Windows\System32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\Windows\System32\DRIVERS\Cap7134.sys C1A4F43E4A57C417FCFBADFBD5D9CF97
C:\Windows\System32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\Windows\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\Windows\System32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\Windows\System32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\Windows\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\Windows\System32\DRIVERS\d347bus.sys 5776322F93CDB91086111F5FFBFDA2A0
C:\Windows\System32\Drivers\d347prt.sys B49F79ACE459763F4E0380071BE9CB45
C:\Windows\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\Windows\System32\drivers\dmboot.sys DB5FD2BF5B07DC54BFCB3664FF05BD7C
C:\Windows\System32\DRIVERS\dmio.sys FFF1720AF51171F32F1EAD5CF71F2810
C:\Windows\System32\Drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\Windows\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\Windows\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 687AF6BB383885FF6A64071B189A7F3E
C:\Windows\System32\DRIVERS\eamon.sys 8C2B6BBC82AD12CD9A2E73E5DCBBA705
C:\Windows\System32\DRIVERS\ehdrv.sys 5412ED24FFFCA64E2F0168399B86C952
C:\Windows\System32\DRIVERS\epfw.sys 774BABCB1144513DC86992003740B774
C:\Windows\System32\DRIVERS\Epfwndis.sys 4B86DA2C58063B647577CD669CFFAEEB
C:\Windows\System32\DRIVERS\epfwtdi.sys 1B36748EA9E25549EBE5D8EA105BD981
C:\Windows\System32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\Windows\System32\Drivers\Fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\Windows\System32\Drivers\Fips.sys AC366695A0796560AA37215AD5762AAF
C:\Windows\System32\Drivers\Flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\Windows\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\Windows\System32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\Windows\System32\DRIVERS\ftdisk.sys 4E664D8541DB4A66B73A24257E322E1F
C:\Windows\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\Windows\System32\drivers\AtiHdAud.sys 56BF27D7A539F9E6BBC1DE201ABA0EDF
C:\Windows\System32\DRIVERS\HDAudBus.sys 3FCC124B6E08EE0E9351F717DD136939
C:\Windows\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\Windows\System32\DRIVERS\HPZid412.sys D03D10F7DED688FECF50F8FBF1EA9B8A
C:\Windows\System32\DRIVERS\HPZipr12.sys 89F41658929393487B6B7D13C8528CE3
C:\Windows\System32\DRIVERS\HPZius12.sys ABCB05CCDBF03000354B9553820E39F8
C:\Windows\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\Windows\System32\DRIVERS\hwpsgt.sys A439EBD90AFDB1F516C875B9B317832F
C:\Windows\System32\DRIVERS\i8042prt.sys C528E27945367191E7BAE364930B6932
C:\Windows\System32\Drivers\imagedrv.sys F05C634290C4E416FC3AD78F1FFC75C4
C:\Windows\System32\DRIVERS\imagesrv.sys 1238B6FB6472680B436AD2DAC07E5976
C:\Windows\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\Windows\System32\drivers\InCDFs.sys 471837EF80B9E54FF4829AD08E82E738
C:\Windows\System32\drivers\InCDPass.sys BE5A51770311B286E67AF6222C57865D
C:\Windows\System32\Drivers\InCDrec.sys 0CC8E8C247ACCD36AE6350E41C560104
C:\Windows\System32\drivers\InCDRm.sys F5847A6D3B67D5745804E4BF1D220A36
C:\Windows\System32\drivers\RtkHDAud.sys 8CD7F3FB0B2418AF79914ADB1E265184
C:\Windows\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\Windows\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\Windows\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\Windows\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\Windows\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\Windows\System32\DRIVERS\irda.sys ACA5E7B54409F9CB5EED97ED0C81120E
C:\Windows\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\Windows\System32\DRIVERS\isapnp.sys CC9F8A2D60AED1A51A3AC34C59B987AE
C:\Windows\System32\DRIVERS\k750bus.sys FE8300320281D658A7854D5CFC02A63F
C:\Windows\System32\DRIVERS\k750mdfl.sys F44521F63C0C00364FA3D59DB980DE6A
C:\Windows\System32\DRIVERS\k750mdm.sys E93323C3ED5E8923A177740A973C27B2
C:\Windows\System32\DRIVERS\k750mgmt.sys 9D5F5A70CA0B7C428EFCD73DB50E6AC7
C:\Windows\System32\DRIVERS\k750obex.sys 81CA2D57B2C14F76F4BA80846784BB3D
C:\Windows\System32\DRIVERS\kbdclass.sys 1B6162FE7F66B1A71A4B70F941C4AA9B
C:\Windows\System32\DRIVERS\kbdhid.sys 86C8F23616C6C6E5B2776901C17B945B
C:\Windows\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\Windows\System32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\Windows\System32\DRIVERS\lemsgt.sys 057DA656166893842DD401C25A058C4E
C:\Windows\System32\DRIVERS\LPCFilter.sys A71AD0EB2FDC1710E465E13B8C2C39C9
C:\Windows\System32\DRIVERS\MarvinBus.sys A3E700D78EEC390F1208098CDCA5C6B6
C:\Windows\System32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\Windows\System32\Drivers\Modem.sys 44032B0C6D9954D3FD26438330B99EE7
C:\Windows\System32\DRIVERS\mouclass.sys 4CB582831DBDE63CE43B45D771218374
C:\Windows\System32\DRIVERS\mouhid.sys BB269EBA740737AB749B214D568B6812
C:\Windows\System32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\Windows\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\Windows\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\Windows\System32\DRIVERS\msdv.sys 1477849772712BAC69C144DCF2C9CE81
C:\Windows\System32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\Windows\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\Windows\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\Windows\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\Windows\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\Windows\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\Windows\System32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\Windows\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\Windows\System32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\Windows\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\Windows\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\Windows\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\Windows\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\Windows\System32\Drivers\NDProxy.sys 9282BD12DFB069D3889EB3FCC1000A9B
C:\Windows\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\Windows\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\Windows\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\system32\drivers\nltdi.sys 3EE27BCFF781F07A12DF75E8BE852B0E
C:\Windows\System32\drivers\NPF.sys B9730495E0CF674680121E34BD95A73B
C:\Windows\System32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\Windows\System32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\Windows\System32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\Windows\System32\DRIVERS\NVENETFD.sys D314FE034D68C09D412727886E24F5FB
C:\Windows\System32\DRIVERS\nvgts.sys FA740E97A0FE36E368C2299D9F3C01C1
C:\Windows\System32\DRIVERS\nvnetbus.sys F99FBB623ED78367574EE461B5B32C2C
C:\Windows\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\Windows\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\Windows\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\Windows\System32\DRIVERS\parport.sys 46F8DB73B4A53E543F8E371DC7C75BAE
C:\Windows\System32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\Windows\System32\Drivers\ParVdm.sys 1FAE19D0457176318BBA4A8795656EBC
C:\Windows\System32\DRIVERS\pci.sys 6CE351D149CB4BEFC702951E471E1730
C:\Windows\System32\DRIVERS\pciide.sys 2DA4EC85E0EA7A45C6B2A05820492D5A
C:\Windows\System32\Drivers\Pcmcia.sys 4FC31E6C19A5CE5198B1ABFF94CAE758
C:\Windows\System32\DRIVERS\PhTVTune.sys C3560993D0558312ABD846515976BEA1
C:\Windows\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\Windows\System32\DRIVERS\processr.sys 7EB15DCE4EC3A0220BD796A15C18186E
C:\Windows\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\Windows\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\Windows\System32\Drivers\PxHelp20.sys E42E3433DBB4CFFE8FDD91EAB29AEA8E
C:\Windows\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\Windows\System32\DRIVERS\rasirda.sys 0207D26DDF796A193CCD9F83047BB5FC
C:\Windows\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\Windows\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\Windows\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\Windows\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\Windows\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\Windows\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\Windows\System32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\Windows\System32\DRIVERS\redbook.sys 611BFD220305BE3A85AE876EA47D4AA5
C:\Windows\System32\DRIVERS\s0016bus.sys 59509AD6CBC28F2C73056268985B3E48
C:\Windows\System32\DRIVERS\s0016mdfl.sys B98C3A6F91F4FBA285AF9606A240C6B4
C:\Windows\System32\DRIVERS\s0016mdm.sys 8A83426F4FB7B5212825D9DE76368B1A
C:\Windows\System32\DRIVERS\s0016nd5.sys 34EF7B5F611957B73E7219DD5A222AD1
C:\Windows\System32\DRIVERS\s0016unic.sys 927208754FB27FC3E7A659E77500C5D1
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS C030C9A39E85B6F04A8DD25D1A50258A
C:\Program Files\SUPERAntiSpyware\SASENUM.SYS E9C2D75C748C3F0A4C34D6CF2AE1D754
C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys 64C100DBF57C6CB6E7D5D24153F5E444
C:\Windows\System32\drivers\SbFw.sys 419883201CA9AD697CCFB8FC46DD6F78
C:\Windows\System32\DRIVERS\sbfwim.sys F01B8409A11C319E3C5B9DD418676D2C
C:\Windows\system32\drivers\sbhips.sys 31CA701F26EA66468AD3C3C6498755CE
C:\Windows\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\Windows\System32\DRIVERS\serial.sys B842729337C9B921615C40D3C1A1AF96
C:\Windows\System32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\Windows\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\Windows\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\Windows\System32\DRIVERS\sr.sys 94610C8653635E4459316A0050D55CE7
C:\Windows\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\Windows\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\Windows\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\Windows\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\Windows\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\Windows\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\Windows\System32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\Windows\System32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\Windows\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\Windows\System32\drivers\trustms.sys DB6C6143DA957CD7510C715B932713F4
C:\Windows\System32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\Windows\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\Windows\System32\DRIVERS\usbccgp.sys 173F317CE0DB8E21322E71B7E60A27E8
C:\Windows\System32\DRIVERS\usbehci.sys 65DCF09D0E37D4C6B11B5B0B76D470A7
C:\Windows\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\Windows\System32\DRIVERS\usbohci.sys 0DAECCE65366EA32B162F85F07C6753B
C:\Windows\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\Windows\System32\DRIVERS\usbscan.sys A0B8CF9DEB1184FBDD20784A58FA75D4
C:\Windows\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\Windows\System32\DRIVERS\usb8023x.sys B4D7B7AD8A9F7C063C5CC3E2C1A0724E
C:\Windows\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\Windows\System32\Drivers\VolSnap.sys 28A4B296B47782173C346E376CB374D1
C:\Windows\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\Windows\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\Windows\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\Windows\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\Windows\System32\DRIVERS\WudfPf.sys F15FEAFFFBB3644CCC80C5DA584E6311
C:\Windows\System32\DRIVERS\wudfrd.sys 28B524262BCE6DE1F7EF9F510BA3985B

