Preventivní kontrola + pomalejší net

Albeda · Příspěvekod **Albeda** » 01 srp 2009 19:28

Zdravím, v poslední době jsem zaznamenal pomalejší internet možná to bude chyba u providera, ale i tak bych rád o preventivní kontrolu.
Děkuji

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:25:31, on 1.8.2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Avi Player\AviPlayer.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
D:\Programy\Komunikace\QIP Infium\infium.exe
D:\Programy\Prohlížeče\Mozilla Firefox\firefox.exe
D:\Programy\Ochrana\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Avi Player] "C:\Program Files (x86)\Avi Player\AviPlayer.exe" hmw
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\ilannsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\loilsp.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - D:\Programy\Vypalování\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8885 bytes

Reklama

Příspěvekod **jaro3** » 01 srp 2009 19:51

nevím , zda bude tento program pracovat pod Tvým OS, zkus:

1) Klikni na následující odkaz pro stažení LSPFix na Tvou pracovní plochu.
http://www.cexx.org/LSPFix.exe

2) Poté, co se exe soubor na ploše ukáže, poklikej na něj.
3) V levém sloupci se objeví soubory ilannsp.dll a loilsp.dll Kliknutím na ně se odkaz zvýrazní, potom klikni na šipku uprostřed obrazovky, která ukazuje na pravou stranu .
Tím se přesunou soubory do správného sloupce označeném Odebrat (Remove)

POZNÁMKA: Pokud je šipka je šedá a neumožňuje, abys kliknul, je potřeba zaškrtnout políčko označené "Já vím, co mám dělat" (I know what..)

4) Poté, co byly soubory převedeny na Odstranit( remove) sloupce, klepni na tlačítko Dokončit( Finnish) v dolní části obrazovky. Budeš informován na obrazovce že soubor byl odstraněn z Winsock záznamu v registru.Potom zavři LSPFix program .
*****************************************************************************************************************************************
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod: viewtopic.php?f=70&t=5119

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O13 - Gopher Prefix:

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Albeda · Příspěvekod **Albeda** » 02 srp 2009 12:32

Ten LSPFix mi fungoval v reřimu kompatibility, ale ten ATF Cleaner, i když používám Mozillu, tak toto políčko bylo šedé. Přesto jsem to spustil a smazalo to necelý jeden giga dat, tak myslím, že to fungovalo.

Tady je log:
Malwarebytes' Anti-Malware 1.39
Database version: 2542
Windows 6.1.7100

2.8.2009 12:30:00
mbam-log-2009-08-02 (12-29-49).txt

Scan type: Quick Scan
Objects scanned: 79752
Time elapsed: 2 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\install.exe (Trojan.Agent) -> No action taken.

Příspěvekod **jaro3** » 02 srp 2009 15:15

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All.. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTListIt.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Albeda · Příspěvekod **Albeda** » 02 srp 2009 21:49

Log z OTL.txt :

