Chtel bych vas poprosit o kontrolu logu

Damned · Příspěvekod **Damned** » 08 led 2010 18:54

V Přidat/Odebrat programy odinstaluj všechno bezpečnostní co máš od Nortona, Symantecu a COMODO. Až bude, dej vědět.

Reklama

Olav · Příspěvekod **Olav** » 09 led 2010 12:15

Uz to nejspis mam

Damned · Příspěvekod **Damned** » 14 led 2010 13:14

Omlouvám se, že jsem tu chvíli nebyl. Pak popiš, jak se chová PC.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\Internet Logs\tvDebug.Zip
c:\users\Newman\AppData\Local\d3d9caps.dat
c:\windows\system32\drivers\sfi.dat
c:\windows\system32\ealregsnapshot1.reg
c:\windows\Tasks\Norton Security Scan for Newman.job
c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe

Folder::
c:\programdata\Symantec
c:\program files\Common Files\Symantec Shared
c:\programdata\Norton
c:\program files\Norton Security Scan
c:\programdata\Symantec
c:\programdata\NortonInstaller
c:\program files\NortonInstaller
c:\program files\ICQ6Toolbar

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT a popiš chování počítače

Olav · Příspěvekod **Olav** » 17 led 2010 00:11

to to je z kombofixu

ComboFix 10-01-16.02 - Newman 16.01.2010 23:38:56.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3068.1953 [GMT 1:00]
Spuštěný z: c:\users\Newman\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Newman\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\program files\Norton Security Scan\Engine\2.3.0.44\Nss.exe"
"c:\users\Newman\AppData\Local\d3d9caps.dat"
"c:\windows\Internet Logs\tvDebug.Zip"
"c:\windows\system32\drivers\sfi.dat"
"c:\windows\system32\ealregsnapshot1.reg"
"c:\windows\Tasks\Norton Security Scan for Newman.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\programdata\Norton
c:\programdata\Norton\symdata.xml
c:\programdata\NortonInstaller
c:\programdata\NortonInstaller\Logs\01-09-2010-11h55m38s\Install.1.mft.7z
c:\programdata\NortonInstaller\Logs\01-09-2010-11h55m38s\Norton Security Scan-0x0B60.log
c:\programdata\NortonInstaller\Logs\01-09-2010-11h55m38s\NortonInstall-01-09-2010-11h55m38s.log
c:\programdata\NortonInstaller\Logs\01-09-2010-11h55m47s\NortonInstall-01-09-2010-11h55m47s.log
c:\programdata\NortonInstaller\Logs\11-23-2009-21h23m58s\Install.1.mft.7z
c:\programdata\NortonInstaller\Logs\11-23-2009-21h23m58s\Norton Security Scan-0x06BC.log
c:\programdata\NortonInstaller\Logs\11-23-2009-21h23m58s\NortonInstall-11-23-2009-21h23m58s.log
c:\programdata\Symantec
c:\programdata\Symantec\LiveUpdate\Settings.LiveUpdate
c:\programdata\Symantec\symdata.xml
c:\users\Newman\AppData\Local\d3d9caps.dat
c:\windows\Internet Logs\tvDebug.Zip
c:\windows\system32\drivers\sfi.dat
c:\windows\system32\ealregsnapshot1.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-16 do 2010-01-16 )))))))))))))))))))))))))))))))
.

2010-01-16 23:02 . 2010-01-16 23:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-01-16 23:02 . 2010-01-16 23:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-13 10:24 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 10:24 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-07 16:42 . 2010-01-16 23:02 -------- d-----w- c:\users\Newman\AppData\Local\temp
2010-01-06 20:01 . 2010-01-06 20:01 -------- d-----w- c:\users\Newman\AppData\Roaming\Malwarebytes
2010-01-06 20:01 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-06 20:01 . 2010-01-06 20:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-06 20:01 . 2010-01-06 20:01 -------- d-----w- c:\programdata\Malwarebytes
2010-01-06 20:01 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-26 14:49 . 2009-12-26 14:49 -------- d-----w- c:\program files\Play+Smile
2009-12-26 14:17 . 2009-12-26 14:17 -------- d-----w- c:\users\Newman\AppData\Local\FullTiltPoker
2009-12-26 14:14 . 2009-12-26 14:19 -------- d-----w- c:\program files\Full Tilt Poker

