prosím o kontrolu logu - zpomalené PC

[don dzirka]

Dobrý den,

mám nově Win 7 a než jsem našel schopně funkční firewall, tak jsem párkrát připojený k internetu přeinstalovával. Teď je internet dost zpomalený (10megový internet na dsl.cz pouze 7 a jiný PC přes wifi router 10mb/s). Celkově je práce ve Firefoxu zpomalená Mám problémy s qipem (časté odpojování, chyby při spouštění). Nic z toho se předtím neprojevovalo. Díky

edit: log odstraněn z code


Logfile of random's system information tool 1.06 (written by random/random)
Run by Jirka at 2010-01-14 22:55:11
Microsoft Windows 7 Ultimate
System drive C: has 160 GB (84%) free of 191 GB
Total RAM: 4094 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:55:42, on 14.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Program Files (x86)\QIP Infium\infium.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\instal\soft\RSIT.exe
C:\Program Files (x86)\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8356 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-10-20 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-10-20 268816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2006-07-07 262144]
"PC Suite for Smartphones"=C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-10-20 340456]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eddaa9c0-fed1-11de-bcd6-001d7d0318f0}]
shell\AutoRun\command - F:\SETUP.EXE
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-14 22:55:13 ----D---- C:\Program Files (x86)\trend micro
2010-01-14 22:55:11 ----D---- C:\rsit
2010-01-14 22:43:03 ----D---- C:\Users\Jirka\AppData\Roaming\QIP
2010-01-14 22:42:38 ----D---- C:\Program Files (x86)\QIP Infium
2010-01-14 18:07:07 ----D---- C:\ProgramData\Kaspersky Lab
2010-01-14 18:07:07 ----D---- C:\Program Files (x86)\Kaspersky Lab
2010-01-14 17:58:31 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2010-01-14 17:45:51 ----D---- C:\Users\Jirka\AppData\Roaming\PCToolsFirewallPlus
2010-01-14 17:45:44 ----D---- C:\Users\Jirka\AppData\Roaming\Spam Monitor
2010-01-14 17:41:55 ----D---- C:\ProgramData\PC Tools
2010-01-14 00:42:09 ----A---- C:\Install.log.txt
2010-01-13 16:48:12 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 16:48:12 ----A---- C:\Windows\system32\fontsub.dll
2010-01-12 19:34:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-01-12 19:34:14 ----D---- C:\Program Files (x86)\Microsoft
2010-01-11 23:43:44 ----D---- C:\Windows\system32\Macromed
2010-01-11 23:39:51 ----A---- C:\Windows\ntbtlog.txt
2010-01-11 21:12:08 ----D---- C:\Program Files (x86)\Elaborate Bytes
2010-01-11 03:02:50 ----SHD---- C:\Config.Msi
2010-01-10 22:40:50 ----A---- C:\Windows\system32\PnkBstrB.exe
2010-01-10 22:40:32 ----A---- C:\Windows\system32\PnkBstrA.exe
2010-01-10 22:40:32 ----A---- C:\Windows\system32\pbsvc_heroes.exe
2010-01-10 22:34:48 ----D---- C:\Program Files (x86)\EA Games
2010-01-10 21:35:05 ----D---- C:\Windows\Minidump
2010-01-10 18:33:40 ----D---- C:\Program Files (x86)\Common Files\DESIGNER
2010-01-10 18:33:35 ----D---- C:\Windows\PCHEALTH
2010-01-10 18:33:35 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-01-10 18:28:02 ----D---- C:\Program Files (x86)\Microsoft Office
2010-01-10 18:28:01 ----D---- C:\ProgramData\Microsoft Help
2010-01-10 18:23:15 ----RHD---- C:\MSOCache
2010-01-10 18:09:43 ----D---- C:\Users\Jirka\AppData\Roaming\DAEMON Tools Lite
2010-01-10 18:09:39 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-01-10 00:02:25 ----D---- C:\Users\Jirka\AppData\Roaming\WinRAR