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 21:30 - 2013-07-23 21:30 - 00000409 _____ C:\Documents and Settings\Giraffe\Plocha\hjfjk.txt
2013-07-23 21:29 - 2013-07-23 21:29 - 00055882 _____ C:\Documents and Settings\Giraffe\Plocha\FRST.txt
2013-07-23 20:56 - 2013-07-23 20:56 - 00000000 ____D C:\FRST
2013-07-10 01:37 - 2013-07-10 01:37 - 00009049 _____ C:\WINDOWS\KB2834904.log
2013-07-10 01:37 - 2013-07-10 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 01:36 - 2013-07-10 01:36 - 00008509 _____ C:\WINDOWS\KB2834886.log
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 01:28 - 2013-07-10 01:29 - 00011369 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 01:14 - 2013-07-10 01:36 - 00013522 _____ C:\WINDOWS\KB2850851.log
2013-07-10 01:13 - 2013-07-10 01:36 - 00012286 _____ C:\WINDOWS\KB2845187.log
2013-06-30 21:25 - 2013-06-30 21:25 - 00000000 ____D C:\WINDOWS\system32\cache
2013-06-27 23:36 - 2013-06-27 23:36 - 00005770 _____ C:\WINDOWS\KB954155.log
2013-06-27 23:36 - 2013-06-27 23:36 - 00005670 _____ C:\WINDOWS\KB975558.log
2013-06-27 23:35 - 2013-06-27 23:36 - 00018384 _____ C:\WINDOWS\KB941569.log
2013-06-27 23:35 - 2013-06-27 23:35 - 00005735 _____ C:\WINDOWS\KB978695.log
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2013-06-27 23:34 - 2013-06-27 23:35 - 00017260 _____ C:\WINDOWS\KB929399.log
2013-06-27 23:34 - 2013-06-27 23:34 - 00010769 _____ C:\WINDOWS\KB952069.log
2013-06-27 23:34 - 2007-07-27 10:41 - 00016760 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsg.dll
2013-06-27 22:42 - 2013-06-29 07:48 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\Systweak
2013-06-27 22:42 - 2013-02-28 16:27 - 00018776 _____ (Systweak Inc., (http://www.systweak.com)) C:\WINDOWS\system32\roboot.exe
2013-06-25 23:35 - 2013-06-25 23:35 - 00035008 _____ C:\Documents and Settings\Giraffe\Plocha\9.tř.veg
2013-06-25 20:58 - 2013-06-25 20:59 - 00000000 ____D C:\Documents and Settings\Giraffe\Plocha\film2
2013-06-25 20:56 - 2013-06-25 20:58 - 00000000 ____D C:\Documents and Settings\Giraffe\Plocha\film
2013-06-25 20:21 - 2013-06-25 20:21 - 00001117 _____ C:\Documents and Settings\Giraffe\Plocha\vegas90.lnk
2013-06-25 19:37 - 2013-06-25 20:32 - 00002560 _____ C:\Documents and Settings\Giraffe\Dokumenty\Register Vegas Pro.htm
2013-06-25 19:01 - 2013-06-28 18:42 - 00002152 _____ C:\WINDOWS\spupdsvc.log
2013-06-25 19:00 - 2013-06-25 19:01 - 00038439 _____ C:\WINDOWS\WMFDist11.log
2013-06-25 18:59 - 2013-06-25 19:00 - 00019744 _____ C:\WINDOWS\Wudf01000Inst.log
2013-06-25 18:58 - 2013-06-25 19:01 - 00001870 _____ C:\WINDOWS\wmsetup.log
2013-06-25 16:56 - 2013-06-25 16:56 - 00000149 _____ C:\WINDOWS\wsdu.log
2013-06-25 16:55 - 2013-06-25 16:57 - 00011828 _____ C:\WINDOWS\WINNT32.LOG
2013-06-25 16:55 - 2013-06-25 16:55 - 00000178 _____ C:\WINDOWS\DHCPUPG.LOG
2013-06-24 20:02 - 2007-11-17 09:43 - 00943872 ____R (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnrm.sys
2013-06-24 20:02 - 2007-11-17 09:43 - 00054016 ____R (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\NVENETFD.sys
2013-06-24 20:02 - 2007-11-17 09:43 - 00022016 ____R (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvnetbus.sys
2013-06-24 20:02 - 2007-11-17 09:41 - 00197120 ____R (NVIDIA Corporation) C:\WINDOWS\system32\fdco1ins.dll
2013-06-24 20:02 - 2007-11-17 09:41 - 00197120 ____R (NVIDIA Corporation) C:\WINDOWS\system32\fdco1.dll
2013-06-24 20:02 - 2007-11-17 09:40 - 00009216 ____R (NVIDIA Corporation) C:\WINDOWS\system32\bdco1ins.dll
2013-06-24 20:02 - 2007-11-17 09:40 - 00009216 ____R (NVIDIA Corporation) C:\WINDOWS\system32\bdco1.dll
2013-06-24 20:02 - 2007-11-07 07:32 - 00035328 ____R (NVIDIA Corporation) C:\WINDOWS\system32\nvconrm.dll
2013-06-24 20:02 - 2007-11-07 07:28 - 00005815 ____R C:\WINDOWS\system32\nvnrm.nvu
2013-06-24 19:20 - 2013-06-24 20:07 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-07-24 15:17 - 2008-03-05 19:10 - 01519708 _____ C:\WINDOWS\WindowsUpdate.log
2013-07-24 15:15 - 2013-04-12 16:10 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-07-24 15:15 - 2013-04-12 16:10 - 00000049 _____ C:\WINDOWS\wiaservc.log
2013-07-24 15:15 - 2010-11-09 00:55 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 15:14 - 2008-07-06 19:36 - 00886386 _____ C:\WINDOWS\system32\OODBS.lor
2013-07-24 15:14 - 2008-03-05 19:15 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-07-24 13:24 - 2008-03-05 19:16 - 00000178 ___SH C:\Documents and Settings\Giraffe\ntuser.ini
2013-07-24 13:21 - 2009-04-29 18:52 - 00001324 _____ C:\WINDOWS\system32\d3d9caps.dat
2013-07-24 13:16 - 2008-03-05 19:16 - 00000000 ____D C:\Documents and Settings\Giraffe
2013-07-24 12:10 - 2008-03-05 19:17 - 00003757 _____ C:\WINDOWS\WINCMD.INI
2013-07-24 11:59 - 2007-06-26 18:37 - 00000392 ___SH C:\boot.ini
2013-07-23 21:32 - 2013-03-06 17:43 - 00032454 _____ C:\WINDOWS\SchedLgU.Txt
2013-07-23 21:32 - 2009-03-29 19:09 - 00524288 _____ C:\WINDOWS\system32\config\NetLimit.evt
2013-07-23 21:30 - 2013-07-23 21:30 - 00000409 _____ C:\Documents and Settings\Giraffe\Plocha\hjfjk.txt
2013-07-23 21:30 - 2008-03-05 19:16 - 00000000 ____D C:\Documents and Settings\Giraffe\Plocha
2013-07-23 21:29 - 2013-07-23 21:29 - 00055882 _____ C:\Documents and Settings\Giraffe\Plocha\FRST.txt
2013-07-23 21:21 - 2010-07-02 07:14 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\Apple Computer
2013-07-23 21:21 - 2008-03-05 20:01 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Nabídka Start
2013-07-23 21:21 - 2008-03-05 20:01 - 00000000 ____D C:\Documents and Settings\All Users.WINDOWS\Plocha
2013-07-23 21:21 - 2008-03-05 19:16 - 00000000 ___RD C:\Documents and Settings\Giraffe\Nabídka Start
2013-07-23 21:12 - 2012-04-26 06:42 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-07-23 20:56 - 2013-07-23 20:56 - 00000000 ____D C:\FRST
2013-07-23 20:52 - 2010-11-09 00:55 - 00000942 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-23 20:51 - 2012-10-07 11:50 - 06221390 _____ C:\Documents and Settings\Giraffe\Data aplikací\CooLWPC Wallpaper.bmp
2013-07-23 20:51 - 2008-03-05 19:16 - 00000000 __RHD C:\Documents and Settings\Giraffe\Data aplikací
2013-07-22 20:29 - 2008-11-26 09:25 - 00000585 _____ C:\Documents and Settings\Giraffe\Plocha\wowrm.ini
2013-07-21 21:19 - 2008-03-05 19:16 - 00000000 ___RD C:\Documents and Settings\Giraffe\Nabídka Start\Programy
2013-07-21 21:19 - 2007-06-26 17:00 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-21 21:16 - 2008-03-05 20:01 - 00000000 __RHD C:\Documents and Settings\All Users.WINDOWS\Data aplikací
