Facebook-VIR Vyřešeno

[DennyX]

Zdrvaím, jsem další co jsem chytl ten vir na ksichtbichli (facebooku). Samozřejmě nejde mi se na ksichtbichli připojit, taky nejde psát, nebo dívat se na komentáře kdekoli.



Log z MbAM :
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7296

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.7.2011 15:31:17
viry.txt

Typ: Rychlá kontrola
Kontrolované objekty: 197129
Uplynulý čas: 3 minut, 15 sekund

Infikované procesy v paměti: 11
Infikované moduly v paměti: 0
Infikované klíče v registru: 13
Infikované hodnoty v registru: 18
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 57

Infikované procesy v paměti:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 2320 -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2772 -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 4820 -> No action taken.
c:\Windows\update.tray-9-0\svchost.exe (Trojan.Dropper) -> 4828 -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 5820 -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent) -> 5836 -> No action taken.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> 2476 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 772 -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 2600 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2028 -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2160 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent) -> Value: systemup -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3950491.exe (Trojan.Agent) -> Value: 3950491.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\11943.exe (Trojan.Agent) -> Value: 11943.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9824143.exe (Trojan.Agent) -> Value: 9824143.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\97446244-loader2.exe (Trojan.Agent) -> Value: 97446244-loader2.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1551710.exe (Trojan.Agent) -> Value: 1551710.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9210730.exe (Trojan.Agent) -> Value: 9210730.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\w_distrib.exe (Trojan.Agent) -> Value: w_distrib.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.

Infikované soubory:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\update.tray-9-0\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> No action taken.
c:\Windows\systemup.exe (Trojan.Agent) -> No action taken.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> No action taken.
c:\Windows\services32.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\3950491.exe (Trojan.Agent) -> No action taken.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> No action taken.
c:\Users\Intel\AppData\Local\Temp\11943.exe (Trojan.Agent) -> No action taken.
c:\Users\Intel\AppData\Local\Temp\9824143.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\97446244-loader2.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\1551710.exe (Trojan.Agent) -> No action taken.
c:\program files (x86)\CENZURA toolbar\IE\4.5\youtubedownloadertoolbarie.dll (PUP.Dealio.TB) -> No action taken.
c:\Windows\Temp\2986149.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\3354417.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\41918543.exe (Trojan.Downloader) -> No action taken.
c:\Windows\Temp\451206.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\4586914.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\4814120.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\50779_myunrar2.exe (Trojan.Dropper) -> No action taken.
c:\Windows\Temp\563478.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\5712028.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6000598.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6460548.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7132862.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\8311885.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\8452650.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\9236666.exe (Trojan.Agent) -> No action taken.
c:\Users\Intel\downloads\rld-cod2kg.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\2763640.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\4178210.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6521506.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\6699666.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\7636813.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\8067292.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\9210730.exe (Trojan.Agent) -> No action taken.
c:\Windows\Temp\9245173.exe (Trojan.Agent) -> No action taken.
c:\Windows\hosts (Trojan.Agent) -> No action taken.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> No action taken.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\update.3\svchost.exe (Trojan.Agent) -> No action taken.
Děkuji a těším se na brzké vyřešení mého problému.

[Reklama]

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

+
Vlož log z HJT:
viewtopic.php?f=70&t=5119

+
Stáhni si rkill
a spusť ho . Spustí se sken .Po skenu se program sám ukončí.
Pozn.: NERESTARTUJ PC !

+
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[DennyX]

Tady jsou ty logy:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7296

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

27.7.2011 17:03:37
mbam-log-2011-07-27 (17-03-37).txt

Typ: Rychlá kontrola
Kontrolované objekty: 197171
Uplynulý čas: 2 minut, 30 sekund

Infikované procesy v paměti: 11
Infikované moduly v paměti: 0
Infikované klíče v registru: 13
Infikované hodnoty v registru: 18
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 59

Infikované procesy v paměti:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 2320 -> Unloaded process successfully.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2772 -> Unloaded process successfully.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> 4820 -> Unloaded process successfully.
c:\Windows\update.tray-9-0\svchost.exe (Trojan.Dropper) -> 4828 -> Unloaded process successfully.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 5820 -> Unloaded process successfully.
c:\Windows\systemup.exe (Trojan.Agent) -> 5836 -> Unloaded process successfully.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> 2476 -> Unloaded process successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 5612 -> Unloaded process successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 4872 -> Unloaded process successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2028 -> Unloaded process successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2160 -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico1 (Trojan.Dropper) -> Value: tray_ico1 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\systemup (Trojan.Agent) -> Value: systemup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3950491.exe (Trojan.Agent) -> Value: 3950491.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\11943.exe (Trojan.Agent) -> Value: 11943.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9824143.exe (Trojan.Agent) -> Value: 9824143.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\97446244-loader2.exe (Trojan.Agent) -> Value: 97446244-loader2.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1551710.exe (Trojan.Agent) -> Value: 1551710.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F3FEE66E-E034-436A-86E4-9690573BEE8A} (PUP.Dealio.TB) -> Value: {F3FEE66E-E034-436A-86E4-9690573BEE8A} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\5368292.exe (Trojan.Agent) -> Value: 5368292.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\w_distrib.exe (Trojan.Agent) -> Value: w_distrib.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> Quarantined and deleted successfully.

Infikované soubory:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\update.tray-7-0\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\update.tray-9-0\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\systemup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.tray-7-0-lnk\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\services32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\3950491.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Intel\AppData\Local\Temp\11943.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Intel\AppData\Local\Temp\9824143.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\97446244-loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\1551710.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\program files (x86)\CENZURA toolbar\IE\4.5\youtubedownloadertoolbarie.dll (PUP.Dealio.TB) -> Not selected for removal.
c:\Windows\Temp\2986149.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\3354417.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\41918543.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\451206.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\4586914.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\4814120.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\50779_myunrar2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\563478.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\5712028.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\6000598.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\6460548.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\7132862.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\8311885.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\8452650.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\9236666.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Intel\downloads\rld-cod2kg.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\2763640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\4178210.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\5368292.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\6521506.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\6699666.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\7636813.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\8067292.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\8870990.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\9210730.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\9245173.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\hosts (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\update.3\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.