2010-01-09 22:52:18 ----D---- C:\Program Files (x86)\Adobe
2010-01-09 22:12:16 ----D---- C:\Users\Jirka\AppData\Roaming\Media Player Classic
2010-01-09 13:33:43 ----D---- C:\Users\Jirka\AppData\Roaming\Teleca
2010-01-09 13:28:52 ----D---- C:\Users\Jirka\AppData\Roaming\Sony Ericsson
2010-01-09 13:28:48 ----D---- C:\Program Files (x86)\Intuwave
2010-01-09 13:28:43 ----D---- C:\Program Files (x86)\Symbian
2010-01-09 13:28:42 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-01-09 13:28:25 ----D---- C:\ProgramData\Sony Ericsson
2010-01-09 13:28:25 ----D---- C:\Program Files (x86)\Common Files\Sony Ericsson Shared
2010-01-09 13:28:23 ----D---- C:\ProgramData\Teleca
2010-01-09 13:28:23 ----D---- C:\Program Files (x86)\Sony Ericsson
2010-01-09 13:28:23 ----D---- C:\Program Files (x86)\Common Files\Teleca Shared
2010-01-09 13:27:20 ----D---- C:\Windows\Downloaded Installations
2010-01-09 12:53:20 ----D---- C:\Program Files (x86)\WinRAR
2010-01-09 12:52:19 ----A---- C:\Windows\system32\TwnLib4.dll
2010-01-09 12:52:19 ----A---- C:\Windows\system32\imagXRA7.dll
2010-01-09 12:52:19 ----A---- C:\Windows\system32\imagXR7.dll
2010-01-09 12:52:19 ----A---- C:\Windows\system32\imagXpr7.dll
2010-01-09 12:52:19 ----A---- C:\Windows\system32\BCGPOleAcc.dll
2010-01-09 12:52:19 ----A---- C:\Windows\system32\BCGCBPRO860u80.dll
2010-01-09 12:52:18 ----D---- C:\Program Files (x86)\Common Files\Nero
2010-01-09 12:52:18 ----A---- C:\Windows\system32\imagX7.dll
2010-01-09 12:52:16 ----D---- C:\Program Files (x86)\Nero
2010-01-09 12:50:50 ----D---- C:\Users\Jirka\AppData\Roaming\BSplayer PRO
2010-01-09 12:50:49 ----D---- C:\Program Files (x86)\Webteh
2010-01-09 12:50:24 ----A---- C:\Windows\system32\unrar.dll
2010-01-09 12:50:23 ----A---- C:\Windows\avisplitter.ini
2010-01-09 12:50:22 ----A---- C:\Windows\system32\yv12vfw.dll
2010-01-09 12:50:22 ----A---- C:\Windows\system32\xvidvfw.dll
2010-01-09 12:50:22 ----A---- C:\Windows\system32\xvidcore.dll
2010-01-09 12:50:21 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-01-09 12:50:21 ----A---- C:\Windows\system32\ff_vfw.dll
2010-01-09 12:50:20 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2010-01-09 12:45:39 ----D---- C:\Program Files (x86)\QIP
2010-01-09 12:02:13 ----D---- C:\Users\Jirka\AppData\Roaming\Macromedia
2010-01-09 12:02:13 ----D---- C:\Users\Jirka\AppData\Roaming\Adobe
2010-01-09 11:56:32 ----D---- C:\ProgramData\Adobe
2010-01-09 11:56:30 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-01-09 11:54:58 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2010-01-09 11:54:55 ----D---- C:\Users\Jirka\AppData\Roaming\Winamp
2010-01-09 11:54:55 ----D---- C:\Program Files (x86)\Winamp
2010-01-09 03:24:28 ----A---- C:\Windows\system32\tzres.dll
2010-01-09 03:24:19 ----A---- C:\Windows\system32\msv1_0.dll
2010-01-09 03:01:10 ----A---- C:\Windows\system32\wmp.dll
2010-01-09 03:01:09 ----A---- C:\Windows\system32\CertEnroll.dll
2010-01-09 03:01:08 ----A---- C:\Windows\system32\wmploc.DLL
2010-01-09 03:01:08 ----A---- C:\Windows\system32\explorer.exe
2010-01-09 03:01:08 ----A---- C:\Windows\system32\atmfd.dll
2010-01-09 03:01:08 ----A---- C:\Windows\explorer.exe
2010-01-09 03:01:04 ----A---- C:\Windows\system32\msasn1.dll
2010-01-09 03:01:02 ----A---- C:\Windows\system32\mshtml.dll
2010-01-09 03:01:02 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-09 01:55:13 ----D---- C:\Program Files (x86)\Spyware Doctor
2010-01-09 01:55:13 ----D---- C:\Program Files (x86)\Common Files\PC Tools