OTL logfile created on: 2.8.2009 21:45:33 - Run 2
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\Albeda\Downloads
64bit-Windows XP Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1024,00 Mb Total Physical Memory | 1024,00 Mb Available Physical Memory | 100,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,56 Gb Total Space | 1,28 Gb Free Space | 3,41% Space Free | Partition Type: NTFS
Drive D: | 195,32 Gb Total Space | 0,33 Gb Free Space | 0,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALBEDA-PC
Current User Name: Albeda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - D:\Programy\Vypalování\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PSIService.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Avi Player\AviPlayer.exe ()
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Users\Albeda\Downloads\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility [Auto | Running]) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppIDSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt [On_Demand | Stopped]) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV:64bit: - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV:64bit: - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV:64bit: - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV:64bit: - (AxInstSV [On_Demand | Stopped]) -- C:\Windows\SysNative\AxInstSV.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC [Unknown | Stopped]) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv [On_Demand | Stopped]) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (CscService [Auto | Running]) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc [On_Demand | Stopped]) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp [Auto | Running]) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (Fax [On_Demand | Stopped]) -- C:\Windows\SysNative\fxssvc.exe (Microsoft Corporation)
SRV:64bit: - (FontCache [On_Demand | Stopped]) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener [On_Demand | Running]) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider [On_Demand | Running]) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc [On_Demand | Running]) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\peerdistsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg [On_Demand | Stopped]) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc [On_Demand | Running]) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (Power [Auto | Running]) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper [Unknown | Running]) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (sppsvc [Auto | Stopped]) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (sppuinotify [On_Demand | Stopped]) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (Themes [Auto | Running]) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (TuneUp.Defrag [On_Demand | Stopped]) -- C:\Windows\SysNative\TuneUpDefragService.exe (TuneUp Software)
SRV:64bit: - (TuneUp.ProgramStatisticsSvc [Auto | Stopped]) -- C:\Windows\SysNative\TUProgSt.exe (TuneUp Software)
SRV:64bit: - (UmRdpService [On_Demand | Stopped]) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (UxTuneUp [Auto | Stopped]) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (wbengine [On_Demand | Stopped]) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (WbioSrvc [On_Demand | Stopped]) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV:64bit: - (WwanSvc [On_Demand | Stopped]) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Dhcp [Auto | Running]) -- C:\Windows\SysWow64\dhcpcore.dll (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (HomeGroupProvider [On_Demand | Running]) -- C:\Windows\SysWow64\provsvc.dll (Microsoft Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (KeyIso [On_Demand | Stopped]) -- C:\Windows\SysWow64\keyiso.dll (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service [Auto | Running]) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2009.04.22 09:16:43 | 00,000,000 | ---D | M]
SRV - (Netlogon [On_Demand | Stopped]) -- C:\Windows\SysWow64\netlogon.dll (Microsoft Corporation)
SRV - (NMSAccessU [Auto | Running]) -- D:\Programy\Vypalování\CDBurnerXP\NMSAccessU.exe ()
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrB.exe ()
SRV - (ProtexisLicensing [Auto | Running]) -- C:\Windows\SysWOW64\PSIService.exe ()
SRV - (UxTuneUp [Auto | Stopped]) -- C:\Windows\SysWow64\uxtuneup.dll (TuneUp Software)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\Vss [2009.04.22 09:16:44 | 00,000,000 | ---D | M]