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-16 22:32 . 2008-09-15 15:59 -------- d-----w- c:\users\Newman\AppData\Roaming\ICQ
2010-01-16 22:18 . 2008-08-18 23:40 403066 ----a-w- c:\programdata\nvModes.dat
2010-01-16 22:13 . 2008-08-18 23:09 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-14 02:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-12 10:37 . 2008-07-03 08:14 635994 ----a-w- c:\windows\system32\perfh005.dat
2010-01-12 10:37 . 2008-07-03 08:14 134788 ----a-w- c:\windows\system32\perfc005.dat
2010-01-09 11:21 . 2009-12-01 20:50 -------- d-----w- c:\program files\DaemonicMU
2010-01-09 11:00 . 2008-12-11 11:39 -------- d-----w- c:\users\Newman\AppData\Roaming\SoundSpectrum
2010-01-05 16:48 . 2009-11-29 10:45 1 ----a-w- c:\users\Newman\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-01-03 00:13 . 2008-12-13 10:11 -------- d-----w- c:\program files\DivX
2010-01-01 22:24 . 2009-11-18 17:19 -------- d-----w- c:\program files\Steam
2009-12-30 14:03 . 2009-11-13 16:55 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 14:14 . 2008-07-02 22:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-21 21:45 . 2009-05-06 18:53 -------- d-----w- c:\program files\Google
2009-12-01 07:23 . 2009-11-18 17:19 -------- d-----w- c:\program files\Common Files\Steam
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-30 16:37 . 2009-11-30 16:36 422437 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2009-11-30 16:35 . 2009-11-30 16:35 -------- d-----w- c:\program files\Zone Labs
2009-11-30 16:35 . 2009-11-30 16:35 -------- d-----w- c:\programdata\CheckPoint
2009-11-30 13:37 . 2008-07-02 23:47 -------- d-----w- c:\program files\Java
2009-11-29 11:40 . 2008-09-15 13:34 73152 ----a-w- c:\users\Newman\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-29 10:44 . 2009-11-29 10:44 -------- d-----w- c:\users\Newman\AppData\Roaming\OpenOffice.org
2009-11-29 10:41 . 2009-11-29 10:41 -------- d-----w- c:\program files\OpenOffice.org 3
2009-11-25 15:18 . 2009-11-25 14:53 -------- d-----w- c:\program files\Left 4 Dead 2
2009-11-25 02:00 . 2009-11-25 02:00 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-07-15 16:19 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2009-07-15 16:19 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-07-15 16:19 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-07-15 16:19 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2009-07-15 16:19 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-07-15 16:19 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-07-15 16:19 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-24 18:10 . 2009-11-24 18:10 316816 ----a-w- c:\windows\system32\appdrvrem01.exe
2009-11-24 18:10 . 2009-11-24 18:10 3033200 ----a-w- c:\windows\system32\drivers\appdrv01.sys
2009-11-24 16:58 . 2009-11-24 16:58 -------- d-----w- c:\program files\ND Games
2009-11-23 17:26 . 2009-04-07 17:23 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-11-23 17:06 . 2009-04-29 17:44 -------- d-----w- c:\users\Newman\AppData\Roaming\Nero
2009-11-22 15:57 . 2009-11-22 15:54 -------- d-----w- c:\users\Newman\AppData\Roaming\GameTracker
2009-11-22 15:54 . 2009-11-22 15:54 -------- d-----w- c:\program files\GameTracker
2009-11-22 14:44 . 2009-11-30 16:36 446664 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-11-22 14:42 . 2009-11-30 16:36 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-22 14:42 . 2009-11-30 16:36 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-11-22 14:42 . 2009-11-30 16:36 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-11-21 21:15 . 2008-09-22 15:06 -------- d-----w- c:\users\Newman\AppData\Roaming\uTorrent
2009-11-21 06:40 . 2009-12-09 10:51 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-09 10:51 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-11-21 06:34 . 2009-12-09 10:51 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-11-21 04:59 . 2009-12-09 10:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-11-20 14:51 . 2008-09-16 16:45 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-20 14:31 . 2008-09-16 16:45 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-20 14:04 . 2009-11-13 16:46 -------- d-----w- c:\programdata\ICQ
2009-11-19 07:43 . 2009-02-26 18:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-19 07:28 . 2009-11-19 07:28 -------- d-----w- c:\program files\2K Games
2009-11-18 18:15 . 2009-11-18 18:15 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-11-18 18:15 . 2009-11-18 18:15 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2009-11-18 18:15 . 2009-11-18 18:15 -------- d-----w- c:\program files\OpenAL
2009-11-18 17:16 . 2009-11-18 15:12 -------- d-----w- c:\program files\Call of Duty Modern Warfare 2
2009-11-14 00:49 . 2005-10-26 20:12 43528 ------w- c:\windows\system32\drivers\pxhelp20.sys
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
2009-11-13 21:36 . 2009-11-13 21:36 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-11-09 12:31 . 2009-12-09 18:09 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 18:09 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 18:09 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 09:59 . 2009-11-06 09:59 15406728 ----a-w- c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59 13642888 ----a-w- c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-03 08:05 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-30 08:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-29 09:17 . 2009-11-25 02:01 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-01 21:02 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
1999-04-23 22:22 . 1999-04-23 22:22 12 --sha-w- c:\windows\system\WININETICMP32.drv
2008-07-03 08:16 . 2008-07-03 08:16 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2010-01-07_16.39.10 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-13 10:24 . 2009-10-19 13:48 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
+ 2010-01-13 10:24 . 2009-10-19 13:47 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\fontsub.dll
+ 2010-01-13 10:24 . 2009-10-19 13:47 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\dciman32.dll
+ 2010-01-13 10:24 . 2009-10-19 13:46 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\atmlib.dll
+ 2009-07-15 04:26 . 2009-06-15 14:52 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
+ 2010-01-13 10:24 . 2009-10-19 13:35 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\fontsub.dll
+ 2009-07-15 04:26 . 2009-06-15 14:51 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\dciman32.dll
+ 2009-07-15 04:26 . 2009-04-11 06:28 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\atmlib.dll
+ 2010-01-13 10:24 . 2009-10-19 14:09 23552 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
+ 2010-01-13 10:24 . 2009-10-19 14:08 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\fontsub.dll
+ 2010-01-13 10:24 . 2009-10-19 14:08 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\dciman32.dll
+ 2010-01-13 10:24 . 2009-10-19 14:07 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\atmlib.dll
+ 2010-01-13 10:24 . 2009-10-19 14:24 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\fontsub.dll
+ 2009-07-15 04:26 . 2009-06-15 15:20 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\dciman32.dll
+ 2010-01-13 10:24 . 2009-10-19 14:17 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
+ 2010-01-13 10:24 . 2009-10-19 14:16 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\fontsub.dll
+ 2010-01-13 10:24 . 2009-10-19 14:15 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\dciman32.dll
+ 2010-01-13 10:24 . 2009-10-19 14:14 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\atmlib.dll
+ 2010-01-13 10:24 . 2009-10-19 14:39 24064 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
+ 2010-01-13 10:24 . 2009-10-19 14:37 72704 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\fontsub.dll
+ 2010-01-13 10:24 . 2009-10-19 14:37 10240 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\dciman32.dll
+ 2010-01-13 10:24 . 2009-10-19 14:36 34304 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\atmlib.dll
- 2009-07-09 13:51 . 2010-01-01 22:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-09 13:51 . 2010-01-13 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-09 13:51 . 2010-01-13 14:16 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-09 13:51 . 2010-01-01 22:40 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-09 13:51 . 2010-01-01 22:40 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-09 13:51 . 2010-01-13 14:16 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-01-16 22:15 . 2010-01-16 22:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 16:25 . 2010-01-07 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-01-07 16:25 . 2010-01-07 16:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-16 22:15 . 2010-01-16 22:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-01-13 10:24 . 2009-10-19 11:21 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\atmfd.dll
+ 2009-07-15 04:26 . 2009-06-15 12:42 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\atmfd.dll
+ 2010-01-13 10:24 . 2009-10-19 11:38 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\atmfd.dll
+ 2009-07-15 04:26 . 2009-06-15 12:52 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\atmfd.dll
+ 2010-01-13 10:24 . 2009-10-19 11:34 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\atmfd.dll
+ 2010-01-13 10:24 . 2009-10-19 11:45 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\atmfd.dll
+ 2010-01-13 10:24 . 2009-10-19 13:51 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.22247_none_b80bfbe83551d2b2\t2embed.dll
+ 2010-01-13 10:24 . 2009-10-19 13:38 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.18124_none_b794fe171c26af01\t2embed.dll
+ 2010-01-13 10:24 . 2009-10-19 14:11 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.22544_none_b6228922382e3189\t2embed.dll
+ 2010-01-13 10:24 . 2009-10-19 14:27 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.18344_none_b598ea711f109498\t2embed.dll
+ 2010-01-13 10:24 . 2009-10-19 14:22 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.21142_none_b43a20243b09a405\t2embed.dll
+ 2010-01-13 10:24 . 2009-10-19 14:42 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.16939_none_b3c27d2921dd6669\t2embed.dll
+ 2010-01-13 10:24 . 2009-12-11 09:11 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22286_none_f4a7b2cb81f9b443\OESpamFilter.dat
+ 2010-01-13 10:24 . 2009-12-11 09:09 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18164_none_f431b54468cda9e9\OESpamFilter.dat
+ 2010-01-13 10:24 . 2009-12-11 09:08 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22581_none_f2bc3f7184d7e06c\OESpamFilter.dat
+ 2010-01-13 10:24 . 2009-12-11 09:10 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18381_none_f232a0c06bba437b\OESpamFilter.dat
+ 2010-01-13 10:24 . 2009-12-11 09:09 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21179_none_f0e8a94387a2345d\OESpamFilter.dat
+ 2010-01-13 10:24 . 2009-12-11 09:10 2409784 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16977_none_f05d33c26e862ea3\OESpamFilter.dat
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\Newman\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-07-01 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-04-23 468264]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-03-14 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-01 554288]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13781536]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):48,07,d2,ee,33,3d,ca,01