2010-01-09 01:55:11 ----AD---- C:\ProgramData\TEMP
2010-01-09 01:44:28 ----D---- C:\Program Files (x86)\SpeedFan
2010-01-09 01:33:56 ----D---- C:\download
2010-01-09 01:33:10 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-01-09 01:33:02 ----D---- C:\ProgramData\NVIDIA
2010-01-09 01:32:34 ----D---- C:\Windows\system32\AGEIA
2010-01-09 01:32:34 ----D---- C:\Program Files (x86)\AGEIA Technologies
2010-01-09 01:32:27 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-01-09 01:31:50 ----A---- C:\Windows\system32\OpenCL.dll
2010-01-09 01:31:49 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-01-09 01:31:47 ----A---- C:\Windows\system32\nvoglv32.dll
2010-01-09 01:31:47 ----A---- C:\Windows\system32\nvencodemft.dll
2010-01-09 01:31:47 ----A---- C:\Windows\system32\nvdecodemft.dll
2010-01-09 01:31:46 ----A---- C:\Windows\system32\nvd3dum.dll
2010-01-09 01:31:46 ----A---- C:\Windows\system32\nvcuvid.dll
2010-01-09 01:31:46 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-01-09 01:31:46 ----A---- C:\Windows\system32\nvcuda.dll
2010-01-09 01:31:46 ----A---- C:\Windows\system32\nvcompiler.dll
2010-01-09 01:31:44 ----A---- C:\Windows\system32\nvapi.dll
2010-01-09 01:31:43 ----D---- C:\NVIDIA
2010-01-09 01:21:19 ----D---- C:\Users\Jirka\AppData\Roaming\Mozilla
2010-01-09 01:21:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-01-09 01:20:13 ----D---- C:\Program Files (x86)\Realtek
2010-01-09 01:19:45 ----D---- C:\Program Files (x86)\Intel
2010-01-09 01:19:45 ----A---- C:\Windows\system32\CSVer.dll
2010-01-09 01:19:36 ----D---- C:\Intel
2010-01-09 00:57:05 ----D---- C:\Users\Jirka\AppData\Roaming\GHISLER
2010-01-09 00:47:01 ----SHD---- C:\Windows\Installer
2010-01-09 00:44:40 ----A---- C:\Windows\system32\MSVCR71.dll
2010-01-09 00:44:40 ----A---- C:\Windows\system32\MSVCP71.dll
2010-01-09 00:44:40 ----A---- C:\Windows\system32\MFC71.dll
2010-01-09 00:11:50 ----D---- C:\Program Files (x86)\Common Files\StarCam
2010-01-09 00:11:50 ----A---- C:\Windows\vsnpstd3.exe
2010-01-09 00:11:50 ----A---- C:\Windows\tsnpstd3.exe
2010-01-09 00:11:50 ----A---- C:\Windows\system32\vsnpstd3.dll
2010-01-09 00:11:50 ----A---- C:\Windows\system32\rsnpstd3.dll
2010-01-09 00:11:50 ----A---- C:\Windows\snpstd3.ini
2010-01-09 00:11:50 ----A---- C:\Windows\AMCap.exe
2010-01-09 00:11:48 ----A---- C:\Windows\system32\csnpstd3.dll
2010-01-09 00:11:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-01-09 00:11:43 ----D---- C:\Users\Jirka\AppData\Roaming\InstallShield
2010-01-08 23:55:48 ----D---- C:\Users\Jirka\AppData\Roaming\Identities
2010-01-08 23:55:42 ----SD---- C:\Users\Jirka\AppData\Roaming\Microsoft
2010-01-08 23:55:42 ----D---- C:\Users\Jirka\AppData\Roaming\Media Center Programs
2010-01-08 23:55:14 ----SHD---- C:\Recovery
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Šablony
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Plocha
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Oblíbené položky
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Nabídka Start
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Dokumenty
2010-01-08 23:55:14 ----SHD---- C:\ProgramData\Data aplikací
2010-01-08 23:45:18 ----D---- C:\Windows\SoftwareDistribution
2010-01-08 23:42:39 ----D---- C:\Windows\Prefetch
2010-01-08 23:42:23 ----SHD---- C:\System Volume Information
2010-01-08 23:41:25 ----D---- C:\Windows\Panther
2010-01-08 23:41:13 ----RASH---- C:\BOOTSECT.BAK
2010-01-08 23:41:11 ----SHD---- C:\Boot