2013-07-21 21:16 - 2008-03-05 19:16 - 00000000 ___HD C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací
2013-07-21 21:10 - 2008-04-17 22:25 - 00000000 ____D C:\Program Files\MuchTV
2013-07-21 19:29 - 2008-03-05 19:16 - 00000000 ___RD C:\Documents and Settings\Giraffe\Dokumenty
2013-07-21 11:51 - 2008-03-04 22:42 - 00000000 ____D C:\WINDOWS\Minidump
2013-07-20 18:30 - 2001-10-25 16:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2013-07-19 00:59 - 2008-03-05 19:15 - 00000178 ___SH C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.ini
2013-07-18 23:15 - 2008-10-18 23:33 - 00000000 ____D C:\Program Files\changeit
2013-07-18 20:16 - 2013-03-05 17:41 - 00000000 ____D C:\Program Files\IObit
2013-07-18 20:16 - 2013-03-05 17:41 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\IObit
2013-07-10 18:37 - 2007-06-26 17:21 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-07-10 15:03 - 2008-03-05 20:00 - 00265416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-10 01:38 - 2008-03-05 20:02 - 01181116 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-10 01:37 - 2013-07-10 01:37 - 00009049 _____ C:\WINDOWS\KB2834904.log
2013-07-10 01:37 - 2013-07-10 01:37 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 01:37 - 2013-06-13 00:37 - 00066327 _____ C:\WINDOWS\iis6.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00061834 _____ C:\WINDOWS\FaxSetup.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00029560 _____ C:\WINDOWS\ocgen.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00028210 _____ C:\WINDOWS\tsoc.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00020516 _____ C:\WINDOWS\comsetup.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00019238 _____ C:\WINDOWS\msmqinst.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00012426 _____ C:\WINDOWS\ntdtcsetup.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00010830 _____ C:\WINDOWS\netfxocm.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00004250 _____ C:\WINDOWS\MedCtrOC.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00003860 _____ C:\WINDOWS\ocmsn.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00003110 _____ C:\WINDOWS\tabletoc.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00003090 _____ C:\WINDOWS\msgsocm.log
2013-07-10 01:37 - 2013-06-13 00:37 - 00001374 _____ C:\WINDOWS\imsins.log
2013-07-10 01:36 - 2013-07-10 01:36 - 00008509 _____ C:\WINDOWS\KB2834886.log
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2845187$
2013-07-10 01:36 - 2013-07-10 01:36 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 01:36 - 2013-07-10 01:14 - 00013522 _____ C:\WINDOWS\KB2850851.log
2013-07-10 01:36 - 2013-07-10 01:13 - 00012286 _____ C:\WINDOWS\KB2845187.log
2013-07-10 01:36 - 2013-06-13 00:37 - 00001374 _____ C:\WINDOWS\imsins.BAK
2013-07-10 01:29 - 2013-07-10 01:28 - 00011369 _____ C:\WINDOWS\KB2846071-IE8.log
2013-07-10 01:29 - 2009-09-12 20:57 - 75699896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-07-10 01:28 - 2013-06-13 00:37 - 00005758 _____ C:\WINDOWS\updspapi.log
2013-07-10 01:28 - 2013-03-30 14:34 - 00000000 ____D C:\WINDOWS\ie8updates
2013-07-10 01:18 - 2008-03-06 10:25 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2013-07-06 17:56 - 2013-06-13 20:10 - 00631359 _____ C:\WINDOWS\setupapi.log
2013-07-01 21:03 - 2012-12-15 18:32 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\Mumble
2013-06-30 21:25 - 2013-06-30 21:25 - 00000000 ____D C:\WINDOWS\system32\cache
2013-06-30 21:25 - 2013-06-13 20:02 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-06-30 21:24 - 2013-06-13 20:02 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
2013-06-29 07:48 - 2013-06-27 22:42 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\Systweak
2013-06-28 18:42 - 2013-06-25 19:01 - 00002152 _____ C:\WINDOWS\spupdsvc.log
2013-06-27 23:36 - 2013-06-27 23:36 - 00005770 _____ C:\WINDOWS\KB954155.log
2013-06-27 23:36 - 2013-06-27 23:36 - 00005670 _____ C:\WINDOWS\KB975558.log
2013-06-27 23:36 - 2013-06-27 23:35 - 00018384 _____ C:\WINDOWS\KB941569.log
2013-06-27 23:35 - 2013-06-27 23:35 - 00005735 _____ C:\WINDOWS\KB978695.log
2013-06-27 23:35 - 2013-06-27 23:35 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB929399$
2013-06-27 23:35 - 2013-06-27 23:34 - 00017260 _____ C:\WINDOWS\KB929399.log
2013-06-27 23:34 - 2013-06-27 23:34 - 00010769 _____ C:\WINDOWS\KB952069.log
2013-06-27 19:08 - 2013-01-21 18:53 - 00000000 ____D C:\Documents and Settings\Giraffe\Dokumenty\Moje naskenované obrázky
2013-06-27 18:54 - 2013-06-13 00:37 - 00000232 _____ C:\WINDOWS\setupact.log
2013-06-25 23:35 - 2013-06-25 23:35 - 00035008 _____ C:\Documents and Settings\Giraffe\Plocha\9.tř.veg
2013-06-25 23:35 - 2007-09-24 13:43 - 00000000 ____D C:\Program Files\DC++
2013-06-25 20:59 - 2013-06-25 20:58 - 00000000 ____D C:\Documents and Settings\Giraffe\Plocha\film2
2013-06-25 20:58 - 2013-06-25 20:56 - 00000000 ____D C:\Documents and Settings\Giraffe\Plocha\film
2013-06-25 20:39 - 2009-01-06 18:38 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\Sony
2013-06-25 20:32 - 2013-06-25 19:37 - 00002560 _____ C:\Documents and Settings\Giraffe\Dokumenty\Register Vegas Pro.htm
2013-06-25 20:21 - 2013-06-25 20:21 - 00001117 _____ C:\Documents and Settings\Giraffe\Plocha\vegas90.lnk
2013-06-25 19:02 - 2008-03-05 20:01 - 00000000 ___RD C:\Documents and Settings\All Users.WINDOWS\Dokumenty
2013-06-25 19:01 - 2013-06-25 19:00 - 00038439 _____ C:\WINDOWS\WMFDist11.log
2013-06-25 19:01 - 2013-06-25 18:58 - 00001870 _____ C:\WINDOWS\wmsetup.log
2013-06-25 19:01 - 2008-03-05 19:10 - 00000000 __SHD C:\Documents and Settings\All Users.WINDOWS\DRM
2013-06-25 19:01 - 2008-01-31 15:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallWMFDist11$
2013-06-25 19:00 - 2013-06-25 18:59 - 00019744 _____ C:\WINDOWS\Wudf01000Inst.log
2013-06-25 17:48 - 2011-02-17 11:59 - 00000000 ____D C:\ATI
2013-06-25 16:57 - 2013-06-25 16:55 - 00011828 _____ C:\WINDOWS\WINNT32.LOG
2013-06-25 16:57 - 2008-03-05 20:51 - 00000300 _____ C:\WINDOWS\UPGRADE.TXT
2013-06-25 16:56 - 2013-06-25 16:56 - 00000149 _____ C:\WINDOWS\wsdu.log
2013-06-25 16:55 - 2013-06-25 16:55 - 00000178 _____ C:\WINDOWS\DHCPUPG.LOG
2013-06-24 20:07 - 2013-06-24 19:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-06-24 20:02 - 2007-06-26 16:58 - 00000000 ____D C:\WINDOWS\system32\ReinstallBackups
2013-06-24 19:49 - 2011-02-16 23:42 - 00006349 _____ C:\WINDOWS\Ascd_tmp.ini
2013-06-24 19:46 - 2013-06-13 20:10 - 00175464 _____ C:\WINDOWS\DPINST.LOG

