PC-HELP.CZ

České diskuzní fórum o počítačích
https://pc-help.cnews.cz/

Prosim o kontrolu logu...Caste zaseky pocitace :o)

https://pc-help.cnews.cz/viewtopic.php?f=70&t=43262

Stránka 1 z 2

Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 03 srp 2009 17:36
od Condorito
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:33:46, on 3.8.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\V-Gear BEE\VBService.exe
C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\Xfire\xfire.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~2\ICQTOO~1\toolbaru.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [WinFastDTV] "C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe"
O4 - HKLM\..\Run: [WinFast Schedule] "C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: BEE Service.lnk = C:\Program Files (x86)\V-Gear BEE\VBService.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\GEST\GSvr.exe
O23 - Service: Google Update Service (GoogleUpdateBeta) - Unknown owner - C:\Users\User\AppData\Local\Google\Update\GoogleUpdateBeta.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - Unknown owner - C:\Windows\System32\TuneUpDefragService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - Unknown owner - C:\Windows\System32\TUProgSt.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11601 bytes

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 03 srp 2009 18:10
od jaro3
Máš ESET Smart Security-komplexní ochrana
Odinstaluj:
Spybot - Search && Destroy- nebo u něj vypni rez. štít.

Odinstaluj:
BS Player Toolbar

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod: viewtopic.php?f=70&t=5119

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O1 - Hosts: ::1 localhost
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab


Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 04 srp 2009 18:15
od Condorito
Takze po znovu spusteni hijackthis..a po te co jsem predtim uz odinstaloval ten bs toolbar tak chybely tyhle polozky takze jsem je nefixnul

R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files (x86)\BS_Player\tbBS_P.dll
...kdyz jsem skusil fixnout ..
O1 - Hosts: ::1 localhost ........napsalo to neco jako ze musim nejdrive stahnout novou verzi hijack..jenze jelikoz jsem se odpojil z netu...takze jsem mel smulu...po tom co jsem nainstaloval novou verzi..to stejne fixnout neslo a hlasilo to stejny problem..vymazat to proste neslo..a tady je uz ten log....

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.0.6001 Service Pack 1

4.8.2009 18:07:37
mbam-log-2009-08-04 (18-07-34).txt

Typ skenu: Rychlý sken
Objektu skenováno: 79841
Uplynulý cas: 2 minute(s), 36 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 1
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GoogleUpdateBeta (Backdoor.IRCBot) -> No action taken.

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
.... mimochodem po fixnuti toho O1 - Hosts: ::1 localhost se mi seknul zase pocitac a tak jsem jel nanovo :o)

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 04 srp 2009 19:11
od jaro3
O1 - Hosts: ::1 localhost to zatím nech..

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit log z MbAM.

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All.. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTListIt.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 01:02
od Condorito
Tak tady je první log...

Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.0.6001 Service Pack 1

5.8.2009 1:01:40
mbam-log-2009-08-05 (01-01-40).txt

Typ skenu: Rychlý sken
Objektu skenováno: 80051
Uplynulý cas: 2 minute(s), 22 second(s)

Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 1
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)

Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)

Infikované klíce registru:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GoogleUpdateBeta (Backdoor.IRCBot) -> Quarantined and deleted successfully.

Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)

Infikované složky:
(Žádné zákerné položky nebyly zjišteny)

Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 01:12
od Condorito
A tady uz ty zbylé dva...

OTL logfile created on: 5.8.2009 1:07:20 - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\User\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 67,67% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 38,89 Gb Free Space | 39,82% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 144,51 Gb Free Space | 39,26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SKILLER
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\V-Gear BEE\VBService.exe (Asiamajor Inc.)
PRC - C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
PRC - C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (EhttpSrv [On_Demand | Stopped]) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn [Auto | Running]) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (TuneUp.Defrag [On_Demand | Stopped]) -- C:\Windows\SysNative\TuneUpDefragService.exe ()
SRV:64bit: - (TuneUp.ProgramStatisticsSvc [Auto | Running]) -- C:\Windows\SysNative\TUProgSt.exe ()
SRV:64bit: - (UxTuneUp [Auto | Running]) -- C:\Windows\SysNative\uxtuneup.dll ()
SRV:64bit: - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ehRecvr [On_Demand | Running]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Running]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (GEST Service [On_Demand | Stopped]) -- C:\Program Files (x86)\GIGABYTE\GEST\GSvr.exe ()
SRV - (ICQ Service [Auto | Running]) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (KeyIso [On_Demand | Stopped]) -- C:\Windows\SysWow64\keyiso.dll (Microsoft Corporation)
SRV - (MDM [Auto | Running]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation)
SRV - (MgiSvr [Auto | Running]) -- C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
SRV - (Microsoft Office Groove Audit Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (MSDTC [Unknown | Stopped]) -- C:\Windows\SysWow64\Msdtc [2006.11.02 15:34:14 | 00,000,000 | ---D | M]
SRV - (Nero BackItUp Scheduler 4.0 [Auto | Running]) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Netlogon [On_Demand | Stopped]) -- C:\Windows\SysWow64\netlogon.dll (Microsoft Corporation)
SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (PnkBstrA [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrA.exe ()
SRV - (PnkBstrB [Auto | Running]) -- C:\Windows\SysWow64\PnkBstrB.exe ()
SRV - (Steam Client Service [On_Demand | Stopped]) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (UleadBurningHelper [Auto | Running]) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (UxTuneUp [Auto | Running]) -- C:\Windows\SysWow64\uxtuneup.dll (TuneUp Software)
SRV - (vds [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vds.mof ()
SRV - (VSS [On_Demand | Stopped]) -- C:\Windows\SysWow64\Wbem\vss.mof ()