This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 27.07.2011 at 17:06:48.
Operating System: Windows 7 Ultimate


Processes terminated by Rkill or while it was running:

C:\Users\Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe


Rkill completed on 27.07.2011 at 17:06:53.



ComboFix 11-07-27.01 - Intel 27.07.2011 17:33:37.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2629 [GMT 2:00]
Spuštěný z: c:\users\Intel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 15:37 . 2011-07-27 15:37 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-27 15:37 . 2011-07-27 15:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-27 15:32 . 2011-07-27 15:33 -------- d-----w- C:\32788R22FWJFW
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\users\Intel\AppData\Roaming\Malwarebytes
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-07-27 13:24 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-27 13:24 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-26 19:01 . 2011-07-26 19:01 -------- d-----w- c:\users\Intel\AppData\Local\LucasArts
2011-07-24 18:25 . 2011-07-24 18:25 -------- d-----w- c:\windows\ufa
2011-07-24 18:25 . 2011-07-24 18:25 -------- d-----w- c:\windows\phoenix
2011-07-24 18:22 . 2011-07-24 18:25 246272 ----a-w- c:\windows\unrar.exe
2011-07-24 18:20 . 2011-07-24 18:20 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-24 18:19 . 2011-07-24 18:19 -------- d-----w- c:\windows\av_ico
2011-07-24 18:18 . 2011-07-27 15:03 -------- d--h--w- c:\windows\update.tray-9-0
2011-07-24 18:18 . 2011-07-27 15:03 -------- d--h--w- c:\windows\update.tray-7-0
2011-07-24 18:18 . 2011-07-27 15:03 -------- d--h--w- c:\windows\update.tray-7-0-lnk
2011-07-24 18:18 . 2011-07-24 18:18 -------- d--h--w- c:\windows\update.tray-9-0-lnk
2011-07-19 10:34 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A870F541-E38E-4725-8791-345703E15EA8}\mpengine.dll
2011-07-10 12:48 . 2011-07-10 12:48 -------- d-----w- c:\program files (x86)\Application Updater
2011-07-10 12:48 . 2011-07-10 12:48 -------- d-----w- c:\program files (x86)\CENZURA Toolbar
2011-07-10 12:48 . 2011-07-10 12:48 -------- d-----w- c:\program files (x86)\Common Files\Spigot
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 15:37 . 2010-11-21 17:23 1409 ----a-w- c:\windows\QTFont.for
2011-06-27 19:44 . 2010-10-14 18:59 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-27 19:44 . 2010-04-21 19:51 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-27 16:32 . 2010-04-21 19:51 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-22 17:29 . 2010-04-26 17:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-25 07:25 . 2011-06-03 12:49 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-05-25 07:25 . 2011-06-03 12:49 174184 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-05-25 07:25 . 2011-05-19 19:43 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-25 07:25 . 2011-04-07 21:19 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:25 . 2011-04-07 21:19 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:25 . 2011-04-07 21:18 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-25 07:25 . 2010-09-10 22:55 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:25 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:25 . 2011-04-07 21:19 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:25 . 2011-04-07 21:19 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-25 07:25 . 2011-06-03 12:49 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-25 07:25 . 2011-06-03 12:49 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-03 12:49 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-25 07:25 . 2011-06-03 12:49 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-25 07:25 . 2011-06-03 12:49 22286952 ----a-w- c:\windows\system32\nvoglv64.dll
2011-05-25 07:25 . 2011-06-03 12:49 16456296 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-05-25 07:25 . 2011-06-03 12:49 13206120 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-25 07:25 . 2011-06-03 12:49 15223912 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-05-25 07:25 . 2011-06-03 12:49 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll
2011-05-25 07:25 . 2011-06-03 12:49 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll
2011-05-25 07:25 . 2010-09-27 15:24 11992680 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-25 07:25 . 2011-06-03 12:49 7123560 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-06-03 12:49 5301352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-05-25 07:25 . 2011-06-03 12:49 2943592 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-06-03 12:49 2804328 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-05-25 07:25 . 2011-06-03 12:49 2212968 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-03 12:49 2082408 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-03 12:49 18583144 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-06-03 12:49 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-05-25 07:25 . 2010-09-27 15:24 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-25 07:25 . 2010-09-27 15:24 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-05-19 17:49 . 2011-05-19 17:49 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2011-04-03 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-27_15.19.47 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-07-27 12:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-07-27 15:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-27 12:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 15:19 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-27 12:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 15:19 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-27 15:19 . 2011-07-27 15:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-27 15:37 . 2011-07-27 15:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 15:19 . 2011-07-27 15:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-27 15:37 . 2011-07-27 15:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 05:01 . 2011-07-27 15:37 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2011-07-27 15:18 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 02:34 . 2011-07-27 15:35 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-07-26 22:49 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\tbXfir.dll" [2010-10-10 3906656]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2009-12-31 2349080]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 13:51 3906656 ----a-w- c:\program files (x86)\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-10-10 13:51 3906656 ----a-w- c:\program files (x86)\XfireXO\tbXfir.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-12-31 10:53 2349080 ----a-w- c:\program files (x86)\BS_Player\tbBS_P.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files (x86)\XfireXO\tbXfir.dll" [2010-10-10 3906656]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files (x86)\BS_Player\tbBS_P.dll" [2009-12-31 2349080]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files (x86)\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe" [2009-08-18 1520128]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-12 39408]
"uTorrent"="d:\torrent\uTorrent.exe" [2011-03-29 399736]
"RGSC"="d:\games\gta\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"OscarEditor"="c:\program files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" [2009-12-22 2647040]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-11-19 2975640]
"AROReminder"="c:\program files (x86)\Advanced Registry Optimizer\ARO.exe" [2010-10-18 2215944]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-02-03 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2010-11-21 77824]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2010-12-22 274608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-06-24 534880]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CNET TechTracker.lnk - c:\users\Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe [2011-4-28 2619904]
GIGABYTE Gamer HUD Lite.lnk - c:\program files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe [2009-10-16 1678848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-6-6 1200144]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe [N/A]
Remote Control.lnk - c:\program files (x86)\KWorld Multimedia\TV713X Utilities\HMCP3XCtl.exe [2010-3-6 73728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-06-24 393112]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S3 3xHybr64;3xHybrid service;c:\windows\system32\DRIVERS\3xHybr64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 15:37]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 15:37]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
c:\program files\Alwil Software\Avast5\ashShA64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 236544]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all by FlashGet3 - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: ????3?? - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Intel\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Intel\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:8a,47,5d,76,ac,d8,74,af,50,ee,5c,d1,a7,d4,48,84,66,52,21,a4,4c,6b,98,
8c,11,27,88,99,6f,67,1b,e4,01,14,51,51,6a,5b,b5,25,a7,f0,79,45,54,d2,35,bd,\
"??"=hex:2e,ba,2c,43,a9,a2,a4,8b,05,38,2d,54,bf,0e,dc,ee
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\SecuROM\License information*]
"datasecu"=hex:a5,3a,fd,18,dc,4e,82,a9,4b,2e,26,88,91,21,0d,66,25,a9,9f,70,07,
f0,1a,5b,06,e7,90,df,53,45,e5,1a,da,d2,04,03,3a,24,13,a5,8d,fa,28,b0,38,19,\
"rkeysecu"=hex:de,3d,0a,15,0a,9a,8f,f1,7b,7e,81,81,d6,88,51,85
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
d:\games\gta\Rockstar Games Social Club\1_0_0_0\RGSC.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 17:41:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 15:41
ComboFix2.txt 2011-07-27 15:24
.
Před spuštěním: Volných bajtů: 18 652 073 984
Po spuštění: Volných bajtů: 18 584 555 520
.
- - End Of File - - 4040C76E2ED3D3BF6D12025846D8817A