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2004-08-17 15:49] - [2008-04-14 08:52] - 1034240 ____A (Microsoft Corporation) 27afd587c462e280ee046b8cca3c2cd1

C:\Windows\System32\winlogon.exe
[2004-08-17 15:49] - [2008-04-14 08:52] - 0507904 ____A (Microsoft Corporation) cddb1f8e1aea356f3ad106f2cf9b7fea

C:\Windows\System32\svchost.exe
[2004-08-17 15:49] - [2008-04-14 08:52] - 0014336 ____A (Microsoft Corporation) be4a520e29b6391f49e79ccc52044d93

C:\Windows\System32\services.exe
[2004-08-17 15:49] - [2009-02-09 13:25] - 0111104 ____A (Microsoft Corporation) 9ef697af07bb8dd82c3b02ca953a95b7

C:\Windows\System32\User32.dll
[2004-08-17 15:49] - [2008-04-14 08:52] - 0578560 ____A (Microsoft Corporation) e16e0990967374e76f3e40cacafd3d53

C:\Windows\System32\userinit.exe
[2004-08-17 15:49] - [2008-04-14 08:52] - 0026112 ____A (Microsoft Corporation) 7dc1830f22e7d275b438127b68030239

C:\Windows\System32\Drivers\volsnap.sys
[2004-08-17 15:44] - [2008-04-14 07:42] - 0052480 ____A (Microsoft Corporation) 28a4b296b47782173c346e376cb374d1


==================== End Of Log ============================

RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Giraffe at 2013-07-24 15:59:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (16%) free of 40 GB
Total RAM: 2047 MB (55% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-02 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-02 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\prxtbBS_0.dll [2011-01-17 175912]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll [2013-06-30 3055280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328]
""= []
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"Trust Gaming Mouse"=C:\Program Files\Trust Gaming Mouse\Mouse.exe [2011-01-17 2245632]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-11-22 16858112]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2013-06-30 2236080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-08-28 3671904]
"CooLWPC3"=C:\Program Files\Wallpaper Changer\coolwpc.exe [2003-04-06 1008128]
"MicroUpdate"=C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe [2013-04-17 1613314]
"DriverMax"=C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [2013-04-26 7162232]
"DriverMax_RESTART"=C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [2013-04-26 7162232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivControl]
C:\Program Files\Activ Software\Activdriver\ActivControl2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-08-03 202024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\change!t]
C:\Program Files\changeit\changeit.exe /startos []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2002-11-03 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6.5\ICQ.exe [2010-11-16 172856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Nero\Nero8\InCD\InCD.exe [2007-08-04 1056552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2]
C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]
C:\Program Files\Nero\Nero8\InCD\NBHGui.exe [2007-08-04 2043688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [2002-04-11 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor]
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe [2007-08-24 36640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2013-02-25 1602984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-01-15 1830128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateReminder]
C:\Program Files\Eset\UpdateReminder.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^MuchTV Remote.lnk]
C:\PROGRA~1\MuchTV\tvrmvcr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Giraffe^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Giraffe^Nabídka Start^Programy^Po spuštění^Yahoo! Widget Engine.lnk]
[]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-11-16 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\DC++\DCPlusPlus.exe"="C:\Program Files\DC++\DCPlusPlus.exe:*:Enabled:DC++"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Pinnacle\Studio 11\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 11\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 11\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 11\programs\umi.exe:*:Enabled:umi"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"H:\Ftp files\Games playing\Delta Force Black Hawk Down\dfbhd.exe"="H:\Ftp files\Games playing\Delta Force Black Hawk Down\dfbhd.exe:*:Enabled:dfbhd"
"H:\Ftp files\Games playing\Valve\cstrike.exe"="H:\Ftp files\Games playing\Valve\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"H:\Ftp files\Games playing\World of Warcraft TBC\Launcher.exe"="H:\Ftp files\Games playing\World of Warcraft TBC\Launcher.exe:*:Enabled:Blizzard Launcher"
"H:\Ftp files\Games playing\World of Warcraft TBC\Repair.exe"="H:\Ftp files\Games playing\World of Warcraft TBC\Repair.exe:*:Enabled:Blizzard Repair Utility"
"H:\Ftp files\Games playing\wow tbc\WoW-BurningCrusade-enUS-Installer-downloader.exe"="H:\Ftp files\Games playing\wow tbc\WoW-BurningCrusade-enUS-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2013-07-23 21:34:09 ----A---- C:\WINDOWS\ntbtlog.txt
2013-07-23 20:56:24 ----D---- C:\FRST
2013-07-10 01:37:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904_WM11$
2013-07-10 01:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-07-10 01:36:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2850851$
2013-07-10 01:36:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-06-30 21:25:31 ----D---- C:\WINDOWS\system32\cache
2013-06-30 21:25:05 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Secure Search
2013-06-27 23:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2013-06-27 23:34:26 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-06-27 22:42:10 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\Systweak
2013-06-27 22:42:07 ----A---- C:\WINDOWS\system32\roboot.exe

