Kontrola logu díky

Grinch · Příspěvekod **Grinch** » 05 led 2010 16:52

Zdravím,můj mladší bratr (8 let) jsi zase hrál s počítačem a po dnešku ztoho nemám dobrý pocit už uvažujio tom že zahesluji učet a bude chodit na PC jen pod mím dohledem.Zde je log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:23, on 5.1.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10d.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Registrace Need for Speed™ Undercover.lnk = C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{830CEDDD-36D9-4C4A-8D80-417361BD6905}: NameServer = 172.27.12.254,156.154.70.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8E7A80F-042C-47A7-BEAD-8278147D1B03}: NameServer = 172.27.12.254,156.154.70.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1ca807ac59d5734) (gupdate1ca807ac59d5734) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wyeke Service - Unknown owner - C:\ProgramData\Wyeke\wyeke129.exe
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 13106 bytes

Reklama

Damned · Příspěvekod **Damned** » 05 led 2010 16:58

Já tam nevidím problém.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Grinch · Příspěvekod **Grinch** » 05 led 2010 17:07

tady je log z MBAM.

Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

5.1.2010 17:06:48
mbam-log-2010-01-05 (17-06-48).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 98506
Uplynulý čas: 2 minute(s), 54 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Damned · Příspěvekod **Damned** » 05 led 2010 17:25

Stáhni si :Dr. Web CureIt nebo z http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html dej update , po aktualizaci dej start.

Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Pak napiš výsledek. Sken může trvat dlouho. Nalezenou infekci nejdříve léčit, potom teprve smazat. Pokud něco najde ve složce System Volume Information, tak smazat.

Grinch · Příspěvekod **Grinch** » 05 led 2010 18:00

Po skončení skenu v DR.WEB bylo v programu napsáno Hotovo - nebyl nalezen žádný vir.

Damned · Příspěvekod **Damned** » 05 led 2010 18:50

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Grinch · Příspěvekod **Grinch** » 05 led 2010 20:17

Vygeneroval se mi jen OTL.txt TOHLE JE PRVNÍ POLOVINA

OTL logfile created on: 1/5/2010 8:09:43 PM - Run 3
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Users\Lisacek\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451.11 Gb Total Space | 362.86 Gb Free Space | 80.44% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LISACEK-PC
Current User Name: Lisacek
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Lisacek\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\ProgramData\Wyeke\wyeke129.exe ()
PRC - C:\Program Files (x86)\Wyeke\wyeke.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Xobni\XobniService.exe (Xobni Corporation)
PRC - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe ()
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)

========== Modules (SafeList) ==========

MOD - C:\Users\Lisacek\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files (x86)\Wyeke\wyeke.dll ()
MOD - C:\Windows\SysWOW64\wininet.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\wintrust.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (ESET)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (Wyeke Service) -- C:\ProgramData\Wyeke\wyeke129.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (gupdate1ca807ac59d5734) Služba Google Update (gupdate1ca807ac59d5734) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (XobniService) -- C:\Program Files (x86)\Xobni\XobniService.exe (Xobni Corporation)
SRV - (fsssvc) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (FastBootAgent) -- C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe (ASUSTeK Computer Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (VSS) -- C:\Windows\Vss [2009/07/14 04:20:14 | 00,000,000 | ---D | M]
SRV - (MSDTC) Služba DTC (Distributed Transaction Coordinator) -- C:\Windows\SysWOW64\Msdtc [2009/07/14 04:20:14 | 00,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (LightScribeService) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe ()
SRV - (Microsoft Office Groove Audit Service) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
SRV - (Bonjour Service) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (epfwwfpr) -- C:\Windows\SysNative\drivers\epfwwfpr.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (eamon) -- C:\Windows\SysNative\drivers\eamon.sys (ESET)
DRV:64bit: - (AsDsm) -- C:\Windows\SysNative\drivers\AsDsm.sys (ASUSTek Computer Inc)
DRV:64bit: - (NETw5s64) Ovladač adaptéru Intel(R) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (L1C) NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (NETw1v64) Intel(R) -- C:\Windows\SysNative\drivers\NETw1v64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (BthPan) Bluetooth Device (Personal Area Network) -- C:\Windows\SysNative\drivers\bthpan.sys (Microsoft Corporation)
DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\drivers\bthport.sys (Microsoft Corporation)
DRV:64bit: - (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) -- C:\Windows\SysNative\drivers\rfcomm.sys (Microsoft Corporation)
DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\drivers\bthenum.sys (Microsoft Corporation)
DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\drivers\BTHUSB.SYS (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (CSC) -- C:\Windows\CSC [2009/11/27 09:37:12 | 00,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\snp2uvc.ini ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/12/28 23:43:02 | 00,000,000 | ---D | M]