[jaro3]

Odinstaluj:
CENZURA Toolbar
Spigot
XfireXO Toolbar
ConduitEngine
Ask.com
McAfee Security Scan pokud půjdou a najdeš.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\unrar.exe
c:\program files (x86)\BS_Player\tbBS_P.dll
c:\program files (x86)\XfireXO\tbXfir.dll
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe [N/A]
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\windows\ufa
c:\windows\phoenix
C:\32788R22FWJFW
c:\windows\av_ico
c:\windows\update.tray-9-0
c:\windows\update.tray-7-0
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-9-0-lnk
c:\program files (x86)\CENZURA Toolbar
c:\program files (x86)\Common Files\Spigot
c:\program files (x86)\Ask.com
c:\program files (x86)\XfireXO
c:\program files (x86)\ConduitEngine
c:\program files (x86)\McAfee Security Scan

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000

RegLock::
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*
N}Ź]
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*
N}ŹhQčţ”Ąc]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[DennyX]

tak tady to je ... dík za pomoc

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:17:06, on 27.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\torrent\uTorrent.exe
C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\KWorld Multimedia\TV713X Utilities\HMCP3XCtl.exe
C:\Users\Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
C:\Program Files (x86)\QuickTime\qttask.exe
C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Intel\AppData\Roaming\FlashGetBHO\FlashGetBHO31.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Center Agent] C:\Program Files (x86)\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "D:\torrent\uTorrent.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [AROReminder] C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe -rem
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-21-3576833049-4277480519-341520288-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3576833049-4277480519-341520288-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: CNET TechTracker.lnk = Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O4 - Global Startup: Remote Control.lnk = C:\Program Files (x86)\KWorld Multimedia\TV713X Utilities\HMCP3XCtl.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14552 bytes