R1 appdrv01;Application Driver (01);c:\windows\System32\drivers\appdrv01.sys [24.11.2009 19:10 3033200]
R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [15.7.2009 17:19 114768]
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\QuickPlay\000.fcl [2.7.2008 23:53 39408]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe [2.3.2009 17:43 81920]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [15.7.2009 17:19 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [15.7.2009 17:19 53328]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 15:24 24880]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [3.7.2008 0:42 341328]
R3 AVerAF15;HP DVB-T TV Tuner;c:\windows\System32\drivers\AVerAF15.sys [19.8.2008 0:19 280192]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [3.7.2008 0:00 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [24.1.2008 14:23 52736]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [1.4.2008 12:14 81296]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.11.2008 15:40 3668480]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [22.1.2009 14:43 52768]
S2 appdrvrem01;Application Driver Auto Removal Service (01);c:\windows\System32\appdrvrem01.exe svc --> c:\windows\System32\appdrvrem01.exe svc [?]
S2 gupdate1c9ce7bf53e2640;Google Update Service (gupdate1c9ce7bf53e2640);c:\program files\Google\Update\GoogleUpdate.exe [6.5.2009 19:53 133104]
S3 CamSpaceBus;CamSpace Virtual Joystick Bus device driver;c:\windows\System32\drivers\CamSpaceBus.sys [24.8.2008 12:55 14848]
S3 CamSpaceJoy;CamSpace Virtual Joystick device driver;c:\windows\System32\drivers\CamSpaceJoy.sys [24.8.2008 12:55 30464]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [15.9.2008 17:59 717296]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-06 18:53]

2010-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-06 18:53]

2010-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952806661-354123881-2290197719-1000Core.job
- c:\users\Newman\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 06:46]

2010-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-952806661-354123881-2290197719-1000UA.job
- c:\users\Newman\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-12 06:46]

2010-01-12 c:\windows\Tasks\HPCeeScheduleForNewman.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-07-02 13:14]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
uInternet Settings,ProxyOverride = local
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: {FC9D9B40-A460-4222-AD11-89D6E4C002E2} = 156.154.70.25,156.154.71.25
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 00:02
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
MsnMsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]
"ImagePath"="\??\c:\program files\HP\QuickPlay\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-952806661-354123881-2290197719-1000\Software\SecuROM\License information*]
"datasecu"=hex:f6,73,ac,45,3b,79,29,01,6d,85,e2,5e,e6,fa,41,d3,66,a3,82,83,eb,
5d,86,4c,60,8b,99,2a,e1,37,3d,7f,18,71,26,c1,8b,a4,2d,0e,02,51,e1,2c,34,65,\
"rkeysecu"=hex:0e,87,7f,1d,a5,19,05,17,54,6f,1a,d8,52,f6,42,63

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-01-17 00:04:56
ComboFix-quarantined-files.txt 2010-01-16 23:04
ComboFix2.txt 2010-01-07 16:41

Před spuštěním: Volných bajtů: 32 029 663 232
Po spuštění: Volných bajtů: 31 281 516 544

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 605A40F3126CB0E25DED1BF4A5A176D8

to to je z HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:10:24, on 17.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Users\Newman\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Opera\opera.exe
C:\Users\Newman\AppData\Local\Opera\Opera\profile\cache4\temporary_download\HijackThis (2).exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 213.194.206.216 l2authd.lineage2.com
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Newman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC9D9B40-A460-4222-AD11-89D6E4C002E2}: NameServer = 156.154.70.25,156.154.71.25
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\aestsrv.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate1c9ce7bf53e2640) (gupdate1c9ce7bf53e2640) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 9316 bytes

pc se mi zda zpomalene a po startu mi porad hlasi hlasku:
Program Windows Media Center Receiver Service přestal fungovat a byl ukončen.

Damned · Příspěvekod **Damned** » 17 led 2010 06:22

S Media Centrem sme nic nedělali :shock:

Napíše nějaký číslo chyby?

Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Klikni na Run Scan. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

Olav · Příspěvekod **Olav** » 18 led 2010 16:28

OTL.Txt tady

OTL logfile created on: 18.1.2010 15:34:34 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Users\Newman\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,37 Gb Total Space | 83,54 Gb Free Space | 28,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NEWMAN-PC
Current User Name: Newman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Newman\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Windows\System32\PnkBstrA.exe ()
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe (Hewlett-Packard)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\System32\hpservice.exe (Hewlett-Packard Corporation)
PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe ()
PRC - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe ()
PRC - C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Windows\SMINST\BLService.exe ()
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\vdsldr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
PRC - C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()

========== Modules (SafeList) ==========

MOD - C:\Users\Newman\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (IAANTMON) Intel(R) -- File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\stacsv.exe (IDT, Inc.)
SRV - (gupdate1c9ce7bf53e2640) Google Update Service (gupdate1c9ce7bf53e2640) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (PnkBstrA) -- C:\Windows\System32\PnkBstrA.exe ()
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e2247046\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (NMSAccessU) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (HP Health Check Service) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (Hewlett-Packard)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (hpsrv) -- C:\Windows\System32\hpservice.exe (Hewlett-Packard Corporation)
SRV - (QPSched) QuickPlay Task Scheduler (QTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe ()
SRV - (QPCapSvc) QuickPlay Background Capture Service (QBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe ()
SRV - (Recovery Service for Windows) -- C:\Windows\SMINST\BLService.exe ()
SRV - (Com4QLBEx) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Hewlett-Packard Development Company, L.P.)
SRV - (hpqwmiex) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Development Company, L.P.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe ()
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

========== Driver Services (SafeList) ==========

DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (ALWIL Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (CamSpaceJoy) -- C:\Windows\System32\drivers\CamSpaceJoy.sys (CamTrax Technologies)
DRV - (CamSpaceBus) -- C:\Windows\System32\drivers\CamSpaceBus.sys (CamTrax Technologies)
DRV - (hpdskflt) -- C:\Windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Corporation)
DRV - ({22D78859-9CE9-4B77-BF18-AC83E81A9263}) -- C:\Program Files\HP\QuickPlay\000.fcl (Cyberlink Corp.)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corp.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (AVerAF15) -- C:\Windows\System32\drivers\AVerAF15.sys (AVerMedia TECHNOLOGIES, Inc.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (HpqRemHid) -- C:\Windows\System32\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)
DRV - (BCM43XV) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Prev Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.03 18:55:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2009.11.02 14:43:02 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.01.24 08:33:30 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[2009.09.24 17:36:59 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.10.21 15:40:45 | 00,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009.05.01 22:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2007.04.10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009.07.31 14:23:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.05.12 19:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009.02.24 20:34:22 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009.05.01 22:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll

O1 HOSTS File: ([2008.03.14 21:43:02 | 00,000,838 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 216.107.250.194 nprotect.lineage2.com
O1 - Hosts: 213.194.206.216 l2authd.lineage2.com
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Pomocník pro přihlášení ke službě Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.01.18 15:32:12 | 00,547,328 | ---- | C] (OldTimer Tools) -- C:\Users\Newman\Desktop\OTL.exe
[2010.01.18 15:13:20 | 00,000,000 | ---D | C] -- C:\Banks
[2010.01.17 18:46:55 | 00,000,000 | ---D | C] -- C:\Windows\LastGood
[2010.01.17 18:30:47 | 00,000,000 | ---D | C] -- C:\Users\Newman\Tracing
[2010.01.17 00:05:01 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.01.16 23:37:34 | 00,000,000 | ---D | C] -- C:\ComboFix
[2010.01.16 23:37:20 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.01.16 23:36:13 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.01.16 23:36:13 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.01.16 23:36:13 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.01.13 11:24:18 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.01.13 11:24:18 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.01.07 17:42:00 | 00,000,000 | ---D | C] -- C:\Users\Newman\AppData\Local\temp
[2010.01.07 17:27:30 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.01.06 21:01:16 | 00,000,000 | ---D | C] -- C:\Users\Newman\AppData\Roaming\Malwarebytes
[2010.01.06 21:01:13 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.01.06 21:01:12 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.01.06 21:01:12 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.01.06 21:01:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.01.06 21:00:38 | 01,469,199 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Newman\Desktop\mbam-setup.exe
[2010.01.06 16:49:57 | 00,000,000 | ---D | C] -- C:\Users\Newman\Desktop\Nová složka
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.01.18 15:35:00 | 04,456,448 | -HS- | M] () -- C:\Users\Newman\NTUSER.DAT
[2010.01.18 15:33:08 | 00,403,066 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.01.18 15:33:08 | 00,403,066 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.01.18 15:32:12 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Newman\Desktop\OTL.exe
[2010.01.18 14:58:02 | 00,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.01.18 14:57:00 | 00,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.01.18 14:53:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.18 14:53:16 | 00,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.18 14:22:07 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.18 13:27:35 | 00,000,201 | ---- | M] () -- C:\Users\Newman\AppData\Roaming\default.rss
[2010.01.17 18:37:44 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.17 18:30:02 | 00,000,417 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010.01.17 18:29:18 | 32,182,96832 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.17 18:28:26 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.01.17 18:28:23 | 00,524,288 | -HS- | M] () -- C:\Users\Newman\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.01.17 18:28:23 | 00,065,536 | -HS- | M] () -- C:\Users\Newman\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.01.17 18:28:18 | 04,228,704 | -H-- | M] () -- C:\Users\Newman\AppData\Local\IconCache.db
[2010.01.17 17:58:40 | 01,508,158 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.17 17:58:40 | 00,635,994 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.01.17 17:58:40 | 00,625,582 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.17 17:58:40 | 00,134,788 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.01.17 17:58:40 | 00,117,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.17 00:02:23 | 00,009,415 | ---- | M] () -- C:\Windows\system.ini
[2010.01.16 23:35:43 | 03,827,053 | R--- | M] () -- C:\Users\Newman\Desktop\ComboFix.exe
[2010.01.12 14:54:03 | 00,266,386 | ---- | M] () -- C:\Users\Newman\Documents\vztek 2sta3.flp
[2010.01.12 11:06:14 | 00,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForNewman.job
[2010.01.11 18:19:15 | 00,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.01.06 21:01:16 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.01.06 21:00:38 | 01,469,199 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Newman\Desktop\mbam-setup.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.01.16 23:36:13 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010.01.16 23:36:13 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.01.16 23:36:13 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.01.16 23:36:13 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010.01.16 23:36:13 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.01.16 23:32:05 | 03,827,053 | R--- | C] () -- C:\Users\Newman\Desktop\ComboFix.exe
[2010.01.11 18:49:00 | 00,000,326 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForNewman.job
[2010.01.10 11:08:38 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.01.06 21:01:16 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009.11.06 10:58:04 | 00,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.26 19:12:05 | 00,000,000 | ---- | C] () -- C:\Users\Newman\AppData\Roaming\downloads.m3u
[2009.09.24 14:22:56 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.19 11:15:38 | 00,000,201 | ---- | C] () -- C:\Users\Newman\AppData\Roaming\default.rss
[2009.04.29 18:19:20 | 00,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.10.07 09:13:30 | 00,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 00,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.30 15:54:57 | 00,000,034 | ---- | C] () -- C:\Users\Newman\AppData\Roaming\AVSDVDPlayer.m3u
[2008.09.30 15:52:39 | 00,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.09.30 15:38:54 | 00,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2008.09.30 15:38:54 | 00,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2008.09.30 15:38:54 | 00,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2008.09.30 15:38:52 | 00,152,064 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.09.30 15:38:52 | 00,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2008.09.30 15:38:51 | 00,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.09.19 12:07:17 | 00,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2008.09.19 09:22:47 | 00,000,094 | ---- | C] () -- C:\Users\Newman\AppData\Local\fusioncache.dat
[2008.09.16 17:45:38 | 00,138,576 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.09.16 17:45:38 | 00,022,328 | ---- | C] () -- C:\Users\Newman\AppData\Roaming\PnkBstrK.sys
[2008.09.15 19:40:18 | 00,031,232 | ---- | C] () -- C:\Users\Newman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.15 14:34:44 | 00,000,000 | ---- | C] () -- C:\Users\Newman\AppData\Local\QSwitch.txt
[2008.09.15 14:34:44 | 00,000,000 | ---- | C] () -- C:\Users\Newman\AppData\Local\DSwitch.txt
[2008.09.15 14:34:44 | 00,000,000 | ---- | C] () -- C:\Users\Newman\AppData\Local\AtStart.txt
[2008.08.19 00:40:51 | 00,403,066 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008.08.19 00:40:23 | 00,403,066 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 10:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2001.11.14 11:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll

========== LOP Check ==========

[2009.09.04 15:02:02 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\BSplayer
[2009.03.20 18:53:28 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\BSplayer Pro
[2009.01.07 13:19:11 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Canneverbe_Limited
[2009.09.09 11:44:57 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2008.09.15 17:59:27 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\DAEMON Tools
[2008.11.15 12:40:12 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\DiskAid
[2009.03.06 13:22:30 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\ESET
[2009.11.22 16:57:46 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\GameTracker
[2009.02.06 20:56:05 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\gnupg
[2009.05.03 17:47:57 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\HighAndes
[2008.11.15 16:12:30 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\HLSW
[2010.01.17 18:31:04 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\ICQ
[2009.07.23 14:38:32 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\ICQLite
[2008.11.25 17:34:23 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Leadertech
[2009.04.14 15:14:52 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Nvu
[2009.11.29 11:44:13 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\OpenOffice.org
[2009.06.27 18:26:06 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Opera
[2009.04.29 16:34:38 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Propellerhead Software
[2008.11.15 11:44:44 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Scirra
[2008.11.02 10:38:57 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\SecondLife
[2010.01.09 12:00:26 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\SoundSpectrum
[2008.09.19 13:29:22 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\TrojanHunter
[2008.11.15 12:40:15 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\TuneAid
[2009.04.21 07:43:25 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Ubisoft
[2008.11.05 18:18:11 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\Uniblue
[2009.11.21 22:15:34 | 00,000,000 | ---D | M] -- C:\Users\Newman\AppData\Roaming\uTorrent
[2010.01.17 18:36:40 | 00,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:13DFF3FB
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:417F5F46
< End of report >