========== Driver Services (SafeList) ==========

DRV:64bit: - (1394ohci [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (amdsata [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdsata.sys (AMD)
DRV:64bit: - (amdsbs [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (amdxata [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\amdxata.sys (AMD)
DRV:64bit: - (AppID [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (aswFsBlk [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV:64bit: - (aswMonFlt [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys (ALWIL Software)
DRV:64bit: - (aswRdr [System | Running]) -- C:\Windows\SysNative\drivers\aswRdr.sys (ALWIL Software)
DRV:64bit: - (aswSP [System | Running]) -- C:\Windows\SysNative\drivers\aswSP.sys (ALWIL Software)
DRV:64bit: - (aswTdi [System | Running]) -- C:\Windows\SysNative\drivers\aswTdi.sys (ALWIL Software)
DRV:64bit: - (AtiHdmiService [On_Demand | Running]) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (atikmdag [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (atksgt [Auto | Stopped]) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (b06bdrv [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Beep [System | Running]) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (CNG [Boot | Running]) -- C:\Windows\SysNative\Drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (CSC [System | Running]) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (discache [System | Running]) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\evbda.sys (Broadcom Corporation)
DRV:64bit: - (FsDepends [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\FsDepends.sys (Microsoft Corporation)
DRV:64bit: - (fvevol [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (hamachi [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (hcw85cir [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (hwpolicy [Boot | Running]) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (KSecPkg [Boot | Running]) -- C:\Windows\SysNative\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (lirsgt [Auto | Stopped]) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (LSI_SAS2 [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (mshidkmdf [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (NVENETFD [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (pcw [Boot | Running]) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\AgileVpn.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP [System | Running]) -- C:\Windows\SysNative\drivers\rdprefmp.sys (Microsoft Corporation)
DRV:64bit: - (rdyboost [Boot | Running]) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (s3cap [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (scfilter [Unknown | Stopped]) -- C:\Windows\SysNative\DRIVERS\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (stexstor [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\stexstor.sys (Promise Technology)
DRV:64bit: - (storflt [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (UmPass [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\umpass.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID [On_Demand | Stopped]) -- C:\Windows\SysNative\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf [System | Running]) -- C:\Windows\SysNative\DRIVERS\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (WIMMount [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf [On_Demand | Running]) -- C:\Windows\SysNative\drivers\WudfPf.sys (Microsoft Corporation)
DRV - (CSC [System | Running]) -- C:\Windows\CSC [2009.05.20 21:44:43 | 00,000,000 | ---D | M]
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof ()
DRV - (NetBIOS [System | Running]) -- C:\Windows\SysWow64\netbios.dll (Microsoft Corporation)
DRV - (speedfan [Boot | Running]) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof ()
DRV - (WIMMount [On_Demand | Stopped]) -- C:\Windows\SysWow64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (yqnvse [Boot | Stopped]) -- C:\Windows\system32\drivers\cpkuulw.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E7 D5 58 2D E9 12 CA 01 [binary data]
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz/"
FF - prefs.js..extensions.enabledItems: {bfe3406c-6f31-4789-86d5-efa50e12c9eb}:3.3
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.12
FF - prefs.js..network.proxy.http: "119.70.40.101"
FF - prefs.js..network.proxy.http_port: 80