========== Driver Services (SafeList) ==========

DRV:64bit: - (ARCSOFTVIRTUALCAPTURE [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\ArcSoftVirtualCapture.sys ()
DRV:64bit: - (atksgt [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\atksgt.sys ()
DRV:64bit: - (CX88VID [On_Demand | Running]) -- C:\Windows\SysNative\drivers\cxavsvid.sys ()
DRV:64bit: - (eamon [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\eamon.sys ()
DRV:64bit: - (ehdrv [System | Running]) -- C:\Windows\SysNative\DRIVERS\ehdrv.sys ()
DRV:64bit: - (epfw [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\epfw.sys ()
DRV:64bit: - (Epfwndis [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Epfwndis.sys ()
DRV:64bit: - (epfwwfp [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\epfwwfp.sys ()
DRV:64bit: - (HdAudAddService [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\HdAudio.sys ()
DRV:64bit: - (JRAID [Boot | Running]) -- C:\Windows\SysNative\DRIVERS\jraid.sys ()
DRV:64bit: - (lirsgt [Auto | Running]) -- C:\Windows\SysNative\DRIVERS\lirsgt.sys ()
DRV:64bit: - (regi [Auto | Running]) -- C:\Windows\SysNative\drivers\regi.sys ()
DRV:64bit: - (RTL8169 [On_Demand | Running]) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys ()
DRV:64bit: - (sptd [Boot | Running]) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (usbaudio [On_Demand | Stopped]) -- C:\Windows\SysNative\drivers\usbaudio.sys ()
DRV:64bit: - (usbvideo [On_Demand | Stopped]) -- C:\Windows\SysNative\Drivers\usbvideo.sys ()
DRV - (ET5Drv [On_Demand | Stopped]) -- C:\Windows\ET5Drv.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (gdrv [On_Demand | Stopped]) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (mpsdrv [On_Demand | Running]) -- C:\Windows\SysWow64\Wbem\mpsdrv.mof ()
DRV - (Tcpip [Boot | Running]) -- C:\Windows\SysWow64\Wbem\tcpip.mof ()

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:1.5.48.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:2.2.0.102
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13
FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&q="
FF - prefs.js..network.proxy.pipelining: "false"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.29 16:50:54 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.08.04 17:44:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009.08.04 17:44:16 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2008.07.16 16:32:27 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2008.07.16 16:32:27 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.08.04 15:19:05 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\odqoncl8.default\extensions
[2009.07.29 18:31:09 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\odqoncl8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008.12.28 13:35:37 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\odqoncl8.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2009.04.01 12:53:16 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\odqoncl8.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2009.02.26 14:22:28 | 00,000,880 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\conduit.xml
[2009.08.01 14:44:26 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-1.xml
[2009.08.04 17:50:31 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-10.xml
[2009.03.15 18:49:04 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-2.xml
[2009.03.28 07:45:13 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-3.xml
[2009.03.28 23:42:58 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-4.xml
[2009.03.30 03:18:47 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-5.xml
[2009.04.23 03:07:48 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-6.xml
[2009.05.03 02:28:04 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-7.xml
[2009.06.12 19:23:47 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-8.xml
[2009.07.23 22:28:16 | 00,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin-9.xml
[2009.03.01 14:02:44 | 00,000,944 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\icqplugin.xml
[2008.12.28 13:35:32 | 00,003,915 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\FireFox\Profiles\odqoncl8.default\searchplugins\sweetim.xml
[2009.08.04 18:00:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2009.03.15 18:21:46 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009.08.04 17:44:16 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.01.21 04:15:26 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2009.03.07 14:24:01 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009.03.28 20:38:05 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009.08.04 17:44:14 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browserdirprovider.dll
[2009.08.04 17:44:14 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\brwsrcmp.dll
[2007.04.10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll
[2009.03.09 06:19:09 | 00,410,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeploytk.dll
[2008.06.27 17:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009.08.04 17:44:15 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\mozilla firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL
[2008.10.14 22:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll
[2008.08.15 03:55:37 | 00,131,072 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll
[2008.04.16 06:08:20 | 00,001,706 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
[2008.03.31 21:06:24 | 00,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2008.03.31 21:06:24 | 00,001,687 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mall-cz.xml
[2008.01.27 11:57:20 | 00,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2008.01.27 11:57:20 | 00,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2008.03.31 21:06:24 | 00,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: (297277 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 10269 more lines...
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files (x86)\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [NvSvc] C:\Windows\SysNative\nvsvc64.DLL ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\Skytel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [WPCUMI] C:\Windows\SysNative\WpcUmi.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [WinFast Schedule] C:\Program Files (x86)\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files (x86)\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\wpclsp.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysNative\mswsock.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysNative\wpclsp.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWow64\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWow64\napinsp.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWow64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWow64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\SysWow64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/f ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll ()
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll ()
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll ()
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll ()
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll ()
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll ()
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWow64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWow64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter: - application/octet-stream - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter: - application/x-complus - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter: - application/x-msdownload - C:\Windows\SysNative\mscoree.dll ()
O18:64bit: - Protocol\Filter: - deflate - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Filter: - gzip - C:\Windows\SysNative\urlmon.dll ()
O18:64bit: - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter: - application/octet-stream - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-complus - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - application/x-msdownload - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter: - deflate - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - gzip - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll ()
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll ()
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysWow64\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll ()
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll ()
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll ()
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll ()
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll ()
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll ()
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell\AutoRun\command - "" = K:\SETUP.EXE -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\AutoRun\command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\explore\Command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\open\Command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{af662630-735b-11dd-b3cb-001d7d050cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{af662630-735b-11dd-b3cb-001d7d050cf1}\Shell\AutoRun\command - "" = M:\Enterprise_Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found