======List of files/folders modified in the last 1 months======

2013-07-24 15:59:52 ----D---- C:\Program Files\trend micro
2013-07-24 15:57:52 ----D---- C:\WINDOWS\temp
2013-07-24 15:57:18 ----D---- C:\WINDOWS\Prefetch
2013-07-24 15:50:43 ----D---- C:\WINDOWS
2013-07-24 15:50:22 ----A---- C:\WINDOWS\NeroDigital.ini
2013-07-24 15:37:32 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\dclogs
2013-07-24 13:21:16 ----D---- C:\WINDOWS\system32
2013-07-24 12:10:02 ----A---- C:\WINDOWS\WINCMD.INI
2013-07-24 11:59:27 ----ASH---- C:\boot.ini
2013-07-24 11:36:29 ----D---- C:\WINDOWS\system32\CatRoot2
2013-07-23 21:32:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-07-23 21:21:55 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\Apple Computer
2013-07-23 21:21:54 ----SD---- C:\WINDOWS\Tasks
2013-07-21 21:19:32 ----HD---- C:\Program Files\InstallShield Installation Information
2013-07-21 21:19:20 ----SHD---- C:\WINDOWS\Installer
2013-07-21 21:19:19 ----D---- C:\Config.Msi
2013-07-21 21:10:55 ----D---- C:\Program Files\MuchTV
2013-07-21 21:07:09 ----RD---- C:\Program Files
2013-07-21 11:51:04 ----D---- C:\WINDOWS\Minidump
2013-07-18 23:15:27 ----D---- C:\Program Files\changeit
2013-07-18 20:16:48 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\IObit
2013-07-18 20:16:41 ----D---- C:\Program Files\IObit
2013-07-18 20:16:08 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
2013-07-10 18:49:33 ----RSD---- C:\WINDOWS\assembly
2013-07-10 18:37:59 ----D---- C:\WINDOWS\Microsoft.NET
2013-07-10 01:38:27 ----D---- C:\WINDOWS\WinSxS
2013-07-10 01:38:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-10 01:37:17 ----HD---- C:\WINDOWS\inf
2013-07-10 01:36:34 ----A---- C:\WINDOWS\imsins.BAK
2013-07-10 01:36:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-07-10 01:29:05 ----A---- C:\WINDOWS\system32\MRT.exe
2013-07-10 01:28:55 ----D---- C:\Program Files\Internet Explorer
2013-07-10 01:28:46 ----D---- C:\WINDOWS\ie8updates
2013-07-10 01:18:51 ----D---- C:\WINDOWS\system32\XPSViewer
2013-07-01 21:03:52 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\Mumble
2013-06-30 21:25:02 ----D---- C:\Program Files\AVG Secure Search
2013-06-27 23:36:08 ----D---- C:\WINDOWS\system32\CatRoot
2013-06-25 23:35:50 ----D---- C:\Program Files\DC++
2013-06-25 20:39:42 ----D---- C:\Documents and Settings\Giraffe\Data aplikací\Sony
2013-06-25 19:01:22 ----D---- C:\WINDOWS\system32\drivers
2013-06-25 19:01:15 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2013-06-25 17:48:13 ----D---- C:\ATI
2013-06-25 17:24:23 ----SHD---- C:\System Volume Information
2013-06-25 16:57:00 ----A---- C:\WINDOWS\UPGRADE.TXT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-05-15 82380]
R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-09-13 242240]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2012-03-14 160816]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2012-03-14 120152]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2012-03-14 61936]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2007-08-04 38952]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2007-08-04 40488]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2012-03-14 148504]
R2 hwpsgt;hwpsgt; C:\WINDOWS\system32\DRIVERS\hwpsgt.sys [2012-12-17 137344]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 lemsgt;lemsgt; C:\WINDOWS\system32\DRIVERS\lemsgt.sys [2012-12-17 9472]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-11-16 7874560]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2012-03-14 40336]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2010-06-16 138752]
R3 hidusb;HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-27 4630016]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-11-17 54016]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-11-17 22016]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 trustms;Trust Mouse; C:\WINDOWS\system32\drivers\trustms.sys [2010-11-15 9600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2007-08-04 125224]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 ActivHidSerMini;Promethean Serial Board Driver; C:\WINDOWS\system32\DRIVERS\activhidsermini.sys [2007-11-09 54656]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 Cap7134;MuchTV Plus Capture; C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-03-07 348160]
S3 catchme;catchme; \??\C:\DOCUME~1\Giraffe\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys []
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-07-07 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-07-07 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-07-07 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-07-07 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-07-07 79488]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2013-01-26 50704]
S3 PhTVTune;MuchTV Plus TVTuner; C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-03-07 24000]
S3 prmvmouse;Promethean HID Mouse Service; C:\WINDOWS\system32\DRIVERS\activmouse.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS []
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013a\WNt500x86\Sandra.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-11-16 643072]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2006-08-11 200704]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-03-07 913144]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2005-01-04 65536]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero8\InCD\InCDsrv.exe [2007-08-04 1440040]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-03-02 170912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-05-11 225280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Kerio\SbPFLnch.exe [2008-10-31 95528]
R2 SiteAdvisor Service;SiteAdvisor Service; C:\Program Files\SiteAdvisor\6172\SAService.exe [2010-11-07 341280]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Kerio\SbPFSvc.exe [2008-10-31 1365288]
R2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [2013-06-30 1598128]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2005-01-04 1527893]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09 135664]
S2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [2005-02-09 14165]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-15 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-15 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-09 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2007-08-22 147824]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2012-11-19 489256]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Zdravim a pekne odpoledne preji


Vas log se studuje a pracuje se na nem .
Prosim o strpeni!