Olav · Příspěvekod **Olav** » 18 led 2010 16:29

Extras.Txt tady

OTL Extras logfile created on: 18.1.2010 15:34:34 - Run 1
OTL by OldTimer - Version 3.1.25.2 Folder = C:\Users\Newman\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 69,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 290,37 Gb Total Space | 83,54 Gb Free Space | 28,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NEWMAN-PC
Current User Name: Newman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01432DCC-E143-43CA-931D-9B0441EB3B48}" = lport=138 | protocol=17 | dir=in | app=system |
"{048B0EB4-7D96-4440-9505-65085A0CF80A}" = lport=3390 | protocol=6 | dir=in | app=system |
"{09E09798-167E-4A31-A1AE-57379FF3EC1D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{0C4EB514-52CF-41A8-8F9B-3FE3F4E8D34D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0C9CA878-AE8D-4C9B-9E7B-8761ED07C2DB}" = rport=139 | protocol=6 | dir=out | app=system |
"{20DDBA72-2D9E-46FA-919F-9C3599ECADA4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{21313DF2-B2DC-4E56-8321-89FE429B44EF}" = lport=10244 | protocol=6 | dir=in | app=system |
"{22B72A61-E512-4A4E-82B6-E02608AC176C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{238EB77D-3FD7-459B-985F-B84B3D3F1471}" = rport=10244 | protocol=6 | dir=out | app=system |
"{28166568-C014-4C7B-BE08-9BB679828FF6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{2B97DB29-A5BD-4958-9892-22DE355E324E}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{2FF06E22-AFBF-427F-A39A-07A9442E0F48}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{32AC9F5D-7C5B-49B8-8922-E2F871A4F927}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3AF77A1C-B71C-4790-B5DA-FA66DCD75123}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{4D38725F-B35A-4736-AEFC-17392CF282A6}" = rport=445 | protocol=6 | dir=out | app=system |
"{61499B26-4983-43D0-ABDB-1C603620A46E}" = lport=20846 | protocol=17 | dir=in | name=bitcomet 20846 udp |
"{62588943-31C8-4668-89E0-12B949F13609}" = lport=445 | protocol=6 | dir=in | app=system |
"{65FCE9F6-9CA0-4CBA-8B1E-C161314B66AE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{6D3D2581-99D8-48FE-9DE1-452709CBB598}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{6E8E82A1-D0FD-4D3A-902A-A60EFF53C208}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{73153C8D-A116-4C6C-A503-A3EE87CEA218}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{8430C8E4-904D-4ECB-93FF-0D7928CB3FEF}" = lport=139 | protocol=6 | dir=in | app=system |
"{8528BC66-179D-4266-9F47-0F6CC5C8F4E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{9CFFB8F9-BAC2-4C03-BED0-B4AA30E46AC0}" = lport=20846 | protocol=6 | dir=in | name=bitcomet 20846 tcp |
"{B700A1E1-03A9-45B9-8F71-2EAF0731F5D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C558F721-42B0-42F8-A393-6824B08E00AF}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=sdílení souborů a tiskáren (služba zařazování tisku – rpc-epmap) |
"{CFAC707B-88AE-4489-83C5-DA72CACE974A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D61C19C4-950B-43D8-B918-6588C881BD80}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E3AF42EE-E722-4DDC-A4E3-A3D0932F2C6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E956C1C0-6A7A-4053-8AD8-C7075E944512}" = rport=138 | protocol=17 | dir=out | app=system |
"{F1F08452-BA2E-4811-9F1C-C2F42CD6FF0A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FC44E1CA-6518-4AAF-B352-7010A5FAF9FC}" = lport=137 | protocol=17 | dir=in | app=system |
"{FDABB9CE-7AA1-4859-AFD0-2388CC8444DA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06FA1B9F-AD2D-4E42-A1CA-8290CBB8CBAD}" = protocol=6 | dir=in | app=c:\program files\icqlite\icq.exe |
"{1B0C3AB0-0272-4FF8-A8F0-641DFB49F30C}" = protocol=17 | dir=in | app=c:\program files\willing webcam\wwcam.exe |
"{1CE168FE-1D3D-4BA0-A609-FD5C107C6657}" = protocol=58 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-out) |
"{1CEF231D-B26D-4902-BC22-EE3917B6A526}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{21968D2A-D85F-47AA-AD24-57A2FAA222D0}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{246D5E81-B910-422C-B483-F061202B51E4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{280D758C-6AA4-47E5-8851-C07EC4940E24}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{29F295A9-ED61-4E9E-B64E-7B989EEB0B09}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{2DEAE7DD-0983-48FB-B10B-62E4B4A1631A}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{3FB079EE-E71F-4A48-9C8F-92FACDA4BFF0}" = protocol=1 | dir=out | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-out) |
"{5F594053-64CB-4BC2-858A-7B7DC04A2FAE}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{601DC3AF-10F7-4820-AFFC-20F12D555DEF}" = protocol=6 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{666B3AAE-4CF5-4C42-969B-0BB40A072E8B}" = protocol=6 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{7221CD0F-441C-43C8-9424-78F9785A0A74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7F06AC1D-BCD0-4093-9DA2-F20A8ACFE575}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{845571A1-F325-4280-87BC-F62C38D85B63}" = protocol=6 | dir=in | app=c:\program files\willing webcam\wwcam.exe |
"{8A850660-B68C-43EF-AC16-824574C6B03E}" = protocol=17 | dir=in | app=c:\program files\empire interactive\flatout ultimate carnage\fouc.exe |
"{8FDCF41E-7015-4333-91C5-54316011B823}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A0C10939-C011-4525-BB0B-4604D2F90AD6}" = protocol=17 | dir=in | app=c:\program files\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{ACF94249-732D-422C-B9C2-F2B4ABF00E31}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B19CBA13-0713-4B0F-9D0F-04870A6AFE2B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\zero gear\zerogear.bat |
"{B9983B7C-1D51-41C0-8213-BDB1CC4DAAAB}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{C5198AC4-F31B-47E9-A69C-E3DEAE8ED280}" = protocol=17 | dir=in | app=c:\program files\icqlite\icq.exe |
"{CD2DDAAA-5072-46A3-A675-CB9B1FC4ACB4}" = protocol=17 | dir=in | app=c:\program files\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{D79B2941-BD07-4F66-A102-E84F624699EE}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{DA77F9E0-F6F5-4F10-A5A3-8E13375800AD}" = protocol=58 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv6-in) |
"{DEAF87FE-2969-454A-9EF3-AF80D5F7D86E}" = protocol=1 | dir=in | name=sdílení souborů a tiskáren (požadavek na odezvu - icmpv4-in) |
"{E8695DD4-B019-4626-AA4C-5132CE89EDD1}" = protocol=6 | dir=in | app=c:\program files\empire interactive\flatout ultimate carnage\fouc.exe |
"{E9A7AD5D-D428-47D0-B0B3-B154262E65B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{0149B2B2-634F-4A14-99F6-76964721C862}C:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=6 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"TCP Query User{03F7A2AA-8568-4504-B8BD-0CFCB96E8AF4}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{0C5CED54-0E1B-4ED7-9622-1E8904F23343}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{0DA4D632-4A69-42C4-B433-9E272ED2B488}C:\program files\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{194C1978-9D1E-47B4-B015-1DEFFD92E534}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{25BA6613-6751-4EA5-9F53-19932098E45D}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{269B03D8-478C-419E-AD77-5E697FD6E9D1}C:\program files\call of duty modern warfare 2\iw4sp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4sp.exe |
"TCP Query User{27166C5C-CD51-41C4-A925-5F6E70B4B879}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{2C5CCA3A-D71D-4648-88DF-1640139C402E}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{32E562BC-8D76-4C3A-9931-B5E225D40BF2}C:\icqlite\icqlite.exe" = protocol=6 | dir=in | app=c:\icqlite\icqlite.exe |
"TCP Query User{3488BE80-7485-470D-9ABF-9F4EA0662135}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{364CA59A-D5C5-48FF-A321-30225776326C}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=6 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"TCP Query User{3E16AF40-2AE4-4891-A900-73271D8CA3B8}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{46ED47BB-B585-4A4F-8AD8-E0680659348C}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{476BDB13-FCDC-4941-9FE9-6ACE861D57B8}C:\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\counter-strike source\hl2.exe |
"TCP Query User{5055F6F6-CF45-43CE-ABDE-58EC0702A430}C:\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\counter-strike source\hl2.exe |
"TCP Query User{5B5CEC05-937A-46B2-A1A2-D53EE9420B6F}C:\program files\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq6.5\icq.exe |
"TCP Query User{666D7343-E789-40CC-8C93-B0132C97A7CC}C:\program files\activision\call of duty - world at war beta\codwawbeta.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war beta\codwawbeta.exe |