========== Files/Folders - Created Within 30 Days ==========

[2009.08.05 00:59:19 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.08.04 18:03:41 | 00,022,040 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2009.08.03 18:00:48 | 00,000,000 | ---D | C] -- C:\Users\User\Desktop\Tony Howks Pro
[2009.07.29 11:52:32 | 09,233,408 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2009.07.29 11:52:32 | 05,937,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.07.29 11:52:29 | 12,458,496 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2009.07.29 11:52:29 | 11,067,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009.07.29 11:52:28 | 02,334,208 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2009.07.29 11:52:28 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009.07.29 11:52:28 | 01,484,288 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2009.07.29 11:52:28 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009.07.29 11:52:27 | 01,146,880 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2009.07.29 11:52:27 | 00,915,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009.07.29 11:52:27 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009.07.29 11:52:27 | 00,458,240 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2009.07.29 11:52:27 | 00,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009.07.29 11:52:27 | 00,243,712 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2009.07.29 11:52:27 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009.07.29 11:52:26 | 01,538,560 | ---- | C] () -- C:\Windows\SysNative\inetcpl.cpl
[2009.07.29 11:52:26 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009.07.29 11:52:26 | 00,700,928 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2009.07.29 11:52:26 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009.07.29 11:52:26 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009.07.29 11:52:26 | 00,162,816 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2009.07.29 11:52:26 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009.07.29 11:52:26 | 00,070,656 | ---- | C] () -- C:\Windows\SysNative\ie4uinit.exe
[2009.07.29 11:52:26 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009.07.29 11:52:25 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009.07.29 11:52:25 | 01,638,912 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2009.07.29 11:52:25 | 00,252,416 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2009.07.29 11:52:25 | 00,219,136 | ---- | C] () -- C:\Windows\SysNative\ieui.dll
[2009.07.29 11:52:25 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009.07.29 11:52:25 | 00,132,096 | ---- | C] () -- C:\Windows\SysNative\iesysprep.dll
[2009.07.29 11:52:25 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009.07.29 11:52:25 | 00,077,312 | ---- | C] () -- C:\Windows\SysNative\iesetup.dll
[2009.07.29 11:52:25 | 00,072,192 | ---- | C] () -- C:\Windows\SysNative\iernonce.dll
[2009.07.29 11:52:25 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009.07.29 11:52:25 | 00,071,680 | ---- | C] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009.07.29 11:52:25 | 00,057,667 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2009.07.29 11:52:25 | 00,057,667 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2009.07.29 11:52:25 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009.07.29 11:52:25 | 00,031,744 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2009.07.29 11:52:25 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009.07.29 11:52:25 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009.07.29 11:52:25 | 00,012,288 | ---- | C] () -- C:\Windows\SysNative\msfeedssync.exe
[2009.07.24 20:48:39 | 00,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.07.24 20:06:32 | 00,001,094 | ---- | C] () -- C:\Users\User\Desktop\Elecard AVC HD Player.lnk
[2009.07.24 19:58:53 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Elecard
[2009.07.24 19:58:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Elecard
[2009.07.24 03:57:06 | 00,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.24 03:57:06 | 00,027,536 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
[2009.07.14 20:25:48 | 00,189,440 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2009.07.14 20:25:48 | 00,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2009.07.14 20:25:47 | 00,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2009.07.14 20:25:47 | 00,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2009.07.14 20:25:47 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2009.07.14 20:25:47 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2009.07.14 20:25:47 | 00,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2009.07.14 20:25:47 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2009.07.09 00:05:37 | 00,000,000 | ---D | C] -- C:\Users\User\AppData\Local\PokerStars
[2009.07.09 00:05:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars
[2009.05.04 21:41:55 | 00,524,288 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.05.04 21:41:55 | 00,139,264 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.10.28 18:40:48 | 00,173,552 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008.10.07 10:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 10:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.07.11 03:27:32 | 01,312,392 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.DLL
[2008.06.01 22:48:50 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.06.01 22:48:23 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.05.06 17:41:45 | 00,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2008.04.13 20:30:23 | 00,000,317 | ---- | C] () -- C:\Windows\game.ini
[2008.04.08 21:48:44 | 00,000,635 | ---- | C] () -- C:\Windows\Rtcw.INI
[2008.04.08 11:46:40 | 01,286,366 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2008.04.01 01:59:10 | 00,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2008.03.31 23:55:04 | 00,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2006.11.02 14:34:27 | 00,000,243 | ---- | C] () -- C:\Windows\win.ini
[2006.11.02 14:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2003.07.16 13:09:32 | 00,202,752 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2002.10.06 20:42:58 | 00,105,472 | ---- | C] () -- C:\Windows\SysWow64\oggds.dll
[2002.10.05 01:04:26 | 00,092,672 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2002.10.05 01:04:26 | 00,080,384 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll
[2002.10.05 01:04:18 | 00,021,504 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2002.05.17 22:18:30 | 00,039,936 | ---- | C] () -- C:\Windows\SysWow64\mp4fil32.dll