ComboFix 11-07-27.01 - Intel 27.07.2011 19:56:56.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4094.2717 [GMT 2:00]
Spuštěný z: c:\users\Intel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Intel\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\BS_Player\tbBS_P.dll"
"c:\program files (x86)\XfireXO\tbXfir.dll"
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe [N/A]"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Ask.com
c:\program files (x86)\Ask.com\cobrand.ico
c:\program files (x86)\Ask.com\config.xml
c:\program files (x86)\Ask.com\favicon.ico
c:\program files (x86)\Ask.com\fv_585c.ico
c:\program files (x86)\Ask.com\GenericAskToolbar.dll
c:\program files (x86)\Ask.com\mupcfg.xml
c:\program files (x86)\Ask.com\SaUpdate.exe
c:\program files (x86)\Ask.com\UpdateTask.exe
c:\program files (x86)\BS_Player\tbBS_P.dll
c:\program files (x86)\ConduitEngine
c:\program files (x86)\ConduitEngine\ConduitEngine.dll
c:\program files (x86)\XfireXO
c:\program files (x86)\XfireXO\tbXfir.dll
c:\windows\av_ico
c:\windows\av_ico\ico_avast_desktop.ico
c:\windows\av_ico\ico_avast_start.ico
c:\windows\av_ico\ico_mcafee_start.ico
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\ufa
c:\windows\ufa\ufa.exe
c:\windows\unrar.exe
c:\windows\update.tray-7-0-lnk
c:\windows\update.tray-7-0
c:\windows\update.tray-9-0-lnk
c:\windows\update.tray-9-0-lnk\svchost.exe
c:\windows\update.tray-9-0
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_McComponentHostService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-27 do 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-27 18:00 . 2011-07-27 18:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-27 18:00 . 2011-07-27 18:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-27 15:59 . 2011-07-27 15:59 -------- d-----w- c:\users\Intel\AppData\Roaming\HPAppData
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\users\Intel\AppData\Roaming\Malwarebytes
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\programdata\Malwarebytes
2011-07-27 13:24 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-27 13:24 . 2011-07-27 13:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-27 13:24 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-26 19:01 . 2011-07-26 19:01 -------- d-----w- c:\users\Intel\AppData\Local\LucasArts
2011-07-24 18:20 . 2011-07-24 18:20 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-19 10:34 . 2011-06-07 17:10 8873296 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A870F541-E38E-4725-8791-345703E15EA8}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-27 18:00 . 2010-11-21 17:23 1409 ----a-w- c:\windows\QTFont.for
2011-06-27 19:44 . 2010-10-14 18:59 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-06-27 19:44 . 2010-04-21 19:51 214520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-06-27 16:32 . 2010-04-21 19:51 75064 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-06-22 17:29 . 2010-04-26 17:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-25 07:25 . 2011-06-03 12:49 29288 ----a-w- c:\windows\system32\nvhdap64.dll
2011-05-25 07:25 . 2011-06-03 12:49 174184 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2011-05-25 07:25 . 2011-05-19 19:43 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-25 07:25 . 2011-04-07 21:19 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-25 07:25 . 2011-04-07 21:19 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-25 07:25 . 2011-04-07 21:18 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-25 07:25 . 2010-09-10 22:55 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-25 07:25 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:25 . 2011-04-07 21:19 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:25 . 2011-04-07 21:19 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-25 07:25 . 2011-06-03 12:49 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-25 07:25 . 2011-06-03 12:49 67176 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-03 12:49 57960 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-05-25 07:25 . 2011-06-03 12:49 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-25 07:25 . 2011-06-03 12:49 22286952 ----a-w- c:\windows\system32\nvoglv64.dll
2011-05-25 07:25 . 2011-06-03 12:49 16456296 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2011-05-25 07:25 . 2011-06-03 12:49 13206120 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-25 07:25 . 2011-06-03 12:49 15223912 ----a-w- c:\windows\system32\nvd3dumx.dll
2011-05-25 07:25 . 2011-06-03 12:49 1496168 ----a-w- c:\windows\system32\nvdispco6420150.dll
2011-05-25 07:25 . 2011-06-03 12:49 1427048 ----a-w- c:\windows\system32\nvgenco642090.dll
2011-05-25 07:25 . 2010-09-27 15:24 11992680 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2011-05-25 07:25 . 2011-06-03 12:49 7123560 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2011-06-03 12:49 5301352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2011-05-25 07:25 . 2011-06-03 12:49 2943592 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2011-06-03 12:49 2804328 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2011-05-25 07:25 . 2011-06-03 12:49 2212968 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-03 12:49 2082408 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2011-05-25 07:25 . 2011-06-03 12:49 18583144 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2011-06-03 12:49 13011560 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2011-05-25 07:25 . 2010-09-27 15:24 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-25 07:25 . 2010-09-27 15:24 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-20 20:35 . 2011-05-20 20:35 304744 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2011-05-19 17:49 . 2011-05-19 17:49 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2009-07-14 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2011-04-03 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-07-27_15.19.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2011-07-27 15:38 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-27 12:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-07-27 12:50 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 15:38 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-27 15:38 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-27 12:50 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-25 10:49 . 2011-07-27 15:39 58944 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-07-27 15:21 39246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-27 15:39 39246 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-25 10:38 . 2011-07-27 15:39 20514 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3576833049-4277480519-341520288-1000_UserData.bin
- 2010-02-25 10:38 . 2011-07-27 15:21 20514 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3576833049-4277480519-341520288-1000_UserData.bin
+ 2010-02-25 17:28 . 2011-07-27 18:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-25 17:28 . 2011-07-27 15:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-25 17:28 . 2011-07-27 18:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-25 17:28 . 2011-07-27 15:20 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2010-02-25 17:28 . 2011-07-27 15:20 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-25 17:28 . 2011-07-27 18:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-04 14:17 . 2011-07-27 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-04 14:17 . 2011-07-27 15:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-03-04 14:17 . 2011-07-27 15:21 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-03-04 14:17 . 2011-07-27 18:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-07-27 15:19 . 2011-07-27 15:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-27 18:01 . 2011-07-27 18:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-27 15:19 . 2011-07-27 15:19 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-27 18:01 . 2011-07-27 18:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-07-27 15:18 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-07-27 18:00 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-07-25 14:22 . 2011-07-27 18:00 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3576833049-4277480519-341520288-1000-12288.dat
- 2011-07-25 14:22 . 2011-07-27 15:18 469536 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3576833049-4277480519-341520288-1000-12288.dat
+ 2009-07-14 02:34 . 2011-07-27 15:52 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
- 2009-07-14 02:34 . 2011-07-26 22:49 10223616 c:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files (x86)\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe" [2009-08-18 1520128]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-12 39408]
"uTorrent"="d:\torrent\uTorrent.exe" [2011-03-29 399736]
"OscarEditor"="c:\program files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe" [2009-12-22 2647040]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2010-11-19 2975640]
"AROReminder"="c:\program files (x86)\Advanced Registry Optimizer\ARO.exe" [2010-10-18 2215944]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-02-03 1242448]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" [2010-11-21 77824]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files (x86)\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2010-12-22 274608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
c:\users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CNET TechTracker.lnk - c:\users\Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe [2011-4-28 2619904]
GIGABYTE Gamer HUD Lite.lnk - c:\program files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe [2009-10-16 1678848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-6-6 1200144]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe [N/A]
Remote Control.lnk - c:\program files (x86)\KWorld Multimedia\TV713X Utilities\HMCP3XCtl.exe [2010-3-6 73728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-03-12 135664]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S3 3xHybr64;3xHybrid service;c:\windows\system32\DRIVERS\3xHybr64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
c:\program files\Alwil Software\Avast5\ashShA64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF24233.cfxxe" [X]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 236544]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all by FlashGet3 - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: ????3?? - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - c:\users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-RGSC - d:\games\gta\Rockstar Games Social Club\RGSCLauncher.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="c:\\Users\\Intel\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="c:\\Users\\Intel\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:8a,47,5d,76,ac,d8,74,af,50,ee,5c,d1,a7,d4,48,84,66,52,21,a4,4c,6b,98,
8c,11,27,88,99,6f,67,1b,e4,01,14,51,51,6a,5b,b5,25,a7,f0,79,45,54,d2,35,bd,\
"??"=hex:2e,ba,2c,43,a9,a2,a4,8b,05,38,2d,54,bf,0e,dc,ee
.
[HKEY_USERS\S-1-5-21-3576833049-4277480519-341520288-1000\Software\SecuROM\License information*]
"datasecu"=hex:a5,3a,fd,18,dc,4e,82,a9,4b,2e,26,88,91,21,0d,66,25,a9,9f,70,07,
f0,1a,5b,06,e7,90,df,53,45,e5,1a,da,d2,04,03,3a,24,13,a5,8d,fa,28,b0,38,19,\
"rkeysecu"=hex:de,3d,0a,15,0a,9a,8f,f1,7b,7e,81,81,d6,88,51,85
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Celkový čas: 2011-07-27 20:05:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-27 18:05
ComboFix2.txt 2011-07-27 15:41
ComboFix3.txt 2011-07-27 15:24
.
Před spuštěním: Volných bajtů: 18 653 888 512
Po spuštění: Volných bajtů: 18 213 576 704
.
- - End Of File - - D1917FDA6E8518CAF7DD939262D6D465