"TCP Query User{7885D672-123B-467F-BA45-DB272AF34A8E}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{8D0915CC-89A9-42CA-AE3E-89BE73BF6CBE}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{8E04BCFC-5E2B-4094-AD9D-095C2D8DB168}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"TCP Query User{9633186A-9494-4EEE-87BC-3D5F77771B0F}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"TCP Query User{96668544-D9DB-4531-9B82-9EEA43B323A6}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"TCP Query User{A4AE5B58-E96C-4C0C-B3D2-4FA5AC19F415}C:\program files\call of duty modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4mp.exe |
"TCP Query User{B41857CE-8F3A-4874-A7C3-679A3F3AA1B3}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |
"TCP Query User{C322F52E-B648-42A7-A0C9-7AA8E232517E}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{C3335BD3-353C-4C65-8D7F-1CD4F09FAFF4}C:\users\newman\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\newman\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{D3B46811-736A-41EB-B81D-68CD37C439F8}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"TCP Query User{DD271D90-A662-45A1-81CB-64E53FF644CB}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{E9DA9C47-EB17-4D81-BB58-37680ADDF29C}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{EC15605C-628B-4C8C-BACA-0E068CDAC5A6}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{EF657787-DA1F-4773-93E0-47F6FAEC504A}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{10424348-E855-4871-A05C-3C49DA03F379}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{10985EFF-2A6E-4BB1-894F-5F07132022CD}C:\program files\microsoft games\age of empires iii\age3.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"UDP Query User{217FEB3B-CC5E-4EB3-93AD-CE834D77C865}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{221FEF9F-BF70-450A-BA4E-425E6D5CE3F4}C:\program files\ubisoft\far cry 2\bin\farcry2.exe" = protocol=17 | dir=in | app=c:\program files\ubisoft\far cry 2\bin\farcry2.exe |
"UDP Query User{2F306383-2578-4866-B276-8A8F9EEA6260}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{34DEF1A1-001A-4458-9FED-C7ADF56F7198}C:\program files\call of duty modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4mp.exe |
"UDP Query User{3FDDFDFA-69DD-4D54-858A-81542E4B9AD6}C:\program files\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero 9\nero showtime\showtime.exe |
"UDP Query User{445CC6D8-6399-4C2B-AAC4-67CC4695981B}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{4EFB1043-C721-4CD8-9BB6-B22113DCBD3D}C:\program files\activision\call of duty - world at war\codwawmp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwawmp.exe |
"UDP Query User{54FCF1C6-5A60-4072-8859-03A21D170948}C:\program files\activision\call of duty - world at war\codwaw.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war\codwaw.exe |
"UDP Query User{67D020BB-BA46-470A-A2E9-F1AE291BBB01}C:\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\counter-strike source\hl2.exe |
"UDP Query User{6D4E9603-7AE6-40F4-85A7-F3F67F61C094}C:\users\newman\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\newman\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{79D4ABEB-1D3A-4338-A725-AA7B1EE9C6D6}C:\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\counter-strike source\hl2.exe |
"UDP Query User{7ECB11B6-1714-4361-975A-E4EFF1A60E72}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8D4104D5-F6A4-4926-A9DA-04B2E1631BB1}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{9330FC28-A941-4848-94D5-402188C2D415}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{9C150D30-A091-4D3A-A526-69BCC098E011}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{A347578B-4D51-4DA3-9979-94DC4931D9BB}C:\icqlite\icqlite.exe" = protocol=17 | dir=in | app=c:\icqlite\icqlite.exe |
"UDP Query User{A40DFCA1-FF37-4FB3-ABF7-838C56D1364B}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{ACFE3540-C68F-41E4-9D0C-C7102754669A}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{ADC2AD6C-DC5B-4156-91E4-D88367A36BAF}C:\program files\activision\call of duty - world at war beta\codwawbeta.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty - world at war beta\codwawbeta.exe |
"UDP Query User{AF072BF3-385E-49D2-9851-13A16B8F3126}C:\program files\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq6.5\icq.exe |
"UDP Query User{B009A1F2-EC09-42CC-9BF1-D3AEE284675B}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{B5CAA310-3542-4F8E-8997-04ADFA1B79E1}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{BA1BD47E-5458-46A4-8122-1E2E3696F139}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{CE01CE51-17EA-40D4-965F-4BFFD19499DA}C:\program files\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{DC923C93-9DAF-48A2-AB87-40FEA93B4BC6}C:\program files\activision\call of duty 2\cod2mp_s.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 2\cod2mp_s.exe |
"UDP Query User{DD3D16FE-47E6-4412-BA5B-A9F6CC5EA52F}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{EB3773D5-3573-4B0F-ABBF-B3A9E54C8C59}C:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe" = protocol=17 | dir=in | app=c:\program files\2k games\gearbox software\borderlands\binaries\borderlands.exe |
"UDP Query User{F00458EE-5EC0-4B74-9F15-913D26747234}C:\program files\call of duty modern warfare 2\iw4sp.exe" = protocol=17 | dir=in | app=c:\program files\call of duty modern warfare 2\iw4sp.exe |
"UDP Query User{F37ED21F-05E6-4310-9527-7EB0C5B3A5C9}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{FC9D7DD8-EE47-41A1-812C-B5BE83B3CE50}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6200
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{086a7d8c-0a38-4c7f-819a-620275550d5c}" = Nero BurningROM
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1c00c7c5-e615-4139-b817-7f4003de68c0}" = Nero PhotoSnap Help
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{316f9d03-8b09-4539-95bf-d29418b6ecde}" = Nero 9
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{51E5C397-0AA0-48DD-9CB6-7259AFFDFB0A}" = HP Easy Setup - Frontend
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress
"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{5E02E45F-FC60-459C-9A5A-E1EB190B6DBD}" = Pegasus Imaging PICVideo Motion JPEG 4.0
"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60c731fb-c951-41ce-ad41-8e54c8594609}" = Nero Disc Copy Gadget Help
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C13128C-1782-456F-84A4-017CECE259CA}" = ICQ Lite
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{77e33d87-255e-413e-9c8d-eed2a7f9bebf}" = Nero Live Help
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express
"{85155187-3BEF-47B4-A662-346FEABF67A6}" = ProtectSmart Hard Drive Protection
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98a67610-a3b5-4098-a423-3708040026d3}" = "Nero SoundTrax Help
"{9e82b934-9a25-445b-b8df-8012808074ac}" = Nero PhotoSnap
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{a209525b-3377-43f4-b886-32f6b6e7356f}" = Nero WaveEditor
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ad6bc5cc-2ef0-49c4-b33d-cdc8b2c4dc80}" = Nero Recode Help
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B16DA0F8-26BC-4FFC-9363-1D9F3E6C3E21}" = HP Customer Experience Enhancements
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}" = OpenOffice.org 3.0
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D786E04A-8AED-4B83-937E-CC8EC51E8BD8}" = Pegasus Imaging PICVideo 3
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}" = iTunes
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E1BBBAC5-2857-4155-82A6-54492CE88620}" = Opera 9.64
"{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1" = Texas Hold'em Poker 3D - Deluxe Edition 1.0
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit
"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{e8631efb-6b9a-426c-b1ce-e7173ca26bf8}" = Nero WaveEditor Help
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{EDE7B926-5EF2-4F2E-BCA5-994D85334DC5}_is1" = DaemonicMU
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{f1861f30-3419-44db-b2a1-c274825698b3}" = Nero Disc Copy Gadget
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast!" = avast! Antivirus
"BitComet" = BitComet 1.16
"CCleaner" = CCleaner
"Counter-Strike: Source" = Counter-Strike: Source
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"FL Studio 9" = FL Studio 9
"GameTracker Lite" = GameTracker Lite
"Hardcore" = Hardcore
"HijackThis" = HijackThis 2.0.2
"IL Download Manager" = IL Download Manager
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{5E02E45F-FC60-459C-9A5A-E1EB190B6DBD}" = Pegasus Imaging PICVideo Motion JPEG 4.0
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D786E04A-8AED-4B83-937E-CC8EC51E8BD8}" = Pegasus Imaging PICVideo 3
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Sawer" = Sawer
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam App 18800" = Zero Gear
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"Toxic Biohazard" = Toxic Biohazard
"Valve Hammer Editor" = Valve Hammer Editor
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"ZoneAlarm" = ZoneAlarm