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.04.22 11:45:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: D:\Programy\Prohlížeče\Mozilla Firefox\components [2009.07.22 23:10:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: D:\Programy\Prohlížeče\Mozilla Firefox\plugins [2009.07.22 23:10:51 | 00,000,000 | ---D | M]

[2009.05.20 22:36:21 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Extensions
[2009.05.20 22:36:21 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.02 19:21:27 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Firefox\Profiles\utn2w18d.default\extensions
[2009.05.20 22:42:09 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Firefox\Profiles\utn2w18d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.28 14:00:39 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Firefox\Profiles\utn2w18d.default\extensions\{bfe3406c-6f31-4789-86d5-efa50e12c9eb}
[2009.06.14 13:20:50 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\mozilla\Firefox\Profiles\utn2w18d.default\extensions\illimitux@illimitux.net

O1 HOSTS File: (946 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 0.0.0.0 google-analytics.com
O1 - Hosts: 0.0.0.0 ad.gamersmedia.com
O1 - Hosts: 0.0.0.0 google-analytics.com
O1 - Hosts: 0.0.0.0 ad.gamersmedia.com
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [Avi Player] C:\Program Files (x86)\Avi Player\AviPlayer.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe ()
O9 - Extra 'Tools' menuitem : Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 88.146.170.1 81.0.237.137
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWow64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell\install\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.08.02 00:25:57 | 00,000,784 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.08.02 00:25:54 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.08.02 00:25:53 | 00,022,040 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009.08.02 00:25:17 | 00,000,000 | ---D | C] -- C:\Users\Albeda\AppData\Roaming\Malwarebytes
[2009.08.02 00:25:17 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009.08.02 00:25:12 | 00,061,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\cpkuulw.sys
[2009.08.01 19:25:01 | 00,000,912 | ---- | C] () -- C:\Users\Albeda\Desktop\HijackThis.lnk
[2009.07.31 20:35:38 | 00,000,366 | ---- | C] () -- C:\Users\Albeda\Desktop\xp_upload.reg
[2009.07.31 20:32:31 | 00,000,000 | ---D | C] -- C:\Users\Albeda\AppData\Roaming\Happy Foto
[2009.07.30 22:13:12 | 00,163,477 | ---- | C] () -- C:\Users\Albeda\Desktop\UdrzbaPCbeta04.cmd
[2009.07.30 02:47:03 | 10,974,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009.07.30 02:47:02 | 12,343,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009.07.30 02:47:02 | 05,954,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.07.30 02:47:01 | 09,273,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009.07.28 19:55:06 | 00,000,800 | ---- | C] () -- C:\Users\Albeda\Desktop\EVEREST Ultimate Edition.lnk
[2009.07.28 14:33:18 | 00,009,121 | ---- | C] () -- C:\Users\Albeda\Desktop\clean.bat
[2009.07.28 11:35:42 | 00,000,763 | ---- | C] () -- C:\Users\Public\Desktop\w3l.lnk
[2009.07.28 11:35:39 | 00,000,000 | ---D | C] -- C:\Windows\Eurobattle.net
[2009.07.27 20:59:27 | 00,000,000 | ---D | C] -- C:\Users\Albeda\Documents\gothic3
[2009.07.27 20:58:22 | 00,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2009.07.27 20:58:12 | 00,073,728 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\SysWow64\ISUSPM.cpl
[2009.07.25 14:26:23 | 00,001,156 | ---- | C] () -- C:\Users\Albeda\Desktop\DeltaGliderIV Documentation.lnk
[2009.07.25 14:26:23 | 00,001,083 | ---- | C] () -- C:\Users\Albeda\Desktop\DeltaGliderIV Configuration.lnk
[2009.07.25 14:23:52 | 00,000,861 | ---- | C] () -- C:\Users\Albeda\Desktop\OrbiterSound config.lnk
[2009.07.25 13:49:19 | 00,712,380 | ---- | C] () -- C:\Users\Albeda\Desktop\Image2.jpg
[2009.07.24 22:50:24 | 00,186,957 | ---- | C] () -- C:\Users\Albeda\Desktop\oceneni-2009.pdf
[2009.07.24 13:00:41 | 00,000,775 | ---- | C] () -- C:\Users\Albeda\Desktop\SchemaPlus.lnk
[2009.07.23 16:55:02 | 00,000,831 | ---- | C] () -- C:\Users\Albeda\Desktop\Editor schémat.lnk
[2009.07.23 16:54:57 | 00,000,000 | ---D | C] -- C:\Users\Albeda\Documents\schémata
[2009.07.23 16:51:06 | 00,000,831 | ---- | C] () -- C:\Users\Albeda\Desktop\ProfiCAD.lnk
[2009.07.23 16:51:03 | 00,000,000 | ---D | C] -- C:\Users\Albeda\Documents\samples
[2009.07.23 16:51:02 | 00,000,000 | ---D | C] -- C:\Users\Albeda\AppData\Roaming\ProfiCAD
[2009.07.21 03:03:48 | 00,189,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009.07.20 20:59:18 | 00,000,000 | ---D | C] -- C:\Users\Albeda\Desktop\Age of Empires II
[2009.07.20 17:50:04 | 00,189,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.07.20 17:50:00 | 00,000,000 | ---D | C] -- C:\Users\Albeda\AppData\Local\PunkBuster
[2009.07.20 15:27:48 | 00,000,000 | ---D | C] -- C:\Users\Albeda\Desktop\Counter-Strike
[2009.07.19 10:51:23 | 00,000,657 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2009.07.19 10:51:23 | 00,000,657 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2009.07.18 18:14:47 | 00,000,304 | ---- | C] () -- C:\Windows\game.ini
[2009.06.03 16:19:02 | 00,000,036 | -H-- | C] () -- C:\Windows\SysWow64\swk.ini
[2009.05.25 14:25:29 | 00,002,516 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009.05.25 14:25:29 | 00,000,088 | RHS- | C] () -- C:\Windows\SysWow64\BA803403B7.sys
[2009.04.22 08:37:02 | 00,000,478 | ---- | C] () -- C:\Windows\win.ini
[2009.04.22 08:37:02 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.04.22 05:40:32 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.04.22 03:04:20 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.09.28 14:55:34 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\PhysXLoader.dll
[2006.09.26 14:01:40 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2006.09.08 09:01:50 | 00,045,056 | R--- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[1997.06.14 02:56:08 | 00,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== Files - Modified Within 30 Days ==========