========== Files - Modified Within 30 Days ==========

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 01:13
od Condorito
[1 C:\Windows\SysWow64\*.tmp files]
[2009.08.05 01:05:37 | 00,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7A705C21-3085-4974-B8A0-989943ECD5D4}.job
[2009.08.05 01:04:21 | 00,000,496 | ---- | M] () -- C:\Windows\tasks\1-Click Maintenance.job
[2009.08.05 01:04:13 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009.08.05 01:04:13 | 00,004,176 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009.08.05 01:04:11 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.08.05 01:04:09 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.08.05 01:04:07 | 42,933,86240 | -HS- | M] () -- C:\hiberfil.sys
[2009.08.05 01:03:16 | 06,291,456 | -H-- | M] () -- C:\Users\User\AppData\Local\IconCache.db
[2009.08.05 00:59:46 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2009.08.05 00:09:00 | 00,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3165705971-866493375-3708113550-1000UA.job
[2009.08.04 18:00:43 | 00,297,250 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.new
[2009.08.04 17:41:15 | 00,189,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2009.08.04 17:41:15 | 00,189,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009.08.04 17:09:00 | 00,000,906 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3165705971-866493375-3708113550-1000Core.job
[2009.08.04 13:09:31 | 01,419,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.08.04 13:09:31 | 00,606,912 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.08.04 13:09:31 | 00,595,308 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.08.04 13:09:31 | 00,119,398 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.08.04 13:09:31 | 00,104,742 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.08.04 11:21:56 | 00,377,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.08.03 17:52:24 | 00,100,664 | ---- | M] () -- C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.08.03 13:36:28 | 00,038,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009.08.03 13:36:08 | 00,022,040 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[2009.08.01 13:52:05 | 00,185,344 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.24 20:48:40 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009.07.24 20:48:39 | 00,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2009.07.24 20:06:32 | 00,001,094 | ---- | M] () -- C:\Users\User\Desktop\Elecard AVC HD Player.lnk
[2009.07.24 03:57:06 | 00,041,872 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.24 03:57:06 | 00,027,536 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
[2009.07.23 22:29:27 | 00,001,724 | ---- | M] () -- C:\Users\User\Desktop\CCleaner.lnk
[2009.07.23 15:09:20 | 00,002,037 | ---- | M] () -- C:\Users\User\Desktop\Google Chrome.lnk
[2009.07.22 00:11:15 | 01,146,880 | ---- | M] () -- C:\Windows\SysNative\wininet.dll
[2009.07.22 00:11:04 | 01,484,288 | ---- | M] () -- C:\Windows\SysNative\urlmon.dll
[2009.07.22 00:09:54 | 00,243,712 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2009.07.22 00:07:37 | 09,233,408 | ---- | M] () -- C:\Windows\SysNative\mshtml.dll
[2009.07.22 00:07:34 | 00,700,928 | ---- | M] () -- C:\Windows\SysNative\msfeeds.dll
[2009.07.22 00:07:34 | 00,071,680 | ---- | M] () -- C:\Windows\SysNative\msfeedsbs.dll
[2009.07.22 00:06:56 | 00,031,744 | ---- | M] () -- C:\Windows\SysNative\jsproxy.dll
[2009.07.22 00:06:48 | 01,538,560 | ---- | M] () -- C:\Windows\SysNative\inetcpl.cpl
[2009.07.22 00:06:31 | 02,334,208 | ---- | M] () -- C:\Windows\SysNative\iertutil.dll
[2009.07.22 00:06:31 | 00,219,136 | ---- | M] () -- C:\Windows\SysNative\ieui.dll
[2009.07.22 00:06:31 | 00,132,096 | ---- | M] () -- C:\Windows\SysNative\iesysprep.dll
[2009.07.22 00:06:31 | 00,077,312 | ---- | M] () -- C:\Windows\SysNative\iesetup.dll
[2009.07.22 00:06:30 | 12,458,496 | ---- | M] () -- C:\Windows\SysNative\ieframe.dll
[2009.07.22 00:06:30 | 00,252,416 | ---- | M] () -- C:\Windows\SysNative\iepeers.dll
[2009.07.22 00:06:30 | 00,072,192 | ---- | M] () -- C:\Windows\SysNative\iernonce.dll
[2009.07.22 00:06:27 | 00,458,240 | ---- | M] () -- C:\Windows\SysNative\iedkcs32.dll
[2009.07.21 23:52:28 | 00,915,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009.07.21 23:52:13 | 01,208,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009.07.21 23:50:46 | 00,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009.07.21 23:48:31 | 05,937,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009.07.21 23:48:27 | 00,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009.07.21 23:48:27 | 00,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009.07.21 23:47:47 | 00,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009.07.21 23:47:41 | 01,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009.07.21 23:47:28 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009.07.21 23:47:28 | 00,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009.07.21 23:47:27 | 01,985,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009.07.21 23:47:27 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009.07.21 23:47:26 | 11,067,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009.07.21 23:47:26 | 00,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009.07.21 23:47:26 | 00,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009.07.21 23:47:21 | 00,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009.07.21 22:34:53 | 00,162,816 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2009.07.21 22:34:41 | 00,070,656 | ---- | M] () -- C:\Windows\SysNative\ie4uinit.exe
[2009.07.21 22:34:12 | 00,012,288 | ---- | M] () -- C:\Windows\SysNative\msfeedssync.exe
[2009.07.21 22:34:00 | 01,638,912 | ---- | M] () -- C:\Windows\SysNative\mshtml.tlb
[2009.07.21 22:13:58 | 00,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009.07.21 22:13:51 | 00,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009.07.21 22:13:15 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009.07.21 22:12:49 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009.07.21 21:09:32 | 00,057,667 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2009.07.21 20:31:43 | 00,057,667 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2009.07.07 17:43:31 | 26,410,432 | ---- | M] () -- C:\Windows\SysNative\mrt.exe