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  HKLM\...\Run: [Acrobat Assistant 7.0] - C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
  HKLM\...\Run: [] - [x]
  HKLM\...\Run: [KernelFaultCheck] - %systemroot%\system32\dumprep 0 -k [x]
  HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
  HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
  HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2236080 2013-06-30] ()
  HKLM\...\Winlogon: [Userinit] C:\WINDOWS\system32\userinit.exe,C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe
  HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
  HKCU\...\Run: [MicroUpdate] - C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe [1613314 2013-04-17] ()
  HKCU\...\Run: [DriverMax] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26] (Innovative Solutions)
  HKCU\...\Run: [DriverMax_RESTART] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26] (Innovative Solutions)
  HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
  HKU\LocalService\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
  HKU\Martin Polách\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [x]
  HKU\Martin Polách\...\Run: [msnmsgr] - "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [x]
  HKU\Martin Polách\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
  HKU\NetworkService\...\RunOnce: [NeroHomeFirstStart] - "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" [x]
  URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
  SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
  SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
  SearchScopes: HKCU - {2218A386-DC5D-4678-98EB-111C7A530CCC} URL = http://flvdirect.iamwired.net/websearch ... ps&search={SearchTerms}
  SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={1618FF45-5167-4076-B583-204E805799E9}&mid=69c4b6bc363d47d09d36d150207469cf-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cz/browser=all&ds=is015&pr=sa&d=2013-06-13 20:02:15&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
  SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search/web?q={searchTerms}
  SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1750559
  BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
  BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
  BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
  Toolbar: HKLM - BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
  Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll (AVG Secure Search)
  Toolbar: HKCU -BS Player Toolbar - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_0.dll (Conduit Ltd.)
  Handler: ipp - No CLSID Value -
  Handler: livecall - No CLSID Value -
  Handler: msdaipp - No CLSID Value -
  Handler: msnim - No CLSID Value - 
  Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll (AVG Secure Search)
  FF user.js: detected! => C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\user.js
  CHR Extension: (Sexy Girl II Chrome Theme - Arthur) - C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0
  R2 vToolbarUpdater15.3.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-30] (AVG Secure Search)
  S3 catchme; \??\C:\DOCUME~1\Giraffe\LOCALS~1\Temp\catchme.sys [x]
  2013-06-27 22:42 - 2013-02-28 16:27 - 00018776 _____ (Systweak Inc., (http://www.systweak.com)) C:\WINDOWS\system32\roboot.exe
  2013-07-18 20:16 - 2013-03-05 17:41 - 00000000 ____D C:\Program Files\IObit
  2013-07-18 20:16 - 2013-03-05 17:41 - 00000000 ____D C:\Documents and Settings\Giraffe\Data aplikací\IObit
  2013-06-30 21:24 - 2013-06-13 20:02 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\change!t" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Giraffe^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk" /f
  C:\Program Files\Common Files\AVG Secure Search
  C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Secure Search
  C:\Program Files\BS_Player\prxtbBS_0.dll 
  C:\Program Files\AVG Secure Search
  C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe
  C:\Documents and Settings\Giraffe\Data aplikací\IObit
  C:\Program Files\IObit
  C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-07-2013
Ran by Giraffe at 2013-07-24 16:26:55 Run:1
Running from H:\Ftp files\Gir
Boot Mode: Normal

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 7.0 => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\APSDaemon => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\vProt => Value deleted successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Value was restored successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28 => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\MicroUpdate] - C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe [1613314 2013-04-17 => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26 => Value not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DriverMax_RESTART] - C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe [7162232 2013-04-26 => Value not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKU\LocalService\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKU\Martin Polách\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKU\Martin Polách\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => Value deleted successfully.
HKU\Martin Polách\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKU\NetworkService\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Value deleted successfully.
HKCR\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2218A386-DC5D-4678-98EB-111C7A530CCC} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2218A386-DC5D-4678-98EB-111C7A530CCC} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} => Key deleted successfully.
HKCR\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Key deleted successfully.
HKCR\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Value deleted successfully.
HKCR\CLSID\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => Value deleted successfully.
HKCR\CLSID\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} => Key not found.
HKCR\PROTOCOLS\Handler\Handler: ipp - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\Handler: livecall - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\Handler: msdaipp - No CLSID Value - => Key not found.
HKCR\PROTOCOLS\Handler\msnim => Key deleted successfully.
HKCR\PROTOCOLS\Handler\viprotocol => Key deleted successfully.
HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key deleted successfully.
C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\user.js => Moved successfully.

"C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp" directory move:

Could not move "C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0\Cached Theme.pak" => Scheduled to move on reboot.
C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0\manifest.json => Moved successfully.
C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0\images\ntp_background.png => Moved successfully.
C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0\images\snow.png => Moved successfully.
Could not move "C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp" directory. => Scheduled to move on reboot.

vToolbarUpdater15.3.0 => Service deleted successfully.
catchme => Service deleted successfully.
C:\WINDOWS\system32\roboot.exe => Moved successfully.
C:\Program Files\IObit => Moved successfully.
C:\Documents and Settings\Giraffe\Data aplikací\IObit => Moved successfully.
C:\WINDOWS\system32\Drivers\avgtpx86.sys => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\change!t" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nikon Message Center 2" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Giraffe^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk" /f =========


Operace byla dokončena úspěšně.

========= End of Reg: =========

C:\Program Files\Common Files\AVG Secure Search => Moved successfully.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVG Secure Search => Moved successfully.
C:\Program Files\BS_Player\prxtbBS_0.dll => Moved successfully.
C:\Program Files\AVG Secure Search => Moved successfully.
C:\Documents and Settings\Giraffe\Data aplikací\MSDCSC\msdcsc.exe => Moved successfully.
"C:\Documents and Settings\Giraffe\Data aplikací\IObit" => File/Directory not found.
"C:\Program Files\IObit" => File/Directory not found.
C:\Documents and Settings\All Users.WINDOWS\Data aplikací\IObit => Moved successfully.

=========== Result of Scheduled Files to move ===========
C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp\1.1_0\Cached Theme.pak => Moved successfully.
C:\DOCUME~1\Giraffe\LOCALS~1\Data aplikací\Google\Chrome\User Data\Default\Extensions\oeneonpaejicjknodbmfalfokkoifimp => Moved successfully.

==== End of Fixlog ====

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Prohledat
• Probehne skenovani a pak se objevi log, pripadne bude ulozen na systemovem disku jako AdwCleaner[R?].txt, ten sem vlozte

# AdwCleaner v2.306 - Log vytvooen 24/07/2013 v 19:18:10
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Giraffe - GIRDA
# Spuštin systém : Normální
# Spuštino z : H:\Ftp files\Gir\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\Giraffe\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\AVG Secure Search
Složka Nalezeno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\BS_Player
Složka Nalezeno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\Conduit
Složka Nalezeno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\ConduitEngine
Složka Nalezeno : C:\Program Files\BS_Player
Složka Nalezeno : C:\Program Files\Conduit
Složka Nalezeno : C:\Program Files\ConduitEngine
Soubor Nalezeno : C:\WINDOWS\system32\conduitEngine.tmp

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\AVG Secure Search
Klíe Nalezeno : HKCU\Software\BS_Player
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKCU\Toolbar
Klíe Nalezeno : HKLM\Software\AVG Secure Search
Klíe Nalezeno : HKLM\Software\AVG Security Toolbar
Klíe Nalezeno : HKLM\Software\BS_Player
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{702A68C4-900B-4157-A386-90BC9746CA57}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{90E8B459-4FCD-454A-A5DF-B98DC8DA1F05}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{F3F35D90-17AE-4EA3-BBCD-D4BEA4297979}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\Software\GamePlayLabs
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B04BD85-F169-4F03-ABD0-05DA94C66C37}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8A4DC6E-E318-4A39-82DE-DAB87211974D}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D1EEA5-D5AC-440F-9E5C-B0404BF3C09F}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F3F35D90-17AE-4EA3-BBCD-D4BEA4297979}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Klíe Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Nalezeno : HKLM\Software\systweak