[2009.08.02 21:00:00 | 00,000,500 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009.08.02 19:42:16 | 00,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.08.02 19:42:16 | 00,013,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.08.02 19:41:04 | 01,445,056 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.08.02 19:41:04 | 00,622,022 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.08.02 19:41:04 | 00,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.08.02 19:41:04 | 00,118,356 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.08.02 19:41:04 | 00,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.08.02 19:34:56 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.08.02 19:34:52 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.08.02 19:34:49 | 16,102,60480 | -HS- | M] () -- C:\hiberfil.sys
[2009.08.02 19:33:54 | 06,291,456 | -H-- | M] () -- C:\Users\Albeda\AppData\Local\IconCache.db
[2009.08.02 18:24:11 | 00,000,496 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2009.08.02 00:25:57 | 00,000,784 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.08.02 00:25:12 | 00,061,440 | ---- | M] () -- C:\Windows\SysWow64\drivers\cpkuulw.sys
[2009.08.01 19:25:01 | 00,000,912 | ---- | M] () -- C:\Users\Albeda\Desktop\HijackThis.lnk
[2009.07.31 20:35:38 | 00,000,366 | ---- | M] () -- C:\Users\Albeda\Desktop\xp_upload.reg
[2009.07.30 02:46:48 | 00,000,478 | ---- | M] () -- C:\Windows\win.ini
[2009.07.28 19:55:06 | 00,000,800 | ---- | M] () -- C:\Users\Albeda\Desktop\EVEREST Ultimate Edition.lnk
[2009.07.28 14:34:20 | 00,009,121 | ---- | M] () -- C:\Users\Albeda\Desktop\clean.bat
[2009.07.28 11:35:42 | 00,000,763 | ---- | M] () -- C:\Users\Public\Desktop\w3l.lnk
[2009.07.28 11:29:39 | 00,112,816 | ---- | M] () -- C:\Users\Albeda\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.07.28 11:28:50 | 00,426,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.07.27 23:56:10 | 00,163,477 | ---- | M] () -- C:\Users\Albeda\Desktop\UdrzbaPCbeta04.cmd
[2009.07.27 20:56:40 | 00,303,616 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2009.07.27 20:56:39 | 00,035,328 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2009.07.26 16:00:56 | 00,189,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009.07.26 16:00:56 | 00,189,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.07.25 14:26:23 | 00,001,156 | ---- | M] () -- C:\Users\Albeda\Desktop\DeltaGliderIV Documentation.lnk
[2009.07.25 14:26:23 | 00,001,083 | ---- | M] () -- C:\Users\Albeda\Desktop\DeltaGliderIV Configuration.lnk
[2009.07.25 14:23:52 | 00,000,861 | ---- | M] () -- C:\Users\Albeda\Desktop\OrbiterSound config.lnk
[2009.07.25 09:40:00 | 09,273,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009.07.25 09:39:09 | 12,343,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009.07.25 08:09:12 | 05,954,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.07.25 08:08:01 | 10,974,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009.07.24 22:50:26 | 00,186,957 | ---- | M] () -- C:\Users\Albeda\Desktop\oceneni-2009.pdf
[2009.07.24 13:00:41 | 00,000,775 | ---- | M] () -- C:\Users\Albeda\Desktop\SchemaPlus.lnk
[2009.07.23 22:51:08 | 00,002,516 | -HS- | M] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009.07.23 20:13:58 | 00,712,380 | ---- | M] () -- C:\Users\Albeda\Desktop\Image2.jpg
[2009.07.23 16:55:02 | 00,000,831 | ---- | M] () -- C:\Users\Albeda\Desktop\Editor schémat.lnk
[2009.07.23 16:51:06 | 00,000,831 | ---- | M] () -- C:\Users\Albeda\Desktop\ProfiCAD.lnk
[2009.07.21 03:00:11 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.07.19 10:51:23 | 00,000,657 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2009.07.19 10:51:23 | 00,000,657 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2009.07.19 10:50:55 | 00,000,304 | ---- | M] () -- C:\Windows\game.ini
[2009.07.13 13:36:34 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.07.13 13:36:14 | 00,022,040 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== LOP Check ==========

[2009.08.02 00:25:17 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming
[2009.05.21 07:22:58 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\ATI
[2009.06.06 18:38:19 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\Canneverbe_Limited
[2009.05.25 14:25:30 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\Corel
[2009.06.03 16:23:36 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\CyberLink
[2009.05.21 13:54:10 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\DAEMON Tools Lite
[2009.05.21 13:31:27 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\DAEMON Tools Pro
[2009.06.03 17:04:41 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\dvdcss
[2009.06.03 16:14:38 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\GRETECH
[2009.06.05 13:54:08 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\Hamachi
[2009.07.31 20:32:31 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\Happy Foto
[2009.05.28 06:42:00 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\ICQ
[2009.04.22 14:34:59 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\Media Center Programs
[2009.07.23 16:52:55 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\ProfiCAD
[2009.05.21 14:25:10 | 00,000,000 | RH-D | M] -- C:\Users\Albeda\AppData\Roaming\SecuROM
[2009.06.02 06:58:30 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\TuneUp Software
[2009.07.28 20:12:44 | 00,000,000 | ---D | M] -- C:\Users\Albeda\AppData\Roaming\uTorrent
[2009.08.02 21:00:00 | 00,000,500 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2009.08.02 18:24:11 | 00,000,496 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2009.08.02 19:34:56 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.07.23 09:40:16 | 00,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Albeda · Příspěvekod **Albeda** » 02 srp 2009 21:50

Log z Extras.txt :