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 12.1.2010 7:09:47 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:09:47 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:09:47 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:09:47 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:34 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:34 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:34 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:34 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:35 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

Error - 12.1.2010 7:10:35 | Computer Name = Newman-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: FATAL: NOT ENOUGH DATA GOT FROM ASYNC
IO CONTROL!!!!!!, 00001900.

[ Application Events ]
Error - 17.1.2010 12:55:54 | Computer Name = Newman-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\2K Games\Gearbox
Software\Borderlands\Binaries\Borderlands.exe se nezdařilo. Závislé sestavení Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.1"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 17.1.2010 12:56:57 | Computer Name = Newman-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 17.1.2010 12:58:06 | Computer Name = Newman-PC | Source = Google Update | ID = 20
Description =

Error - 17.1.2010 12:58:58 | Computer Name = Newman-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 17.1.2010 13:29:56 | Computer Name = Newman-PC | Source = WinMgmt | ID = 10
Description =

Error - 17.1.2010 13:32:34 | Computer Name = Newman-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ehRecvr.exe, verze 6.0.6001.18000, časové razítko
0x47919381, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x00464ff0, ID procesu 0x123c, čas spuštění aplikace
0x01ca979b07a47500.

Error - 17.1.2010 13:32:50 | Computer Name = Newman-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ehRecvr.exe, verze 6.0.6001.18000, časové razítko
0x47919381, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x04251ff0, ID procesu 0x16f4, čas spuštění aplikace
0x01ca979b17526f20.

Error - 17.1.2010 13:33:24 | Computer Name = Newman-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ehRecvr.exe, verze 6.0.6001.18000, časové razítko
0x47919381, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x003bbff0, ID procesu 0x14b0, čas spuštění aplikace
0x01ca979b2b7af4e0.

Error - 17.1.2010 13:33:48 | Computer Name = Newman-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace ehRecvr.exe, verze 6.0.6001.18000, časové razítko
0x47919381, chybující modul unknown, verze 0.0.0.0, časové razítko 0x00000000,
kód výjimky 0xc0000005, posun chyby 0x03c49ff0, ID procesu 0x17b8, čas spuštění aplikace
0x01ca979b39e7bc70.

Error - 17.1.2010 13:37:34 | Computer Name = Newman-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 17.1.2010 13:32:53 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7031
Description =

Error - 17.1.2010 13:33:27 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 17.1.2010 13:33:52 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 17.1.2010 13:38:32 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 17.1.2010 13:38:41 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 17.1.2010 13:38:41 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 17.1.2010 13:38:41 | Computer Name = Newman-PC | Source = Service Control Manager | ID = 7032
Description =

Error - 17.1.2010 13:39:29 | Computer Name = Newman-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 17.1.2010 14:10:18 | Computer Name = Newman-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

Error - 18.1.2010 8:09:54 | Computer Name = Newman-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

< End of report >

Damned · Příspěvekod **Damned** » 19 led 2010 17:20

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:13DFF3FB
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:417F5F46

:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Windows\tasks\SA.DAT

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 0

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Olav · Příspěvekod **Olav** » 21 led 2010 20:21

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\TEMP:13DFF3FB deleted successfully.
ADS C:\ProgramData\TEMP:417F5F46 deleted successfully.
========== FILES ==========
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\Windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP folder moved successfully.
File\Folder C:\Windows\System32\*.tmp not found.
C:\Windows\tasks\SA.DAT moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\"DisableMonitoring" | 0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\"DisableMonitoring" | 0 /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\"DisableMonitoring" | 0 /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Newman
->Temp folder emptied: 1826942 bytes
->Temporary Internet Files folder emptied: 144105285 bytes
->Java cache emptied: 45655352 bytes
->Opera cache emptied: 35417449 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1325486 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 218,00 mb

OTL by OldTimer - Version 3.1.25.2 log created on 01212010_200715

Files\Folders moved on Reboot...
C:\Users\Newman\AppData\Local\Temp\ehmsas.txt moved successfully.
C:\Users\Newman\AppData\Local\Temp\~DFC1EB.tmp moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\ZLT05f2c.TMP not found!

Registry entries deleted on Reboot...

Damned · Příspěvekod **Damned** » 21 led 2010 20:41

Ta hláška toho Media Centra je pořád? V chybách je jen název ehRecvr.exe a čísla, který jsem v supportu nenašel.

Olav · Příspěvekod **Olav** » 23 led 2010 10:56

Ano pořad.Vzdy po startu PC se ta hlaska otevre kdyz ji zavru viskoci znova a pak zase a porad dokola a nekdy zmizi

Damned · Příspěvekod **Damned** » 23 led 2010 11:15

Stáhni si :Dr. Web CureIt nebo z http://www.majorgeeks.com/Dr.Web_CureIT_d4783.html dej update , po aktualizaci dej start.

Tlačítky dole můzeš soubor léčit, smazat, přesunout nebo přejmenovat.Pak napiš výsledek. Sken může trvat dlouho. Nalezenou infekci nejdříve léčit, potom teprve smazat. Pokud něco najde ve složce System Volume Information, tak smazat.

Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Re: Chtel bych vas poprosit o kontrolu logu

Kdo je online