========== LOP Check ==========

[2009.08.03 11:18:02 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming
[2009.02.12 00:26:57 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ACD Systems
[2008.04.08 09:52:19 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ArcSoft
[2009.04.27 02:01:40 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Bioshock
[2009.07.01 23:00:20 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BSplayer
[2009.04.01 12:53:15 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BSplayer Pro
[2008.10.11 13:09:26 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Corel
[2008.04.13 16:53:45 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DAEMON Tools
[2008.11.05 03:51:52 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Desktopicon
[2008.10.07 21:55:36 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\dvdcss
[2008.05.06 15:19:14 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESET
[2008.04.14 16:19:03 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2009.08.04 17:41:19 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HLSW
[2008.09.17 14:19:51 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ
[2008.05.09 03:26:11 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ICQ Toolbar
[2006.11.02 17:07:25 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Media Center Programs
[2009.08.03 11:17:52 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\My Games
[2008.04.12 17:30:07 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PeerNetworking
[2008.04.08 00:14:12 | 00,000,000 | RH-D | M] -- C:\Users\User\AppData\Roaming\SecuROM
[2009.05.07 21:38:18 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SoundSpectrum
[2008.11.19 14:36:21 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\teamspeak2
[2009.03.27 03:45:03 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\thriXXX
[2009.02.11 23:28:00 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2009.08.04 03:24:15 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2008.08.28 15:02:02 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ventrilo
[2009.08.04 16:29:32 | 00,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Xfire
[2009.08.05 01:04:21 | 00,000,496 | ---- | M] () -- C:\Windows\Tasks\1-Click Maintenance.job
[2009.08.04 17:09:00 | 00,000,906 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3165705971-866493375-3708113550-1000Core.job
[2009.08.05 01:09:00 | 00,000,958 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3165705971-866493375-3708113550-1000UA.job
[2009.08.05 01:04:11 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.08.05 01:03:19 | 00,032,630 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.08.05 01:05:37 | 00,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7A705C21-3085-4974-B8A0-989943ECD5D4}.job

========== Purity Check ==========


< End of report >

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 01:14
od Condorito
Ten druhý....

OTL Extras logfile created on: 5.8.2009 1:07:20 - Run 1
OTL by OldTimer - Version 3.0.10.4 Folder = C:\Users\User\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18813)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,71 Gb Available Physical Memory | 67,67% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,66 Gb Total Space | 38,89 Gb Free Space | 39,82% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 144,51 Gb Free Space | 39,26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SKILLER
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe ()
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe ()
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe ()
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE ()
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe ()
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe ()
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe ()
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe ()