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

a použij i T-Cleaner

http://www.edisk.cz/stahni/29485/T-Clea ... 8.5KB.html

smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


Odinstaluj:
DAEMON Tools Toolbar
Google Toolbar
uTorrent ( taky bys mohl , pokud neužíváš , je to děravý program..)
McAfee Security Scan
pokud si ještě neudělal...

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.


Napiš , zdali je vše OK.

[DennyX]

No vypadá to že problém je vyřešený tak napůl, facebook už sice můžu zapnout ale vidím jenom horní lištu jinak je všechno bílé, komentáře pořád skoro nikde číst nemohu a udělal jsem vše co jsi psal tak nevím co je s tím .... ale i tak děkuju za pomoc

[DennyX]

jo a taky jak jsi psal že mám toto fixnout: O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
tak to tam nebylo ani jsem to nikde nenašel, takže ani neodinstaloval nebo odstranil.

[DennyX]

teď jsem zjistil že mě nejde spustit windows mediaplayer .......... a ten T-cleaner nejde stahnout z nikama. :(

[jaro3]

T-Cleaner , musíš vypnout rez. ochranu antiviru a antispywaru!!!

Pak stáhni z edisku.cz ..
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si OTH
na svojí plochu( pokud používáš Firefox , pravým klikni na OTH link a vyber uložit jako (Save as..).

Stáhni si OTL
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Stáhni si soubor Scan.txt
na svojí plochu (pokud používáš Firefox , pravým klikni na OTL link a vyber uložit jako (Save as..).

Poklepej na soubor OTH na ploše , po spuštění programu klikni na Kill All Processes.Poté klikni na Start OTL .Poklepej Do prázdného okna pod Vlastní skenování /opravy ( Custom Scans box). Objeví se zpráva: Kliknutím na OK vyberete cestu k souboru, kliknutím na Zrušit zrušíte výběr.
Klikni na OK. Objeví se okno průzkumníku , zde klikneš na plochu a najdeš na ní soubor Scan.txt .Klikni na Otevřít.
Poté klikni na Rychle prohledat (Quick Scan). Neměň žádná jiná nastavení . Sken může trvat dlouho.
Kdy sken skončí , objeví se na ploše dva logy:
OTL.Txt a Extras.Txt , jsou uloženy ve stejném místě jako OTL.
Zkopíruj sem prosím celý obsah obou logů.

[DennyX]

OTL logfile created on: 28.7.2011 0:19:41 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Intel\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,64% Memory free
8,00 Gb Paging File | 6,50 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,51 Gb Total Space | 27,77 Gb Free Space | 27,63% Space Free | Partition Type: NTFS
Drive D: | 831,00 Gb Total Space | 75,62 Gb Free Space | 9,10% Space Free | Partition Type: NTFS
Drive E: | 6,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: INTEL-PC | User Name: Intel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.28 00:17:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Intel\Desktop\otl.exe
PRC - [2011.07.28 00:17:33 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Intel\Desktop\OTH.scr
PRC - [2011.07.27 22:09:05 | 000,307,376 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2011.06.27 21:44:54 | 000,214,520 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2011.06.27 18:32:36 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.05.25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.01.13 09:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.02.11 13:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe


========== Modules (SafeList) ==========

MOD - [2011.07.28 00:17:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Intel\Desktop\otl.exe
MOD - [2011.07.27 22:26:13 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.04.14 03:00:27 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009.06.10 23:23:11 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.12.08 07:14:26 | 006,810,728 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe -- (NVIDIA Performance Driver Service)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.11.07 16:49:10 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.14 09:52:20 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.06.27 21:44:54 | 000,214,520 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2011.06.27 18:32:36 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.05.25 09:25:28 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.11.21 20:11:48 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.02.11 13:42:32 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.01.30 01:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.05.25 09:25:48 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.05.19 19:49:54 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.02.02 18:28:19 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.01.27 19:49:48 | 000,033,344 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2011.01.13 09:37:23 | 000,062,032 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.09.05 10:33:52 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.07.01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010.03.13 00:04:56 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010.03.11 22:29:30 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.03.10 09:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.02 00:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.09.26 09:56:00 | 000,113,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2008.09.26 09:56:00 | 000,112,144 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2008.09.26 09:56:00 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008.09.26 09:56:00 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2008.09.26 09:55:00 | 000,035,344 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV:64bit: - [2008.05.02 10:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2007.04.20 14:40:10 | 000,873,216 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\3xHybr64.sys -- (3xHybr64)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKLM\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.05 12:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010.12.22 01:17:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010.12.22 01:17:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.22 15:48:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.05 12:33:55 | 000,000,000 | ---D | M]

[2010.10.14 19:10:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Intel\AppData\Roaming\mozilla\Firefox\extensions
[2010.10.14 19:10:39 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Intel\AppData\Roaming\mozilla\Firefox\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}