[2009/12/31 13:10:30 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\mozilla\Extensions
[2009/12/27 22:54:18 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Lisacek\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/12/31 13:10:33 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/12/27 21:01:17 | 00,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}

O1 HOSTS File: (2828 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 52 more lines...
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [FortKnoxPersonalFirewall] C:\Program Files (x86)\FortKnox Personal Firewall\FortKnoxGUI.exe File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [Task Bar] C:\Documents and Settings\All Users\Documents\svchast.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Lisacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registrace Need for Speed™ Undercover.lnk = C:\Program Files (x86)\EA Games\Need for Speed Undercover\Support\EAregister.exe (Leader Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 16
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)

Grinch · Příspěvekod **Grinch** » 05 led 2010 20:18

TOHLE JE DRUHÁ POLOVINA

O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.27.12.254 168.192.2.254
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/01/05 20:07:57 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\Lisacek\Desktop\OTL.exe
[2010/01/05 18:32:43 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Installer10976
[2010/01/05 18:28:04 | 00,000,000 | ---D | C] -- C:\Shoty
[2010/01/05 17:42:21 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\DoctorWeb
[2010/01/05 17:21:25 | 00,786,710 | RH-- | C] (Microsoft Corporation) -- C:\Users\Public\Documents\svchast.exe
[2010/01/05 16:49:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/01/05 16:48:48 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Lisacek\Desktop\HijackThisInstaller.exe
[2010/01/04 21:29:24 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\Workspace Macro Pro
[2010/01/04 21:29:24 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\Launch-n-Go
[2010/01/04 21:28:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Workspace Macro Pro 6.5
[2010/01/04 20:35:11 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\SCREENSHOTS
[2010/01/04 20:34:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ScreenShots
[2010/01/04 19:44:26 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\picpick
[2010/01/03 15:46:53 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\out
[2010/01/03 15:10:37 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\RSBot
[2010/01/03 14:55:29 | 00,000,000 | ---D | C] -- C:\Windows\Sun
[2010/01/03 11:51:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\RKCutterBanker
[2010/01/03 11:42:41 | 00,000,000 | ---D | C] -- C:\ProgramData\Wyeke
[2010/01/03 11:42:41 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Wyeke
[2010/01/03 11:26:00 | 00,000,000 | ---D | C] -- C:\ProgramData\Winferno
[2010/01/03 11:21:17 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Free Offers from Freeze.com
[2010/01/03 11:21:13 | 00,516,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CapiCom.dll
[2010/01/02 20:44:40 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Adobe
[2010/01/02 12:56:16 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010/01/02 12:08:43 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\teamspeak2
[2010/01/02 12:08:27 | 00,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm
[2010/01/02 12:07:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2
[2010/01/02 11:05:13 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\MBAM
[2010/01/02 11:03:56 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/01/01 21:05:06 | 00,000,000 | ---D | C] -- C:\Windows\Temp
[2010/01/01 21:05:05 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Recent
[2010/01/01 18:57:25 | 00,000,000 | ---D | C] -- C:\Games
[2010/01/01 17:02:29 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Broadcom
[2010/01/01 16:06:26 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/01/01 09:35:51 | 00,077,976 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis64.sys
[2009/12/31 16:37:23 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\SHAUN WHITE SNOWBOARDING
[2009/12/31 15:36:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2009/12/31 13:53:59 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\Eidos
[2009/12/31 13:06:49 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Ubisoft
[2009/12/31 10:12:49 | 00,000,000 | ---D | C] -- C:\.jagex_cache_32
[2009/12/31 10:12:34 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Sun
[2009/12/29 11:18:15 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2009/12/29 11:18:14 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2009/12/28 23:43:01 | 00,000,000 | ---D | C] -- C:\Program Files\ESET
[2009/12/28 23:32:09 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/12/28 23:16:29 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\ESET
[2009/12/28 14:48:26 | 00,000,000 | ---D | C] -- C:\Xobni
[2009/12/27 22:54:16 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Thunderbird
[2009/12/27 22:54:16 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Thunderbird
[2009/12/27 22:41:03 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Desktop\Táta programy
[2009/12/27 22:36:00 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\ADVANCED SYSTEMCARE 3
[2009/12/27 22:34:31 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\UTORRENT
[2009/12/27 22:33:38 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\ADOBE READER 9