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = D0 13 85 C3 3A C4 C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1EBE9648-9172-4A39-8E1B-AE3FEE7CFE27}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2AFA13A4-0C6D-451C-A6F3-7756004EDBB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B8A0594-33E7-444C-83E5-1694C907D7F1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{30890248-A6B6-438A-B82A-34E0DE7A19B0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3A19F7FC-6554-47F1-8D69-8DCF02395AF2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{6AB7483A-6F96-433F-9CF0-4B6E20034F16}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8B7FFD82-730A-4BA5-B2C4-D2337A9838F6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C98907F1-73B4-45C0-B197-27AD01DC0566}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB25B045-3060-4CE0-89E9-74455DD0505E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F30123A9-648E-43EE-951F-DA1204B67BBD}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05909F46-D5E5-4113-960E-CA51F3D58036}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{07CA1F2D-7CD1-4AED-866C-F3131E99FB36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{140CA1CD-6E1A-4940-AD5E-7CA362E4BD57}" = protocol=6 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{1A650795-14C5-489D-8FFF-263353F17769}" = protocol=17 | dir=in | app=d:\games\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{1EC1052F-8E2F-43F0-83CA-4E153BB084F2}" = protocol=6 | dir=in | app=d:\games\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{3A8532FF-346D-460D-9D9F-D58095521626}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{41B158D0-FED3-4AFE-B754-38CBA120E46A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{479BE51A-A704-46A6-9CAE-E01CF97431FF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{48D02A01-0947-4D95-A196-282ED221D6E5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4F87DBA6-58E1-4423-B869-AAA422B86DED}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{59D60D15-5226-4A7C-926E-6340C92E57D5}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6677F87D-B993-48A7-9F58-6C3A3DB4C0AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6E48E326-7BAE-4194-AEDD-1589631CB696}" = protocol=6 | dir=out | app=system |
"{6E61C585-7944-4084-9C6A-8FD37D691265}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{750B76D8-1060-414D-ABD8-34CE73061C50}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{751D3DCC-96A3-4BFF-8380-BA89033758F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{798AC129-E49D-4D76-9FF7-F9F5FC217CD3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{828D90D0-F115-4DCE-A232-CA32CA3B17A3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{83B6BCD2-41C4-4BEF-8FD7-01C33C049F44}" = protocol=17 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{8904FBBA-6D06-483D-A5CF-1DE4C5226832}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{8A7FF720-437E-418E-9D2F-144C329688E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8BFA38CA-E545-4714-8527-79C3560728EF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8D3FA6AB-510D-4F3C-9690-59149527A30A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9035DDD4-A398-4707-AA50-131B5F5FB2DF}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\prototype\prototypef.exe |
"{9068167F-20D3-4C6E-94FC-95BE78112658}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{90CD2697-FB88-431C-A960-FF4804A4BB43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{921BC70D-194C-46AF-9B76-2367F4DE6660}" = protocol=17 | dir=in | app=d:\games\mass effect\masseffectlauncher.exe |
"{967EACE5-59CD-4B73-8FCB-E1F5BD72CD42}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98098892-A785-49E2-A744-09BFF1D24941}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9963525E-2251-42EB-BD87-A71EBFD4B762}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{9C9CB2DA-2DED-494E-BFEA-BF0C8D254A97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9DDDF0B8-339A-48B3-8A09-ED202087EC79}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A4080E5E-3D47-46E7-AA2E-CF70A91CF196}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B289D66C-C175-4F1D-B6CD-F9761BDA87CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C60F142A-DB83-4CFE-A734-C371FCDB8928}" = protocol=6 | dir=in | app=d:\games\mass effect\binaries\masseffect.exe |
"{C7256EFA-177A-4E6F-B2D9-E6EA6800CFEA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C7A66B37-499A-4651-A3C0-30A212B56241}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwawmp.exe |
"{CD3E18E5-DCEE-47A3-B6F4-DA2B3C321A97}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D5E18381-67CC-4826-AAB9-7A1D71EDC7B1}" = protocol=6 | dir=in | app=d:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{D78007EF-288E-4F64-AB0D-7BC7823DE1B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DC4BF17E-7227-40AC-A3D3-DCF285B6E6AF}" = protocol=17 | dir=in | app=d:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{DF2514AD-62AD-42FA-8BE7-25D42EDD455E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E4D4C19F-FB3A-4678-BAB2-4B4E18413A5E}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"{E5C85A56-D2A7-4B8C-BDCE-B8C9574093B3}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\prototype\prototypef.exe |
"{F1C2C309-547C-4C0A-997C-C655DCD485C4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F581581E-5ADD-40BF-98C0-FD2CF2F25347}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{F643A2D1-7006-4FBC-B76A-A7490C7268FA}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"TCP Query User{04A323D5-D40D-47D1-91CD-D49213F9C16D}D:\games\14 degrees east\fallout tactics\bos.exe" = protocol=6 | dir=in | app=d:\games\14 degrees east\fallout tactics\bos.exe |
"TCP Query User{0C430CC7-6E9D-4E36-8C2A-1BAFC65C5394}C:\program files (x86)\v-gear bee\v-gear bee.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v-gear bee\v-gear bee.exe |
"TCP Query User{122E7875-E212-4DD0-8E3A-FAD8E76F0730}D:\games\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=d:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{19B78701-45C1-404C-B396-995295B7DECA}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{29C95FC4-BBB9-42CE-B3CD-C6545241774B}D:\games\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=d:\games\left 4 dead\left4dead.exe |
"TCP Query User{330CF9D6-4883-4C6D-88FF-04E8AD4C9EF9}C:\program files (x86)\v-gear bee\vbservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v-gear bee\vbservice.exe |
"TCP Query User{492301D6-7C67-4150-9083-EB447709AA88}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{49F27B04-8CF4-46DB-8421-7DC246E11BFE}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{6D44DB62-15CA-4D74-8C75-80D0F4D9670D}C:\program files (x86)\v-gear bee\v-gear bee.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v-gear bee\v-gear bee.exe |
"TCP Query User{963D7E34-32A5-41E0-B6C7-321255E1E0E8}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{9CEA8B4D-1DEE-40AF-B08C-F75887EE0683}C:\program files (x86)\hlsw\hlsw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"TCP Query User{A673C0DD-3ADD-4493-966E-55F502376B9F}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{AA992903-9083-40FF-BF75-BA97E3728558}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{B781FCD5-9FD1-4579-8914-B60B67F911F9}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{C39E9B1E-AE90-4C9A-952D-EB9F7282EAD8}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{C73C97E3-ECDE-4323-8AB6-522BE02529B2}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{DBDE4CEF-9293-4EF0-8179-AF619001B2B1}C:\program files (x86)\v-gear bee\vbservice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\v-gear bee\vbservice.exe |
"TCP Query User{EFD9110E-82B2-492A-A2B9-780D07E89FFE}C:\program files (x86)\winfast\wfdtv\dvbtap.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winfast\wfdtv\dvbtap.exe |
"TCP Query User{FDE44472-9CF2-4FDD-8001-836F0D8F1F4E}E:\hl2.exe" = protocol=6 | dir=in | app=e:\hl2.exe |
"UDP Query User{00900470-73CD-4359-851A-54EF62CB149A}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{0601A957-8954-4563-BF34-4BCF98D21831}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{06292ED2-944F-4275-820D-15F10D959DAF}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{212DFA4F-250B-4919-96A7-9E7662880BC4}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{22DCC452-5CC9-4F3D-85E3-BC6142F5CE12}D:\games\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=d:\games\left 4 dead\left4dead.exe |
"UDP Query User{32E902DA-0046-4DBC-950D-3962DA41816D}C:\program files (x86)\v-gear bee\v-gear bee.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v-gear bee\v-gear bee.exe |
"UDP Query User{3D83907B-95DC-4A5D-A87C-69BDC39196ED}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{53065C8F-106A-4251-A72E-7F418157487E}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{5A7BAFDE-B3CE-4A6A-A6F7-876635D985ED}C:\program files (x86)\v-gear bee\v-gear bee.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v-gear bee\v-gear bee.exe |
"UDP Query User{73825DA0-9A16-4F74-9D04-E369AC646CB1}C:\program files (x86)\winfast\wfdtv\dvbtap.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winfast\wfdtv\dvbtap.exe |
"UDP Query User{8A18F238-4F91-46EB-B51A-2C83E5018B9C}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{99A2E0D3-FEA9-4F03-A6F1-17EB3B84C09E}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{A8CD2A6F-2BAB-468F-8A9C-C4387708C507}C:\program files (x86)\v-gear bee\vbservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v-gear bee\vbservice.exe |
"UDP Query User{B2BED78F-3DF7-44B1-817B-18F64DCF1113}D:\games\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=d:\games\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{B41231F0-5E95-4D07-8468-02F45A834064}C:\program files (x86)\hlsw\hlsw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hlsw\hlsw.exe |
"UDP Query User{BB308CBF-4A79-45E1-82AF-B27CD3134186}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{BD343013-9820-43DF-9BBF-7F439FA265BE}D:\games\14 degrees east\fallout tactics\bos.exe" = protocol=17 | dir=in | app=d:\games\14 degrees east\fallout tactics\bos.exe |
"UDP Query User{C4E4BF2E-6C57-489D-9845-314B118297F1}E:\hl2.exe" = protocol=17 | dir=in | app=e:\hl2.exe |
"UDP Query User{CBA8335A-5D52-46D7-B46E-582FA40BD1A5}C:\program files (x86)\v-gear bee\vbservice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\v-gear bee\vbservice.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{A7ECBA12-C52E-4AD2-A8B5-9E0A3F224320}" = ESET Smart Security
"{CB6508F6-EC50-4829-A2C6-02990EFF0059}" = Windows Media Encoder 9 Series x64 Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Windows Media Encoder 9" = Windows Media Encoder 9 Series x64 Edition