O1 HOSTS File: ([2011.07.27 20:01:43 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Yahoo! Companion BHO) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (FlashGetBHO) - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Intel\AppData\Roaming\FlashGetBHO\FlashGetBHO31.dll (Trend Media Group)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (&Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKCU..\Run: [AROReminder] C:\Program Files (x86)\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKCU..\Run: [Center Agent] C:\Program Files (x86)\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [OscarEditor] C:\Program Files (x86)\Anti-Vibrate Oscar Editor\OscarEditor.exe ()
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] D:\torrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNET TechTracker.lnk = C:\Users\Intel\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe ()
O4 - Startup: C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE Gamer HUD Lite.lnk = C:\Program Files (x86)\GIGABYTE\Gamer HUD Lite\HUD.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Download all by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8:64bit: - Extra context menu item: Download by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Intel\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.05.11 10:05:24 | 000,000,115 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.07.28 00:17:38 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Intel\Desktop\OTL.exe
[2011.07.28 00:17:31 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Users\Intel\Desktop\OTH.scr
[2011.07.27 23:05:57 | 000,000,000 | ---D | C] -- C:\Users\Intel\AppData\Roaming\HPAppData
[2011.07.27 22:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.07.27 22:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011.07.27 22:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011.07.27 22:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.07.27 22:09:13 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.07.27 20:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011.07.27 20:15:51 | 000,000,000 | ---D | C] -- C:\Users\Intel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011.07.27 20:01:49 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.07.27 17:13:11 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.07.27 15:24:29 | 000,000,000 | ---D | C] -- C:\Users\Intel\AppData\Roaming\Malwarebytes
[2011.07.27 15:24:23 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.27 15:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.27 15:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.27 15:24:20 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.27 15:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.26 21:01:34 | 000,000,000 | ---D | C] -- C:\Users\Intel\Documents\LucasArts
[2011.07.26 21:01:33 | 000,000,000 | ---D | C] -- C:\Users\Intel\AppData\Local\LucasArts
[2011.07.25 16:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2010.03.13 00:04:56 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Intel\AppData\Roaming\pcouffin.sys
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.28 00:17:41 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Intel\Desktop\OTL.exe
[2011.07.28 00:17:33 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Users\Intel\Desktop\OTH.scr
[2011.07.27 23:02:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.27 23:02:44 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.27 22:26:11 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011.07.27 22:26:11 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011.07.27 22:26:10 | 000,001,858 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.27 22:26:03 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.07.27 22:19:50 | 000,023,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.27 22:19:50 | 000,023,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.27 22:09:14 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.27 20:15:51 | 000,002,975 | ---- | M] () -- C:\Users\Intel\Desktop\HiJackThis.lnk
[2011.07.27 20:01:43 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.07.27 15:52:59 | 000,001,268 | ---- | M] () -- C:\Users\Intel\Desktop\MinecraftSP.exe – zástupce.lnk
[2011.07.27 15:24:23 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.27 14:44:01 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011.07.26 23:56:50 | 000,007,605 | ---- | M] () -- C:\Users\Intel\AppData\Local\resmon.resmoncfg
[2011.07.24 20:23:17 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.24 20:22:34 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.07.15 10:09:05 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011.07.12 15:34:03 | 007,942,242 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.07.12 15:34:03 | 003,126,876 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.12 15:34:03 | 002,594,680 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.07.12 15:34:03 | 002,509,590 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.12 15:34:03 | 000,004,572 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.09 14:54:38 | 000,000,810 | ---- | M] () -- C:\Users\Intel\Desktop\sfBot.exe – zástupce.lnk
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.27 22:26:10 | 000,001,858 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.07.27 22:09:14 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.27 20:15:51 | 000,002,975 | ---- | C] () -- C:\Users\Intel\Desktop\HiJackThis.lnk
[2011.07.27 15:24:23 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.25 16:21:45 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk
[2011.07.24 20:23:17 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.24 20:22:15 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011.07.24 20:22:15 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.07.09 14:54:38 | 000,000,810 | ---- | C] () -- C:\Users\Intel\Desktop\sfBot.exe – zástupce.lnk
[2011.06.07 14:58:02 | 000,000,204 | ---- | C] () -- C:\Windows\SysWow64\secustat.dat
[2011.06.07 00:02:07 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.04.03 21:36:56 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2011.02.16 18:19:23 | 000,007,605 | ---- | C] () -- C:\Users\Intel\AppData\Local\resmon.resmoncfg
[2010.12.05 12:29:10 | 000,227,963 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010.11.16 22:27:20 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.11.16 21:59:43 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010.11.02 18:28:45 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010.10.21 17:01:55 | 000,000,293 | ---- | C] () -- C:\Windows\game.ini
[2010.04.21 21:51:37 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.21 21:51:32 | 000,214,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.12 23:14:35 | 000,000,049 | ---- | C] () -- C:\Windows\wincheater.ini
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.03.25 23:51:05 | 000,020,870 | ---- | C] () -- C:\Users\Intel\AppData\Roaming\UserTile.png
[2010.03.25 21:17:14 | 000,003,584 | ---- | C] () -- C:\Users\Intel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.13 00:04:56 | 000,007,859 | ---- | C] () -- C:\Users\Intel\AppData\Roaming\pcouffin.cat
[2010.03.13 00:04:56 | 000,001,167 | ---- | C] () -- C:\Users\Intel\AppData\Roaming\pcouffin.inf
[2010.03.12 23:57:24 | 000,001,044 | ---- | C] () -- C:\Users\Intel\AppData\Roaming\vso_ts_preview.xml
[2010.03.06 15:55:19 | 000,004,357 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2010.01.29 23:21:20 | 000,000,532 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 16:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.06.07 16:16:12 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.01.28 20:50:44 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== LOP Check ==========