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\Giraffe\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [7100 octets] - [24/07/2013 19:18:10]

########## EOF - C:\AdwCleaner[R1].txt - [7160 octets] ##########

Spustte znovu AdwCleaner

• Pokud pouzivate Win Vista ci W7, kliknete na AdwCleaner pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Smazat
• PC provede opravu, restartuje se a da Vam log (C:\AdwCleaner [S1].txt) , jeho obsah vlozte sem

# AdwCleaner v2.306 - Log vytvooen 25/07/2013 v 00:47:27
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Giraffe - GIRDA
# Spuštin systém : Normální
# Spuštino z : H:\Ftp files\Gir\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\Giraffe\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\AVG Secure Search
Složka Vymazáno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\BS_Player
Složka Vymazáno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\Conduit
Složka Vymazáno : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\ConduitEngine
Složka Vymazáno : C:\Program Files\BS_Player
Složka Vymazáno : C:\Program Files\Conduit
Složka Vymazáno : C:\Program Files\ConduitEngine
Soubor Vymazáno : C:\WINDOWS\system32\conduitEngine.tmp

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\AVG Secure Search
Klíe Vymazáno : HKCU\Software\BS_Player
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\conduitEngine
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKCU\Toolbar
Klíe Vymazáno : HKLM\Software\AVG Secure Search
Klíe Vymazáno : HKLM\Software\AVG Security Toolbar
Klíe Vymazáno : HKLM\Software\BS_Player
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{702A68C4-900B-4157-A386-90BC9746CA57}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{90E8B459-4FCD-454A-A5DF-B98DC8DA1F05}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\CLSID\{F3F35D90-17AE-4EA3-BBCD-D4BEA4297979}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT1750559
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\conduitEngine
Klíe Vymazáno : HKLM\Software\GamePlayLabs
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B04BD85-F169-4F03-ABD0-05DA94C66C37}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D8A4DC6E-E318-4A39-82DE-DAB87211974D}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0D1EEA5-D5AC-440F-9E5C-B0404BF3C09F}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BS_Player Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F3F35D90-17AE-4EA3-BBCD-D4BEA4297979}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Klíe Vymazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíe Vymazáno : HKLM\Software\systweak

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Documents and Settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Documents and Settings\Giraffe\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

-\\ Opera v12.14.1738.0

Soubor : C:\Documents and Settings\Giraffe\Data aplikací\Opera\Opera\operaprefs.ini

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [7229 octets] - [24/07/2013 19:18:10]
AdwCleaner[S1].txt - [6839 octets] - [25/07/2013 00:47:27]

########## EOF - C:\AdwCleaner[S1].txt - [6899 octets] ##########

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

• Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane

  Rkill EXE:
  http://download.bleepingcomputer.com/grinler/rkill.exe
  
  Rkill iExplore.exe:
  http://download.bleepingcomputer.com/gr ... xplore.exe
  
  Rkill uSeRiNiT.exe:
  http://download.bleepingcomputer.com/gr ... eRiNiT.exe
  
  Rkill WiNlOgOn.exe:
  http://download.bleepingcomputer.com/gr ... NlOgOn.exe

• Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
• Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
• RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
• Na plose vznikne log Rkill.txt ten mi sem vlozte
• Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Rkill 2.5.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/25/2013 01:12:51 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\oodag.exe (PID: 2192) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 07/25/2013 01:14:02 PM
Execution time: 0 hours(s), 1 minute(s), and 10 seconds(s)