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00FBFCFF-B94C-4DCA-BFFE-F1C4D8D3E6EF}" = WinFast DTV2000 H Driver
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 13
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{300578F9-9EFF-4B93-9AB1-C0E5707EF463}" = ACDSee Photo Manager 2009
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{435C07DB-4914-4277-A006-B33177057019}" = ArcSoft Magic-i 3
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{55A29068-F2CE-456C-9148-C869879E2357}" = TuneUp Utilities 2009
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5869CE1E-BC0B-4648-B1AE-6EF4A985590C}" = Dynamic Energy Saver 1.0 B8.0128.1
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1" = Kodek 0.16 CZ
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{78A62183-20AB-4333-ACA7-08BDAD9368A3}" = Fallout Tactics
"{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C13BEE4-E7CE-4E46-BD13-8F41DAD00FEF}" = SweetIM Toolbar for Internet Explorer 3.4
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{C69405BB-27AF-4940-B3DA-04910B4DFD23}_is1" = aTube Catcher 1.0
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{CFEBE886-3EF2-4389-96D0-B0808E58BC3E}" = HipHop 6
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D80CC53D-2196-490B-9A4A-106751F75154}" = AMCap
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E848C9C0-E6FF-4A3F-9D67-AE53AC3628FE}" = SweetIM for Messenger 2.7
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{E9E3EE81-6E7F-47A3-8D38-3470256704DB}_is1" = Tortun 0.8
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"BSPlayerf" = BS.Player FREE
"CCleaner" = CCleaner (remove only)
"Elecard AVC HD Player 5.6.90515" = Elecard AVC HD Player
"ElectricSheep" = ElectricSheep 2.6.6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fallout2" = Fallout2
"GameSpy Arcade" = GameSpy Arcade
"HijackThis" = HijackThis 2.0.2
"HLSW_is1" = HLSW v1.3.1
"ICQToolbar" = ICQ Toolbar
"ImageConverter Plus_is1" = ImageConverter Plus 7.1
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{78A62183-20AB-4333-ACA7-08BDAD9368A3}" = Fallout Tactics
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}" = SWAT 4
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{D80CC53D-2196-490B-9A4A-106751F75154}" = AMCap
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"OpenAL" = OpenAL
"PROHYBRIDR" = 2007 Microsoft Office system
"PunkBusterSvc" = PunkBuster Services
"Scorpions WinCheater 2.07 (s databází 91)_is1" = Scorpions WinCheater
"Totalcmd" = Total Commander (Remove or Repair)
"VentriloMIX" = VentriloMIX
"V-Gear BEE" = V-Gear BEE
"VLC media player" = VideoLAN VLC media player 0.8.6i
"VorbisCodec" = Ogg Vorbis ACM Codec
"WhiteCap" = WhiteCap
"WinRAR archiver" = WinRAR
"Xfire" = Xfire (remove only)
"XVid;-)" = XVid;-)
"Yahoo! Companion" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 25.7.2009 14:43:29 | Computer Name = Skiller | Source = Application Error | ID = 1000
Description = Chybující aplikace Fallout3.exe, verze 1.5.0.22, časové razítko 0x49cd1e54,
chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000, kód výjimky
0xc0000005, posun chyby 0x00000000, ID procesu 0xf68, čas spuštění aplikace 0x01ca0d573ab3a925.

Error - 29.7.2009 14:15:23 | Computer Name = Skiller | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul mssmp3.asi, verze 0.0.0.0, časové razítko 0x464433af, kód výjimky
0xc0000094, posun chyby 0x00001857, ID procesu 0xda4, čas spuštění aplikace 0x01ca105f46db7f66.

Error - 3.8.2009 4:00:46 | Computer Name = Skiller | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul pbcl.dll, verze 0.0.0.0, časové razítko 0x4a5cb020, kód výjimky
0xc0000005, posun chyby 0x0003d6d3, ID procesu 0x1e8, čas spuštění aplikace 0x01ca141048352cd1.

Error - 3.8.2009 4:03:45 | Computer Name = Skiller | Source = Application Error | ID = 1000
Description = Chybující aplikace iw3mp.exe, verze 0.0.0.0, časové razítko 0x4859a219,
chybující modul pbcl.dll, verze 0.0.0.0, časové razítko 0x4a5cb020, kód výjimky
0xc0000005, posun chyby 0x0003d6d3, ID procesu 0x814, čas spuštění aplikace 0x01ca14108500d5b1.

Error - 3.8.2009 9:39:43 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

Error - 3.8.2009 9:40:37 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

Error - 3.8.2009 10:22:29 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

Error - 3.8.2009 10:40:27 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

Error - 3.8.2009 16:16:37 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

Error - 3.8.2009 16:21:06 | Computer Name = Skiller | Source = System Restore | ID = 8193
Description =

[ Media Center Events ]
Error - 30.7.2009 6:18:54 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 1.8.2009 7:21:27 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 1.8.2009 9:11:29 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 1.8.2009 14:27:54 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 2.8.2009 7:04:36 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 2.8.2009 12:56:53 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 3.8.2009 3:30:58 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 3.8.2009 5:26:24 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 4.8.2009 5:24:41 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

Error - 4.8.2009 11:50:40 | Computer Name = Skiller | Source = ehRecvr | ID = 4
Description =

[ System Events ]
Error - 3.8.2009 8:34:10 | Computer Name = Skiller | Source = Service Control Manager | ID = 7000
Description =