OTL Extras logfile created on: 2.8.2009 21:45:33 - Run 2
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\Albeda\Downloads
64bit-Windows XP Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1024,00 Mb Total Physical Memory | 1024,00 Mb Available Physical Memory | 100,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 50,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 37,56 Gb Total Space | 1,28 Gb Free Space | 3,41% Space Free | Partition Type: NTFS
Drive D: | 195,32 Gb Total Space | 0,33 Gb Free Space | 0,17% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ALBEDA-PC
Current User Name: Albeda
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Programy\Prohlížeče\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = E7 3D 5E 41 2C C3 C9 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BAE72B35-821F-6780-18C5-BE4EBDF8DC7A}" = ATI Catalyst Install Manager
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F7561C47-6327-E6A5-3B57-756FA920CEF3}" = ccc-utility64

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"{1998BD34-1AAB-4169-ACFF-67342E2AF9B4}" = Gothic III Release Update
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{259BDEFB-DCE0-990E-6C65-EA6DCAF1C604}" = Catalyst Control Center HydraVision Full
"{262296A3-87A4-4614-CBF1-E04455694390}" = Catalyst Control Center Graphics Light
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 13
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{4411E4C3-C60F-B094-0E1F-C6E73311A9EA}" = Catalyst Control Center InstallProxy
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{582876EC-A178-44D4-9823-C10D6C62EAFF}" = AGEIA PhysX v6.10.05
"{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"{5E7AFD67-97C1-E310-CDC4-9F1547E1677C}" = Catalyst Control Center Graphics Previews Vista
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83A92C93-C5F2-128A-532A-B7C295450476}" = Catalyst Control Center Graphics Full Existing
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8795CBED-55E2-4693-9F14-84EC446935BE}" = SpeechRedist
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8EA950F9-4CC6-35FC-BB9A-761298DE9ADC}" = Catalyst Control Center Graphics Full New
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9B4B3428-7640-400E-9B96-22243568E296}" = Catalyst Control Center Graphics Previews Common
"{A111CF27-5082-6499-17D3-7FDA158206EF}" = ccc-core-static
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1.2 - Czech
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D5C36070-143F-489D-FB5A-903940D42325}" = Catalyst Control Center Core Implementation
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"{E77C580F-E2C8-23C7-350E-F3317D1C4A8A}" = CCC Help English
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II - The Conquerors - 1.0e Patch FINAL_is1" = Age of Empires II - The Conquerors - 1.0e Patch FINAL
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"avast!" = avast! Antivirus
"Avi Player" = Avi Player
"Blobby Volley 2.0 Alpha 6_is1" = Blobby Volley 2.0 Alpha 6
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eurobattle.net2.0" = Eurobattle.net
"Europa Casino" = Europa Casino
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"GameParkClient_is1" = GamePark
"Hamachi" = Hamachi 1.0.2.5
"HF_ASISTENT" = Happy Foto HF Asistent (Jen odstranit)
"HijackThis" = HijackThis 2.0.2
"Icy Tower v1.3.1_is1" = Icy Tower v1.3.1
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"Joyland Casino" = Joyland Casino
"LAN On Internet_is1" = LAN On Internet 2.0.2.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"ProfiCAD_is1" = ProfiCAD
"PunkBusterSvc" = PunkBuster Services
"Schema Plus_is1" = Schema Plus
"SpeedFan" = SpeedFan (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"UT2004" = Unreal Tournament 2004
"VLC media player" = VLC media player 0.9.9
"Warcraft III" = Warcraft III

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 20.7.2009 21:23:13 | Computer Name = Albeda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: pbcl.dll, verze: 0.0.0.0, časové razítko: 0x4a5cb020
Kód
výjimky: 0xc0000005 Posun chyby: 0x0003d6d3 ID chybujícího procesu: 0xbd4 Čas spuštění
chybující aplikace: 0x01ca09a12a9cef08 Cesta k chybující aplikaci: D:\Hry\Call of
Duty 4 - Modern Warfare\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Albeda\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
ID
zprávy: 0ec1c209-7595-11de-a844-000fea5c92dd

Error - 20.7.2009 21:27:41 | Computer Name = Albeda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: pbcl.dll, verze: 0.0.0.0, časové razítko: 0x4a5cb020
Kód
výjimky: 0xc0000005 Posun chyby: 0x0003d6d3 ID chybujícího procesu: 0xd44 Čas spuštění
chybující aplikace: 0x01ca09a228e0097b Cesta k chybující aplikaci: D:\Hry\Call of
Duty 4 - Modern Warfare\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Albeda\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
ID
zprávy: aeb73126-7595-11de-a844-000fea5c92dd