======List of files/folders modified in the last 1 months======

2010-01-14 22:55:14 ----D---- C:\Windows\Temp
2010-01-14 22:55:13 ----RD---- C:\Program Files (x86)
2010-01-14 18:07:38 ----D---- C:\Windows\System32
2010-01-14 18:07:35 ----D---- C:\Windows\inf
2010-01-14 18:07:07 ----HD---- C:\ProgramData
2010-01-14 18:05:22 ----SD---- C:\ProgramData\Microsoft
2010-01-14 18:04:00 ----D---- C:\Windows
2010-01-14 17:59:56 ----D---- C:\Windows\SysWOW64
2010-01-14 17:42:27 ----D---- C:\Windows\winsxs
2010-01-14 17:40:35 ----RD---- C:\Program Files
2010-01-12 19:37:20 ----RSD---- C:\Windows\assembly
2010-01-12 19:37:02 ----RSD---- C:\Windows\Fonts
2010-01-12 19:36:58 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-01-10 18:33:40 ----D---- C:\Program Files (x86)\Common Files
2010-01-10 18:28:16 ----D---- C:\Windows\ShellNew
2010-01-09 04:06:44 ----D---- C:\Windows\rescache
2010-01-09 03:36:30 ----D---- C:\Windows\Microsoft.NET
2010-01-09 03:27:48 ----D---- C:\Windows\system32\cs-CZ
2010-01-09 03:27:48 ----D---- C:\Windows\ehome
2010-01-09 03:27:48 ----D---- C:\Program Files (x86)\Windows Media Player
2010-01-09 03:27:47 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-09 03:23:36 ----D---- C:\Windows\debug
2010-01-09 03:23:14 ----D---- C:\Windows\AppPatch
2010-01-09 03:00:22 ----D---- C:\Windows\Logs
2010-01-09 01:32:57 ----D---- C:\Windows\Help
2010-01-09 01:02:20 ----D---- C:\Windows\system32\drivers
2010-01-09 00:14:59 ----D---- C:\Windows\twain_32
2010-01-09 00:11:51 ----A---- C:\Windows\win.ini
2010-01-08 23:55:46 ----SHD---- C:\$Recycle.Bin
2010-01-08 23:55:39 ----RD---- C:\Users
2010-01-08 23:43:03 ----D---- C:\Windows\CSC
2010-01-08 23:40:59 ----D---- C:\Windows\Setup

[motji]

Hezké odpoledne
Prosím odstrante log z code, špatně se čte. Díky

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[don dzirka]

aha!?

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3569
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.1.2010 17:16:11
mbam-log-2010-01-15 (17-16-11).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|F:\|)
Zkontrolované objekty: 204720
Uplynulý čas: 19 minute(s), 39 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[motji]

Já v logu nic nevidím . qip mě taky občas zlobí

Z mého podpisu stahněte Ccleaner
-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy udělat zálohu registrů - nemusíte
-kliknete opravit všechny problémy ok zavřít

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

[don dzirka]

hotovo, díky za rady. Budu hledat problém někde jinde. Načítání stránek je pořád pomalejší, není to ono.

DSL.cz 7,7mbit
rychlost.cz 9,7mbit
speedtest.net drží se okolo 9 a pak vyskočí na naprosto zmatené číslo (např. 28, 40...) nikdy to speedtest nedělal.

Notebook přes wifi router všude vždy přesně 10, jak to má být

[motji]

Tak pro jistotu

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

[don dzirka]

bohužel, pod win7 se mu nechce jet (only 2000 and XP). A nejsem si jist, jestli u tohoto druhu softwaru je nastavování kompatibility to pravé.

[motji]

teoreticky by fungovat měl, ale nefunguje .
Zkusíme něco jiného

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



Stahněte AVZ http://z-oleg.com/avz4.zip na plochu
- rozbalte tak aby byla jen jedna slozka avz4
- spusťe AVZ.exe
-klikněte na file-customscripts
-do okna vložte text

Kód: Vybrat vše

begin
ExecuteStdScr(1);
ExecuteStdScr(3);
RebootWindows(true);
end.

-klikněte na Run
-log pak vložte zde jako přílohu v zipu

[don dzirka]

combofix se vlastně ani nenainstaloval, takže první krok nebyl potřeba.

No a AVZ: Po vložení skriptu a spuštění po cca 3 vteřinách "Program Antivirusnaja utilita AVZ přestal pracovat. Problém způsobil, že program přestal správně fungovat......"

[motji]

Odinstalujte AVZ
- v menu File -> Standard script zvolte možnost "6"
- klikněte na Execute selected scripts, potvrďte "Yes"

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

[don dzirka]

Autoscan: completed 24 minutes ago (events: 2, objects: 392764, time: 00:53:49)
15.1.2010 23:58:35 Task started
16.1.2010 0:52:24 Task completed





takže asi hotovo

[motji]

Zkuste ještě prohlížeče přeinstalovat, třeba použijte Revo uninstaler