Error - 4.8.2009 5:21:57 | Computer Name = Skiller | Source = HTTP | ID = 15016
Description =

Error - 4.8.2009 5:23:25 | Computer Name = Skiller | Source = Service Control Manager | ID = 7000
Description =

Error - 4.8.2009 5:23:25 | Computer Name = Skiller | Source = Service Control Manager | ID = 7026
Description =

Error - 4.8.2009 11:48:28 | Computer Name = Skiller | Source = HTTP | ID = 15016
Description =

Error - 4.8.2009 11:48:47 | Computer Name = Skiller | Source = Service Control Manager | ID = 7000
Description =

Error - 4.8.2009 11:48:47 | Computer Name = Skiller | Source = Service Control Manager | ID = 7026
Description =

Error - 4.8.2009 19:03:18 | Computer Name = Skiller | Source = Service Control Manager | ID = 7016
Description =

Error - 4.8.2009 19:04:11 | Computer Name = Skiller | Source = HTTP | ID = 15016
Description =

Error - 4.8.2009 19:04:37 | Computer Name = Skiller | Source = Service Control Manager | ID = 7026
Description =

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 01:15
od Condorito
[ TuneUp Events ]
Error - 11.3.2009 21:43:14 | Computer Name = Rammon | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-03-12 02:43:14', '\device\harddiskvolume1\program
files (x86)\malwarebytes' anti-malware\mbam.exe','7576',0)

Error - 12.3.2009 12:01:46 | Computer Name = Rammon | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-03-12 17:01:46', '\device\harddiskvolume1\program
files (x86)\malwarebytes' anti-malware\mbam.exe','3852',0)

Error - 12.3.2009 17:41:01 | Computer Name = Rammon | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-03-12 22:41:01', '\device\harddiskvolume2\games\ea
games\mirror's edge\binaries\mirrorsedge.exe','2980',0)

Error - 16.3.2009 14:11:15 | Computer Name = Rammon | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-03-16 19:11:15', '\device\harddiskvolume2\games\ea
games\mirror's edge\binaries\mirrorsedge.exe','3716',0)

Error - 24.3.2009 16:02:25 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-03-24 21:02:25', '\device\harddiskvolume2\games\ea
games\mirror's edge\binaries\mirrorsedge.exe','7728',0)

Error - 3.8.2009 4:07:21 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "s": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-03 10:07:21', '\device\harddiskvolume2\games\firaxis
games\sid meier's civilization 4\civilization4.exe','3696',0)

Error - 4.8.2009 12:01:56 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-04 18:01:56', '\device\harddiskvolume1\program
files (x86)\malwarebytes' anti-malware\mbam.exe','3436',0)

Error - 4.8.2009 12:03:41 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-04 18:03:41', '\device\harddiskvolume1\programdata\malwarebytes\malwarebytes'
anti-malware\mbam-setup.exe','1108',0)

Error - 4.8.2009 12:03:46 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-04 18:03:46', '\device\harddiskvolume1\program
files (x86)\malwarebytes' anti-malware\mbam.exe','4184',0)

Error - 4.8.2009 12:04:11 | Computer Name = Skiller | Source = TuneUp Program Statistics | ID = 131840
Description = SQL Error: near "anti": syntax error; when executing SQL: INSERT INTO
ActiveApps (Started, Exe, ProcID, Resumed) VALUES ('2009-08-04 18:04:11', '\device\harddiskvolume1\program
files (x86)\malwarebytes' anti-malware\mbam.exe','1204',0)


< End of report >

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 10:04
od jaro3
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTLI
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell - "" = AutoRun
O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell\AutoRun\command - "" = K:\SETUP.EXE -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\AutoRun\command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\explore\Command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\open\Command - "" = L:\RavMon.exe -- File not found
O33 - MountPoints2\{af662630-735b-11dd-b3cb-001d7d050cf1}\Shell - "" = AutoRun

:Files
C:\Windows\tasks\SA.DAT

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 12:32
od Condorito
Tak tady to mas..ja uz jsem z toho uplne jelen xD

All processes killed
Error: Unable to interpret <:OTLI> in the current context!
Error: Unable to interpret <PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{4ad74d69-0983-11dd-8ff0-001d7d050cf1}\Shell\AutoRun\command - "" = K:\SETUP.EXE -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\AutoRun\command - "" = L:\RavMon.exe -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\explore\Command - "" = L:\RavMon.exe -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{72e5a1bf-2c43-11dd-accc-001d7d050cf1}\Shell\open\Command - "" = L:\RavMon.exe -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{af662630-735b-11dd-b3cb-001d7d050cf1}\Shell - "" = AutoRun> in the current context!
========== FILES ==========
C:\Windows\tasks\SA.DAT moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: User
->Temp folder emptied: 20957238 bytes
File delete failed. C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 66828607 bytes
->Java cache emptied: 17255791 bytes
->FireFox cache emptied: 66230516 bytes
->Google Chrome cache emptied: 7508613 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 301056 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
File delete failed. C:\Windows\temp\TMP00000040B632A65C16FD2AC1 scheduled to be deleted on reboot.
Windows Temp folder emptied: 1348994 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 172,10 mb


OTL by OldTimer - Version 3.0.10.4 log created on 08052009_122835

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\TMP00000040B632A65C16FD2AC1 not found!

Registry entries deleted on Reboot...

Re: Prosim o kontrolu logu...Caste zaseky pocitace :o)

Napsal: 05 srp 2009 14:11
od Condorito
Jo a jeste po tom co jsem provedl tenhle posledni skan..ci co to bylo :o) se mi vsude objevily soubory typu desktop.ini ..a ruzne podobne ktere byly puvodne skryte... a to ve vsech slozkach kam jsem zabrouzdal.... :huh:
Časové pásmo: UTC+02:00
Stránka 1 z 2
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/