Error - 20.7.2009 21:33:15 | Computer Name = Albeda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iw3mp.exe, verze: 0.0.0.0, časové razítko:
0x4859a219 Název chybujícího modulu: pbcl.dll, verze: 0.0.0.0, časové razítko: 0x4a5cb020
Kód
výjimky: 0xc0000005 Posun chyby: 0x0003d6d3 ID chybujícího procesu: 0xcc Čas spuštění
chybující aplikace: 0x01ca09a27a8d328a Cesta k chybující aplikaci: D:\Hry\Call of
Duty 4 - Modern Warfare\iw3mp.exe Cesta k chybujícímu modulu: C:\Users\Albeda\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
ID
zprávy: 75954ea7-7596-11de-a844-000fea5c92dd

Error - 21.7.2009 17:03:37 | Computer Name = Albeda-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro D:\Hry\Microsoft Flight Simulator
X\Kiosk.exe se nezdařilo. Závislé sestavení Microsoft.FlightSimulator.SimConnect ,processorArchitecture="x86",publicKeyToken="67c7c14424d61b5b",type="win32",version="10.0.60905.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 21.7.2009 17:15:59 | Computer Name = Albeda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Crysis.exe, verze: 1.1.1.5767, časové razítko:
0x471f94e3 Název chybujícího modulu: CryNetwork.dll, verze: 1.1.1.5767, časové razítko:
0x471f95f6 Kód výjimky: 0xc0000005 Posun chyby: 0x000638ba ID chybujícího procesu:
0xff8 Čas spuštění chybující aplikace: 0x01ca0a46f6284aef Cesta k chybující aplikaci:
D:\Hry\Crysis\Bin32\Crysis.exe Cesta k chybujícímu modulu: D:\Hry\Crysis\Bin32\CryNetwork.dll
ID
zprávy: af1e257e-763b-11de-bdbd-000fea5c92dd

Error - 23.7.2009 14:17:42 | Computer Name = Albeda-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Corel Paint Shop Pro Photo.exe, verze: 12.0.0.0,
časové razítko: 0x46d4af2f Název chybujícího modulu: Corel Paint Shop Pro Photo.exe,
verze: 12.0.0.0, časové razítko: 0x46d4af2f Kód výjimky: 0xc0000005 Posun chyby:
0x00066e92 ID chybujícího procesu: 0x934 Čas spuštění chybující aplikace: 0x01ca0bc1d9a8de0b
Cesta
k chybující aplikaci: D:\Programy\Obrázky\Corel Paint Shop Pro Photo X2\Corel Paint
Shop Pro Photo.exe Cesta k chybujícímu modulu: D:\Programy\Obrázky\Corel Paint Shop
Pro Photo X2\Corel Paint Shop Pro Photo.exe ID zprávy: 1c22e890-77b5-11de-906f-000fea5c92dd

Error - 25.7.2009 11:27:36 | Computer Name = Albeda-PC | Source = Application Hang | ID = 1002
Description = Program orbiter.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
9b4 Čas spuštění: 01ca0d39278e0604 Čas ukončení: 41 Cesta k aplikaci: C:\Users\Albeda\Downloads\orbiter060929_base\orbiter.exe

ID
hlášení: 8cb1441a-792f-11de-a85e-000fea5c92dd

Error - 25.7.2009 11:44:16 | Computer Name = Albeda-PC | Source = Application Hang | ID = 1002
Description = Program orbiter.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
f84 Čas spuštění: 01ca0d3d27c1a3f5 Čas ukončení: 19 Cesta k aplikaci: C:\Users\Albeda\Downloads\orbiter060929_base\orbiter.exe

ID
hlášení: fda61dcb-7931-11de-a85e-000fea5c92dd

Error - 25.7.2009 12:18:21 | Computer Name = Albeda-PC | Source = Application Hang | ID = 1002
Description = Program orbiter.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
190 Čas spuštění: 01ca0d421f4b1f60 Čas ukončení: 36 Cesta k aplikaci: C:\Users\Albeda\Downloads\orbiter060929_base\orbiter.exe