OK, jeste ComboFix

ComboFix 13-07-24.03 - Giraffe 25.07.2013 13:57:34.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1394 [GMT 2:00]
Spuštěný z: c:\documents and settings\Giraffe\Plocha\Downloads\ComboFix.exe
AV: ESET Smart Security 5.2 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Giraffe\46357865364647353
c:\documents and settings\Giraffe\WINDOWS
c:\windows\msmqinst.log
c:\windows\system32\Cache
c:\windows\system32\Cache\26c630d098e22dd5.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\478e3ce10b36aeba.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\95f567698be8a182.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\KERNEL.TMP
c:\windows\system32\NEW43.tmp
c:\windows\system32\NEW470.tmp
c:\windows\system32\Packet.dll
c:\windows\system32\SET36F.tmp
c:\windows\system32\SET9D9.tmp
c:\windows\system32\SET9DA.tmp
c:\windows\system32\SET9DB.tmp
c:\windows\system32\SETE09.tmp
c:\windows\system32\wpcap.dll
c:\windows\UA000071.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-25 do 2013-07-25 )))))))))))))))))))))))))))))))
.
.
2013-07-23 18:56 . 2013-07-24 14:29 -------- d-----w- C:\FRST
2013-06-27 20:42 . 2013-06-29 05:48 -------- d-----w- c:\documents and settings\Giraffe\Data aplikací\Systweak
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-15 10:12 . 2012-05-28 04:51 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-15 10:12 . 2011-05-18 14:33 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-08 01:24 . 2004-08-17 13:49 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:53 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-06-07 21:53 . 2004-08-17 13:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-06-07 18:25 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2013-06-05 09:08 . 2004-08-17 13:44 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 2004-08-17 13:49 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-08 09:58 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 05:39 . 2004-08-17 15:45 2072320 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-03 05:39 . 2004-08-17 13:45 2195712 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"CooLWPC3"="c:\program files\Wallpaper Changer\coolwpc.exe" [2003-04-06 1008128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"HydraVisionDesktopManager"="c:\program files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe" [2003-09-15 270336]
"Trust Gaming Mouse"="c:\program files\Trust Gaming Mouse\Mouse.exe" [2011-01-17 2245632]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-22 16858112]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-17 44544]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0sprestrt
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^MuchTV Remote.lnk]
backup=c:\windows\pss\MuchTV Remote.lnkCommon Startup
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\MuchTV Remote.lnk
.
[HKLM\~\startupfolder\C:^Documents and Settings^Giraffe^Nabídka Start^Programy^Po spuštění^Yahoo! Widget Engine.lnk]
backup=c:\windows\pss\Yahoo! Widget Engine.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
2002-11-03 19:53 188416 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchList]
2007-03-21 14:41 145496 ----a-w- c:\program files\Pinnacle\Studio 11\LaunchList2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-11 02:19 69632 ----a-w- c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DC++\\DCPlusPlus.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 11\\programs\\umi.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"h:\\Ftp files\\Games playing\\Delta Force Black Hawk Down\\dfbhd.exe"=
"h:\\Ftp files\\Games playing\\Valve\\cstrike.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"h:\\Ftp files\\Games playing\\World of Warcraft TBC\\Launcher.exe"=
"h:\\Ftp files\\Games playing\\World of Warcraft TBC\\Repair.exe"=
"h:\\Ftp files\\Games playing\\wow tbc\\WoW-BurningCrusade-enUS-Installer-downloader.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56090:TCP"= 56090:TCP:Pando Media Booster
"56090:UDP"= 56090:UDP:Pando Media Booster
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [5.3.2008 20:00 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [5.3.2008 20:00 5248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [13.9.2012 15:35 242240]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.3.2012 9:40 120152]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 13:03 82200]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15.1.2009 17:17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15.1.2009 17:17 55024]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [9.4.2013 18:22 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [7.3.2012 16:40 913144]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Kerio\SbPFLnch.exe [31.10.2008 7:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Kerio\SbPFSvc.exe [31.10.2008 7:24 1365288]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [9.4.2013 18:22 65576]
R3 trustms;Trust Mouse;c:\windows\system32\drivers\trustms.sys [3.10.2011 18:46 9600]
S1 avgtp;avgtp;\??\c:\windows\system32\drivers\avgtpx86.sys --> c:\windows\system32\drivers\avgtpx86.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [1.3.2013 12:11 161384]
S3 ActivHidSerMini;Promethean Serial Board Driver;c:\windows\system32\drivers\activhidsermini.sys [9.11.2007 10:22 54656]
S3 PhTVTune;MuchTV Plus TVTuner;c:\windows\system32\drivers\PhTVTune.sys [5.3.2008 19:55 24000]
S3 prmvmouse;Promethean HID Mouse Service;c:\windows\system32\DRIVERS\activmouse.sys --> c:\windows\system32\DRIVERS\activmouse.sys [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [28.6.2009 0:02 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [28.6.2009 0:08 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [28.6.2009 0:08 120744]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2.8.2009 20:07 25512]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2.8.2009 19:56 115752]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15.1.2009 17:17 7408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-14 14:53 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-28 10:12]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-08 22:54]
.
2013-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-08 22:54]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{4F45541D-8104-4422-88FF-E451CE369FE6}: NameServer = 85.207.76.5,85.207.86.5
FF - ProfilePath - c:\documents and settings\Giraffe\Data aplikací\Mozilla\Firefox\Profiles\6cqxknkb.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-ActivControl - c:\program files\Activ Software\Activdriver\ActivControl2.exe
MSConfigStartUp-UpdateReminder - c:\program files\Eset\UpdateReminder.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-25 15:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-842925246-1336601894-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,15"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"="c:\\WINDOWS\\system32\\SHELL32.dll,17"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,22"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,23"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="c:\\WINDOWS\\system32\\shell32.dll,24"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="c:\\WINDOWS\\system32\\shell32.dll,-175"
"{21EC2020-3AEA-1069-A2DD-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-137"
"{2227A280-3AEA-1069-A2DE-08002B30309D}"="c:\\WINDOWS\\System32\\shell32.dll,-138"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="c:\\WINDOWS\\system32\\shell32.dll,38"
"AudioCD"="c:\\WINDOWS\\System32\\shell32.dll,40"
"{FBF23B42-E3F0-101B-8488-00AA003E56F8}"="c:\\WINDOWS\\system32\\shell32.dll,220"
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"="c:\\WINDOWS\\system32\\mydocs.dll,0"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="c:\\WINDOWS\\system32\\main.cpl,10"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="c:\\WINDOWS\\system32\\wiashext.dll,0"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="c:\\WINDOWS\\system32\\mstask.dll,-100"
"{88C6C381-2E85-11D0-94DE-444553540000}"="c:\\WINDOWS\\System32\\occache.dll,0"
"{BDEADF00-C265-11d0-BCED-00A0C90AB50F}"="c:\\Program Files\\COMMON~1\\MICROS~1\\WEBFOL~1\\MSONSEXT.DLL,0"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="c:\\WINDOWS\\System32\\shdocvw.dll,-20785"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="c:\\WINDOWS\\System32\\webcheck.dll,0"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="c:\\WINDOWS\\system32\\syncui.dll,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="343C99292AFAB2D7DE1FF23AD99836F6427794BE5055A0E8A6AE8656994DC9A04466FCA7F2A04ADB4406A37D89ADD520C59B82254F991B877B1067A3D8263F5C54226ABCD7DCE386393BF1451306BB4BD00D5DC705F1AF4F6384AA7AF2919D823D89FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79339DB7CE019D40AA5CC038D530D6EB3452FEBC9E127BECC74C11AD7A8EFC9FDF2316E881117C3215E0D58B9A4A1D5F90DDB9EA137BA5ACB0A986D88A77FD4E99168D9B1C38E3841FF664AC8C48B443BD3539560A7B3EB7A72B309085F82D8ADB5751B6928FFB05D3DD048F56E2FEF7BBD7A49F0FE1757B3E731BCAA20FB5775FE38FCFC397E0066526250623BFA71BD38A4AF334192601F69B1736F90A442B7E4B3A31F1262F49A5737996FDDAE0BA71A640B8EDE1B24876533A338C8F8B31B7AF08D7C5E50B088EFC79FB57815B5EA619DC8695CF7F42865B5DD43A983F09AD4973F5C9D31A6EBA91DFA404584F7E28643DA5E9CA7454168B9EE4CBF19A2428E1B9EFED43089B6A8F2BB3BBD379884E9B42188B0FFED9B6CC5DE069BA5B6C91D9DDDF05D7822400EB207F9CC0995B16690F127EAA8E1F1E1E407623EA43B978A4A413478BBC8F86ADC312A4BC71CE210B0BF72E8219E82690B08CEA48955D90C91A0C502E6DDAA773E22AB8BACA2BB3D1E4E7E7CE16E94CCC5ABA17F09F98B0E38BFE1EDFCE75B3EB0BB9A282EFACB7228930DB9B83CE330BAF4E62D52CA3D2A18AD51596A0449E5C91688E2DB08438F6B0D52047E034A01A64476A3A0FA996486DAEFC1CA31E819B8C100B2B61D7675CCF0FAD07B32CFDDC7359B1B99B493F2DCEDA000F20CE961656BE0F3ED8401B7323476261843ED949186D9F3EAC15B23C0DDEAE60DF17BD4E8EB8F17CF24A49722C9D7FB25FE266E855A17D0A2115FCF3C9767C55B1AB7BD51AF26E53107612212FE7AAAAD50978DBEEC4F932D8C34CE9EB0D3F88693378571D18A77E14BA35DEB22B6C4DFA110BD1EE5CA79E398F72431D4434E8DB4AFE0D8507A092E4FE951B032434F169D23A13A2A0FD0CADDCE8BBCA737935E38101487F524276EFA23F5CB2C2D0453C98CA781A7D558B2302C8A3A7A29306615C116C02C058E3A373DD3B14A9F9C5941E9F72AB936D038A49D15D2A0F6944B652E57341CC13EA74B8C1653EB0C6489818C4806FB8E8A959F166608CAAC5ACC9D0DDE738A4086CD92B601B8F63B6746E2A673C43F34D0C0CB00D374C1CD85206B6F7EA29AA2EA04F7752B3A681A9C4C4F059CCC702058C1CAA7181ACBBB59A5A58D7B093F4E21253BED49668FD668B4A7890F1E253DEDE8E7C62743297533F38FCC302C1CF669FEB16C8C17D0195E9B5C226FCBD0E0E8B67B25254A8EF0F4E1662"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1648)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2320)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Nero\Nero8\InCD\InCDsrv.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\oodag.exe
c:\program files\SiteAdvisor\6172\SAService.exe
c:\windows\system32\SearchIndexer.exe
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\windows\system32\wscntfy.exe
c:\program files\Kerio\SbPFCl.exe
c:\windows\RTHDCPL.EXE
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
.
**************************************************************************
.
Celkový čas: 2013-07-25 15:14:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-25 13:14
ComboFix2.txt 2011-02-16 18:59
ComboFix3.txt 2011-02-16 18:39
ComboFix4.txt 2011-02-15 21:43
ComboFix5.txt 2013-07-25 11:53
.
Před spuštěním: 6 767 390 720
Po spuštění: 6 842 707 968
.
- - End Of File - - D279AD6FFA0A007C16D5A87BEC48DA45
413FC2A0C716421B3158746D63736515

Jeste se zeptam, pouzivate legalni ESET = zakoupena licence?? Nejake radky v logu naznacuji, ze tomu tak neni...

Když jsem počítač kupoval, tak tam ESET byl už nainstalovaný...jestli je zakoupený či je to jen nějaká shareware verze to netuším...jestli se to dá nějak poznat tak napište prosím kde a jak a já se na to podívám.