[2011.05.26 10:40:56 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2011.03.07 16:38:22 | 000,383,592 | RHS- | M] () -- C:\bootmgr
[2010.02.25 19:17:31 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2011.02.16 18:10:58 | 000,008,192 | ---- | M] () -- C:\bootsect.lxe.bak
[2011.07.26 21:01:38 | 000,000,042 | ---- | M] () -- C:\cmdlog.txt
[2011.07.27 20:05:27 | 000,021,216 | ---- | M] () -- C:\ComboFix.txt
[2011.07.27 23:02:44 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.27 23:02:47 | 4293,386,240 | -HS- | M] () -- C:\pagefile.sys
[2010.10.08 19:54:32 | 034,013,024 | ---- | M] () -- C:\PhysX.exe
[2011.07.27 17:06:53 | 000,000,438 | ---- | M] () -- C:\rkill.log
[2010.03.04 16:22:13 | 000,171,136 | RHS- | M] () -- C:\w7ldr

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.06.30 08:21:46 | 010,985,472 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\drivers\*.sys /90 >
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\system32\drivers\mbamswissarmy.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 85 bytes -> C:\ProgramData:$SS_DESCRIPTOR_PVX2VCGKMVF9FFNYTK1RVDNJCML147D5YWLL4AMPB4A591KLP32MVVVVVVVVVVVVV

< End of report >

[DennyX]

OTL Extras logfile created on: 28.7.2011 0:19:41 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Intel\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,64% Memory free
8,00 Gb Paging File | 6,50 Gb Available in Paging File | 81,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 100,51 Gb Total Space | 27,77 Gb Free Space | 27,63% Space Free | Partition Type: NTFS
Drive D: | 831,00 Gb Total Space | 75,62 Gb Free Space | 9,10% Space Free | Partition Type: NTFS
Drive E: | 6,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: INTEL-PC | User Name: Intel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"FirewallOverride" = 0
"DisableThumbnailCache" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 0
"DisableThumbnailCache" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe" = C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe:*:Enabled:C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe
"C:\Windows\services32.exe" = C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe
"C:\Windows\update.3\svchost.exe" = C:\Windows\update.3\svchost.exe:*:Enabled:C:\Windows\update.3\svchost.exe
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- (Trend Media Corporation Limited)
"C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe" = C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe:*:Enabled:C:\Users\Intel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYD8O76G\Flash-Player[1].exe
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe
"C:\Windows\services32.exe" = C:\Windows\services32.exe:*:Enabled:C:\Windows\services32.exe
"C:\Windows\update.tray-9-0\svchost.exe" = C:\Windows\update.tray-9-0\svchost.exe:*:Enabled:C:\Windows\update.tray-9-0\svchost.exe
"C:\Windows\update.tray-7-0\svchost.exe" = C:\Windows\update.tray-7-0\svchost.exe:*:Enabled:C:\Windows\update.tray-7-0\svchost.exe
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe
"C:\Windows\update.3\svchost.exe" = C:\Windows\update.3\svchost.exe:*:Enabled:C:\Windows\update.3\svchost.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4C0A8D65-4286-4B58-87FE-18AD24289285}" = NVIDIA Performance Drivers
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 275.33
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PK-PCSU_is1" = Zrychleni Pocitace
"Shop for HP Supplies" = Shop for HP Supplies
"TVP3XDrv" = KWorld TV713X BDA Driver
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07BE4679-4318-4413-9701-B3D91354F10C}" = Heroes of Might & Magic V: Hammers of Fate
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1" = Geeks3D PhysX FluidMark v1.2.2
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1" = Free Screen Video Capture by Topviewsoft 4.1.7
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = CENZURA 2.7.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = The Battle for Middle-earth (tm) II
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{333F3B34-0374-4B2C-9A23-EA6294D82772}" = HyperLobby client
"{343737F4-C04D-49F4-BE58-C7EAA8EBA57A}" = Need for Speed™ ProStreet
"{3F5FA47E-B4DE-45B4-85E3-11CD5E4974A3}_is1" = The Witcher 2 Assassins of Kings version 1.0
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{49F864F5-1A85-4E69-8764-C7E4EABD8BA0}" = KWorld TV713X Utilities
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{5612C844-55BC-4B77-82C2-A2E28962418E}" = Republic Heroes
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{588A57A4-4E74-427D-8D0C-AA18EBE439F7}" = MorphVOX Pro
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}" = SPORE™ Galaktická dobrodružství
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D3E3395-A9A0-42D4-A81B-41C3583CCE89}" = OSCAR Editor
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.2.137
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}" = Call of Duty(R) 2 Patch 1.3
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): THE GAME
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8829DAD4-8F07-4A96-B995-15498EBB8045}" = Heroes of Might and Magic V
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}" = Gamer HUD Lite
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CCB3527-C033-415C-88B6-27173B5E3592}" = Tron: Evolution
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = The Lord of the Rings, The Rise of the Witch-king
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C07F8D75-7A8D-400E-A8F9-A3F396B49BB1}" = SPORE™ Balíček strašidelných a roztomilých doplňků
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.10.324
"{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}" = Vietcong & Vietcong: Fist Alpha
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E17141A6-211D-5854-61D9-69827A430D82}" = EA Download Manager UI
"{E21FC46A-53ED-4AAA-9C34-7F6C5AB3126A}" = Governor of Poker
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1" = ArcaniA - Gothic 4 Hotfix
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = Zaklínač
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F3B0AC10-3636-4166-81CF-86CD7A8B0123}" = Prince Of Persia
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC8A7918-D65D-440C-9596-C88185E8DCA4}" = Activision(R)
"{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}" = Nero Burning ROM 10
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Videosoft Nokia Video Converter_is1" = 4Videosoft Nokia Video Converter
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Advanced Registry Optimizer_is1" = Advanced Registry Optimizer
"ArcaniA" = ArcaniA - Gothic 4
"Atf" = Atf Profi
"avast5" = avast! Free Antivirus
"AVI ReComp" = AVI ReComp 1.5.1
"Avidemux 2.5" = Avidemux 2.5
"Avisynth" = AviSynth 2.5
"BS_Player Toolbar" = BS_Player Toolbar
"BSPlayerf" = BS.Player FREE
"Call of Duty: Black Ops_is1" = Call of Duty: Black Ops
"CaptureOne4_is1" = Capture One 4.8
"Colin McRae DiRT 2_is1" = Colin McRae DiRT 2
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX Setup
"EA Download Manager" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FlashGet 3.7" = FlashGet 3.7
"FlatOut: UC_is1" = FlatOut UC
"GameParkClient_is1" = GamePark
"Google Chrome" = Google Chrome
"Hamachi" = Hamachi 1.0.3.0
"HyperMedia_is1" = HyperMedia Software
"HyperMediaCenter 3.6_is1" = HyperMediaCenter 3.6
"InstallShield_{6D3E3395-A9A0-42D4-A81B-41C3583CCE89}" = Anti-Vibrate Oscar Editor
"InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}" = IL-2 Sturmovik 1946
"InstallShield_{8A56A332-F833-45CF-9A20-6F3524054843}" = James Bond 007(TM) - Blood Stone
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{FC8A7918-D65D-440C-9596-C88185E8DCA4}" = Drum Controller Standard Tuning Kit
"KaraFun_is1" = KaraFun 1.18
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Need For Speed World Online" = Need For Speed World Online
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"QuickTime" = QuickTime
"RealPlayer 12.0" = RealPlayer
"Scorpions WinCheater 1.10_is1" = Scorpions WinCheater 1.10
"Scorpions WinCheater 2.07 (s databází 111)_is1" = Scorpions WinCheater
"Star Wars: The Force Unleashed 2_is1" = Star Wars: The Force Unleashed 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 5" = TeamViewer 5
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.0.3
"VobSub" = VobSub 2.23
"WinAVI Video Converter" = WinAVI Video Converter
"WinRAR archiver" = WinRAR
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"World of Warcraft" = World of Warcraft
"Xvid_is1" = Xvid 1.2.2
"Yahoo! Companion" = Yahoo! Companion
"yuPlay клиент_is1" = yuPlay client 0.7.11