[2009/12/27 22:24:41 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\ImgBurn
[2009/12/27 22:24:21 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ImgBurn
[2009/12/27 21:01:44 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Skype
[2009/12/27 21:00:58 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2009/12/27 21:00:56 | 00,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2009/12/27 20:55:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[2009/12/27 19:51:44 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Xobni
[2009/12/27 19:51:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Xobni
[2009/12/27 19:50:49 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Trillian
[2009/12/27 19:49:56 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2009/12/27 18:19:40 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\PICPICK
[2009/12/27 15:29:00 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\PASSWORDS
[2009/12/27 15:22:03 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\My Lockbox
[2009/12/27 14:07:57 | 01,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2009/12/27 14:07:57 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2009/12/27 14:07:57 | 00,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2009/12/27 14:07:57 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2009/12/27 14:07:55 | 04,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2009/12/27 14:07:55 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2009/12/25 14:23:08 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2009/12/25 08:22:57 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\IObit
[2009/12/24 20:56:56 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\COD MW2 MP
[2009/12/24 09:14:41 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\FRAPS
[2009/12/24 09:09:22 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/12/23 19:53:07 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/12/23 19:32:16 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Malwarebytes
[2009/12/23 19:32:09 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/12/23 19:32:08 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/12/23 12:53:43 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Mozilla
[2009/12/23 12:53:29 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2009/12/23 11:52:43 | 00,000,000 | ---D | C] -- C:\Fraps
[2009/12/20 22:17:27 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Installer2356
[2009/12/20 21:52:00 | 00,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2009/12/20 21:45:54 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2009/12/20 21:43:09 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2009/12/20 21:40:40 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2009/12/20 21:36:20 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Adobe Photoshop CS3
[2009/12/20 21:16:57 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\Nexus Radio
[2009/12/20 21:16:57 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Nexus Radio
[2009/12/20 21:16:57 | 00,000,000 | ---D | C] -- C:\My Saved Files
[2009/12/20 21:16:57 | 00,000,000 | ---D | C] -- C:\My Recorded Files
[2009/12/20 17:52:21 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Ubisoft
[2009/12/20 17:52:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2009/12/19 08:13:30 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Local\Google
[2009/12/19 08:13:30 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2009/12/17 15:49:35 | 00,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2009/12/17 15:08:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2009/12/17 13:11:11 | 00,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2009/12/17 13:11:10 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2009/12/17 13:10:50 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2009/12/16 20:38:07 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\GTA IV
[2009/12/16 20:02:14 | 00,061,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2009/12/13 20:58:50 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Nero
[2009/12/13 20:55:25 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2009/12/13 20:55:23 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2009/12/13 11:09:22 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\AppData\Roaming\Allstar
[2009/12/12 20:53:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2009/12/12 09:49:48 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\ATUBE CATCHER
[2009/12/12 09:49:30 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\CCLEANER
[2009/12/12 09:49:08 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\COD2 SP A MP
[2009/12/12 09:48:12 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\EA DOWNLOAD MANAGER
[2009/12/12 09:47:56 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\GAMEPARK
[2009/12/12 09:41:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2009/12/11 14:46:43 | 00,000,000 | -H-D | C] -- C:\ProgramData\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
[2009/12/11 14:22:47 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2009/12/11 14:22:45 | 00,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2009/12/10 17:28:04 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\My Games
[2009/12/10 07:25:15 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009/12/10 07:25:14 | 00,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/12/06 20:18:06 | 00,000,000 | ---D | C] -- C:\Users\Lisacek\Documents\ICQ
[2008/08/12 05:45:20 | 00,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll

========== Files - Modified Within 30 Days ==========

[2010/01/05 20:08:09 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Lisacek\Desktop\OTL.exe
[2010/01/05 20:06:00 | 00,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/05 20:05:52 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/05 20:05:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/05 20:05:43 | 32,206,23360 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/05 20:05:08 | 02,883,584 | -HS- | M] () -- C:\Users\Lisacek\NTUSER.DAT
[2010/01/05 20:05:03 | 09,343,919 | -H-- | M] () -- C:\Users\Lisacek\AppData\Local\IconCache.db
[2010/01/05 19:35:07 | 00,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/05 19:27:53 | 00,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010/01/05 19:27:53 | 00,214,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/01/05 19:12:02 | 00,010,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 19:12:02 | 00,010,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 18:18:32 | 00,000,039 | ---- | M] () -- C:\Users\Lisacek\jagex_runescape_preferences.dat
[2010/01/05 18:09:45 | 00,000,069 | ---- | M] () -- C:\Users\Lisacek\jagex_runescape_preferences2.dat
[2010/01/05 17:41:05 | 26,741,288 | ---- | M] () -- C:\Users\Lisacek\Desktop\zgns3w9y.exe
[2010/01/05 17:39:17 | 26,741,288 | ---- | M] () -- C:\Users\Lisacek\Desktop\launch.exe
[2010/01/05 16:49:13 | 00,002,099 | ---- | M] () -- C:\Users\Lisacek\Desktop\HijackThis.lnk
[2010/01/05 16:48:55 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Lisacek\Desktop\HijackThisInstaller.exe
[2010/01/04 17:10:27 | 00,009,885 | -H-- | M] () -- C:\Users\Lisacek\Desktop\Settings.ini
[2010/01/03 15:12:39 | 00,000,085 | ---- | M] () -- C:\Users\Lisacek\AppData\Roaming\RSBot Accounts.ini
[2010/01/03 12:11:13 | 00,001,647 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010/01/02 12:58:19 | 00,002,266 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010/01/02 12:56:07 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/01/02 12:56:06 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deploytk.dll
[2010/01/02 12:56:06 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/01/02 12:56:06 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/01/02 12:08:27 | 00,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm
[2010/01/02 12:07:41 | 00,000,984 | ---- | M] () -- C:\Users\Lisacek\Desktop\Teamspeak 2 RC2.lnk
[2010/01/02 09:05:33 | 00,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/01/01 15:42:41 | 00,002,828 | RH-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2009/12/31 15:28:42 | 00,000,199 | ---- | M] () -- C:\DARE.INI
[2009/12/30 22:00:00 | 00,001,515 | ---- | M] () -- C:\Users\Lisacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registrace Need for Speed™ Undercover.lnk
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/12/30 14:55:06 | 00,022,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/12/29 11:18:14 | 00,002,539 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/12/28 13:58:50 | 00,000,293 | ---- | M] () -- C:\Windows\game.ini
[2009/12/27 22:24:24 | 00,001,871 | ---- | M] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2009/12/27 21:00:58 | 00,002,533 | ---- | M] () -- C:\Users\Lisacek\Desktop\Skype.lnk
[2009/12/27 20:56:45 | 00,001,830 | ---- | M] () -- C:\Users\Lisacek\Desktop\ICQ6.5.lnk
[2009/12/27 19:51:51 | 00,625,914 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009/12/27 19:51:51 | 00,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/12/27 19:51:51 | 00,120,000 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009/12/27 19:51:51 | 00,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/12/27 19:51:50 | 01,471,654 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/23 20:03:15 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\SM.lock
[2009/12/20 21:49:34 | 00,113,928 | ---- | M] () -- C:\Users\Lisacek\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/12/20 21:48:55 | 02,352,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009/12/19 09:21:51 | 00,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/12/17 15:49:35 | 00,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2009/12/11 18:11:31 | 02,250,024 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2009/12/11 14:21:00 | 00,000,662 | ---- | M] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2009/12/09 17:33:32 | 00,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2009/12/09 17:33:32 | 00,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2009/12/09 17:33:32 | 00,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2009/12/09 17:33:32 | 00,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll

========== Files Created - No Company Name ==========

[2010/01/05 17:41:02 | 26,741,288 | ---- | C] () -- C:\Users\Lisacek\Desktop\zgns3w9y.exe
[2010/01/05 17:39:16 | 26,741,288 | ---- | C] () -- C:\Users\Lisacek\Desktop\launch.exe
[2010/01/05 16:49:13 | 00,002,099 | ---- | C] () -- C:\Users\Lisacek\Desktop\HijackThis.lnk
[2010/01/03 15:12:39 | 00,000,085 | ---- | C] () -- C:\Users\Lisacek\AppData\Roaming\RSBot Accounts.ini
[2010/01/02 12:07:41 | 00,000,984 | ---- | C] () -- C:\Users\Lisacek\Desktop\Teamspeak 2 RC2.lnk
[2010/01/02 09:05:33 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/31 15:28:41 | 00,000,199 | ---- | C] () -- C:\DARE.INI
[2009/12/31 10:13:51 | 00,000,069 | ---- | C] () -- C:\Users\Lisacek\jagex_runescape_preferences2.dat
[2009/12/31 10:12:58 | 00,000,039 | ---- | C] () -- C:\Users\Lisacek\jagex_runescape_preferences.dat
[2009/12/29 11:18:14 | 00,002,539 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2009/12/28 13:58:50 | 00,000,293 | ---- | C] () -- C:\Windows\game.ini
[2009/12/28 09:38:41 | 00,009,885 | -H-- | C] () -- C:\Users\Lisacek\Desktop\Settings.ini
[2009/12/27 22:35:41 | 00,001,830 | ---- | C] () -- C:\Users\Lisacek\Desktop\ICQ6.5.lnk
[2009/12/27 22:35:22 | 00,002,533 | ---- | C] () -- C:\Users\Lisacek\Desktop\Skype.lnk
[2009/12/27 22:24:24 | 00,001,871 | ---- | C] () -- C:\Users\Public\Desktop\ImgBurn.lnk
[2009/12/27 19:51:50 | 01,471,654 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/12/27 19:51:47 | 00,000,032 | ---- | C] () -- C:\Users\Lisacek\AppData\Local\xobni_installer_updater.log
[2009/12/23 20:03:15 | 00,000,000 | ---- | C] () -- C:\Windows\SysWow64\SM.lock
[2009/12/19 08:30:07 | 00,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009/12/19 08:30:07 | 00,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009/12/11 14:21:00 | 00,000,662 | ---- | C] () -- C:\Windows\SysWow64\ealregsnapshot1.reg
[2009/12/05 10:45:14 | 00,073,728 | ---- | C] () -- C:\Windows\SysWow64\vbzlib1.dll
[2009/11/29 20:16:09 | 00,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2009/11/28 22:29:58 | 00,007,605 | ---- | C] () -- C:\Users\Lisacek\AppData\Local\Resmon.ResmonCfg
[2009/11/27 22:36:39 | 00,000,155 | ---- | C] () -- C:\Windows\winamp.ini
[2009/11/06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/20 17:51:33 | 00,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/08/19 09:33:09 | 00,000,031 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:01:09 | 00,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 00:42:10 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/08 18:31:56 | 00,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/12/02 02:32:32 | 00,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2008/10/07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/05/22 16:35:54 | 00,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2007/10/25 17:26:10 | 00,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2007/06/12 17:34:50 | 00,035,822 | ---- | C] () -- C:\Program Files (x86)\Common Files\ASPG_icon.ico
[2006/05/19 04:39:57 | 00,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2005/06/29 09:58:02 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005/02/17 12:31:58 | 00,921,600 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll
[2005/02/17 12:31:58 | 00,679,936 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2005/02/17 12:31:58 | 00,344,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2005/02/17 12:31:58 | 00,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2005/02/17 12:31:58 | 00,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005/02/17 12:31:58 | 00,155,136 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2005/02/17 12:31:58 | 00,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2001/01/12 10:52:26 | 00,044,032 | ---- | C] () -- C:\Windows\SysWow64\vbpng1.dll
[2001/01/12 10:49:38 | 00,021,504 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll

========== LOP Check ==========

[2009/12/13 11:09:22 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Allstar
[2009/12/01 18:17:28 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\DAEMON Tools Pro
[2009/12/28 23:16:29 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\ESET
[2009/11/27 22:24:14 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\GHISLER
[2010/01/05 18:34:46 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\ICQ
[2009/12/27 22:24:41 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\ImgBurn
[2009/12/25 17:07:01 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\IObit
[2009/11/30 11:13:33 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Leadertech
[2009/11/30 19:15:05 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\PC Suite
[2010/01/04 20:29:17 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\picpick
[2009/12/26 08:33:07 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Samsung
[2009/12/27 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Thunderbird
[2009/12/27 20:19:16 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Trillian
[2009/12/20 17:52:21 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\Ubisoft
[2010/01/03 11:17:41 | 00,000,000 | ---D | M] -- C:\Users\Lisacek\AppData\Roaming\uTorrent
[2009/12/25 08:28:22 | 00,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:C5096E95
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:C31F31E6
< End of report >

Damned · Příspěvekod **Damned** » 05 led 2010 21:01

Odinstaluj si ten Wyeke.

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\ProgramData\Wyeke\wyeke129.exe
PRC - C:\Program Files (x86)\Wyeke\wyeke.exe
MOD - C:\Program Files (x86)\Wyeke\wyeke.dll
SRV - (Wyeke Service) -- C:\ProgramData\Wyeke\wyeke129.exe
O1 HOSTS File: (2828 bytes) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 127.0.0.1 runescape.com
O1 - Hosts: 52 more lines...
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [FortKnoxPersonalFirewall] C:\Program Files (x86)\FortKnox Personal Firewall\FortKnoxGUI.exe File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:C5096E95
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:C31F31E6

:Files
C:\Windows\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Users\Lisacek\AppData\Local\Installer10976
C:\Users\Public\Documents\svchast.exe
C:\ProgramData\Wyeke
C:\Program Files (x86)\Wyeke
C:\Users\Lisacek\AppData\Local\Installer2356
C:\Windows\SysWow64\ealregsnapshot1.reg
C:\Windows\SysNative\drivers\etc\hosts

:Reg

:Commands
[purity]
[emptytemp]
[resethosts]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Grinch · Příspěvekod **Grinch** » 06 led 2010 16:58

No když chci ten wyeke odstranit konkrétně ten wyeke129.exe z C/programdata t aplikace se nespustí tudíž jsem zkusil odstranit tu složku Wyeke tak mi tonapsalo že soubor nelze odstranit že je používán a něco s Wyeke Service nevím jak se nějaký Wyeke mohl dostat do počítače.A když spustm ten fix a fixuje se ten wyeke129.exe tak to trvá hrozne dlouho dneska jsem PC nechal puštěný 6,5 hodin a stále se fixoval wyeke129.exe takže jsem to ukončil a nevím co mám dělat hlavně potřebuju nějak odstranit ten wyeke129.exe aby to pak šlo fixnout.

Damned · Příspěvekod **Damned** » 06 led 2010 17:48

Proveď ten skript v nouzovém režimu.

Grinch · Příspěvekod **Grinch** » 06 led 2010 18:21

Tak i v nouzovém režimu to trvá dlouho a opět u wyeke129.exe

Kontrola logu díky Vyřešeno

Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Re: Kontrola logu díky

Kdo je online