ID
hlášení: c25f7b16-7936-11de-a85e-000fea5c92dd

Error - 1.8.2009 18:40:15 | Computer Name = Albeda-PC | Source = Application Hang | ID = 1002
Description = Program mbam.exe verze 1.39.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
ea0 Čas spuštění: 01ca12f71a05a200 Čas ukončení: 15 Cesta k aplikaci: D:\Programy\Ochrana\Malwarebytes'
Anti-Malware\mbam.exe ID hlášení:

[ Media Center Events ]
Error - 21.6.2009 9:17:30 | Computer Name = Albeda-PC | Source = MCUpdate | ID = 0
Description = 15:17:30 - Failed to retrieve ClientUpdate (Error: The underlying
connection was closed: Could not establish trust relationship for the SSL/TLS secure
channel.)

Error - 22.6.2009 9:53:05 | Computer Name = Albeda-PC | Source = MCUpdate | ID = 0
Description = 15:53:05 - Failed to retrieve MCESpotlight (Error: The underlying
connection was closed: An unexpected error occurred on a receive.)

[ System Events ]
Error - 2.8.2009 4:13:04 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7000
Description = Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 2.8.2009 4:13:09 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: yqnvse

Error - 2.8.2009 11:19:58 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 2.8.2009 11:20:07 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 2.8.2009 11:20:08 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7000
Description = Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 2.8.2009 11:20:15 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: yqnvse

Error - 2.8.2009 13:34:53 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7023
Description = Služba TuneUp Theme Extension byla ukončena s následující chybou:
%%127

Error - 2.8.2009 13:35:00 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 2.8.2009 13:35:00 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7000
Description = Služba lirsgt neuspěla při spuštění v důsledku následující chyby:
%%577

Error - 2.8.2009 13:35:03 | Computer Name = Albeda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: yqnvse

< End of report >

Příspěvekod **jaro3** » 03 srp 2009 10:01

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
DRV - (yqnvse [Boot | Stopped]) -- C:\Windows\system32\drivers\cpkuulw.sys ()
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell - "" = AutoRun
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{a0e4ee5a-45fd-11de-b7c1-000fea5c92dd}\Shell\install\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - File not found

:Files
C:\Windows\SysWow64\drivers\cpkuulw.sys
C:\Windows\SysWow64\BA803403B7.sys
C:\Windows\tasks\SA.DAT

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Albeda · Příspěvekod **Albeda** » 03 srp 2009 10:45

Vše jsem udělal, počítač se restartoval vytvořil se log ja ho zkopíroval, pak jsem ho zavřel a po té jsem ho chtěl jsem vložit, ale log nebyl ve schránce. Je možné, že jsem se překlikl. Dá se nějak tento log znovu otevřít?

Příspěvekod **jaro3** » 03 srp 2009 10:58

Ten log by měl být na ploše. pokud tam máš OTL. Měl by být pod názvem OTL fixlog.
Vlož ještě nový log z HJT.

Albeda · Příspěvekod **Albeda** » 03 srp 2009 19:07

Ten log jsem bohužel nenašel.
Tady je ten log z HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:13, on 3.8.2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Avi Player\AviPlayer.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
D:\Programy\Ochrana\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Avi Player] "C:\Program Files (x86)\Avi Player\AviPlayer.exe" hmw
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Programy\Komunikace\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - D:\Programy\Vypalování\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\SysWOW64\PSIService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8009 bytes

Příspěvekod **jaro3** » 03 srp 2009 19:45

Snad se to odstranilo..

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod: viewtopic.php?f=70&t=5119

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [SunJavaUpdateSched] &quot;C:\Program Files (x86)\Java\jre6\bin\jusched.exe&quot;
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] &quot;C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe&quot;
O4 - HKCU\..\Run: [Avi Player] &quot;C:\Program Files (x86)\Avi Player\AviPlayer.exe&quot; hmw
O13 - Gopher Prefix:

Můžeš smazat OTL.

takže jestli nejsou problémy,tak vyčisti systém CCleanerem

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , fajfku.

Albeda · Příspěvekod **Albeda** » 03 srp 2009 21:51

Jestli šlo o to, tak to jsem z toho logu stihl přečíst, že ano než jsem ho zavřel.
Jinak díky za pomoc :smile:

Preventivní kontrola + pomalejší net Vyřešeno

Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net

Re: Preventivní kontrola + pomalejší net Vyřešeno

Re: Preventivní kontrola + pomalejší net

Kdo je online