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CNET TechTracker" = CNET TechTracker
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 26.8.2010 17:40:08 | Computer Name = Intel-PC | Source = avast! | ID = 33554522
Description =

Error - 26.8.2010 17:40:40 | Computer Name = Intel-PC | Source = avast! | ID = 33554522
Description =

Error - 21.11.2010 6:05:45 | Computer Name = Intel-PC | Source = avast! | ID = 33554522
Description =

[ Application Events ]
Error - 27.7.2011 11:19:34 | Computer Name = Intel-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error - 27.7.2011 11:38:02 | Computer Name = Intel-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9

Error - 27.7.2011 11:38:02 | Computer Name = Intel-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error - 27.7.2011 11:46:42 | Computer Name = Intel-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 27.7.2011 14:01:37 | Computer Name = Intel-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9

Error - 27.7.2011 14:01:37 | Computer Name = Intel-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error - 27.7.2011 14:27:32 | Computer Name = Intel-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Windows\System32\systemcpl.dll
se nezdařilo. Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="&#x2a;",publicKeyToken="436865772d574741",type="win32",version="6.0.0.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 27.7.2011 17:03:00 | Computer Name = Intel-PC | Source = Software Protection Platform Service | ID = 8198
Description = Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9

Error - 27.7.2011 17:03:00 | Computer Name = Intel-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.

Error - 27.7.2011 18:18:31 | Computer Name = Intel-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7600.16385, časové
razítko: 0x4a5bced5 Název chybujícího modulu: ntdll.dll, verze: 6.1.7600.16385,
časové razítko: 0x4a5be02b Kód výjimky: 0xc0000005 Posun chyby: 0x000000000001adaa
ID
chybujícího procesu: 0x19c Čas spuštění chybující aplikace: 0x01cc4ca08e830988 Cesta
k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE Cesta k chybujícímu modulu:
C:\Windows\SYSTEM32\ntdll.dll ID zprávy: 5bc5e222-b89e-11e0-a648-00241ddfa8d5

[ Media Center Events ]
Error - 30.8.2010 11:21:05 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 17:21:05 - Chyba při připojování k Internetu 17:21:05 - Nelze kontaktovat
server..

Error - 30.8.2010 11:21:11 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 17:21:10 - Chyba při připojování k Internetu 17:21:10 - Nelze kontaktovat
server..

Error - 4.9.2010 6:58:36 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 12:58:36 - Chyba při připojování k Internetu 12:58:36 - Nelze kontaktovat
server..

Error - 4.9.2010 6:58:46 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 12:58:41 - Chyba při připojování k Internetu 12:58:41 - Nelze kontaktovat
server..

Error - 4.9.2010 7:59:12 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 13:59:12 - Chyba při připojování k Internetu 13:59:12 - Nelze kontaktovat
server..

Error - 4.9.2010 7:59:22 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 13:59:17 - Chyba při připojování k Internetu 13:59:17 - Nelze kontaktovat
server..

Error - 27.1.2011 11:04:47 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 16:04:47 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Nepodařilo se nastavit vztah důvěryhodnosti pro zabezpečený
kanál SSL/TLS..)

Error - 31.3.2011 10:07:52 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 16:07:48 - Chyba při připojování k Internetu 16:07:48 - Nelze kontaktovat
server..

Error - 31.3.2011 11:08:46 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 17:08:46 - Chyba při připojování k Internetu 17:08:46 - Nelze kontaktovat
server..

Error - 31.3.2011 11:09:16 | Computer Name = Intel-PC | Source = MCUpdate | ID = 0
Description = 17:09:15 - Chyba při připojování k Internetu 17:09:15 - Nelze kontaktovat
server..

[ System Events ]
Error - 27.7.2011 14:01:34 | Computer Name = Intel-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 27.7.2011 14:01:34 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 27.7.2011 14:49:50 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 27.7.2011 15:49:50 | Computer Name = Intel-PC | Source = Service Control Manager | ID =Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 27.7.2011 16:49:50 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7023
Description = Služba Služba Oznámení platformy SPP byla ukončena s následující chybou:
%%5

Error - 27.7.2011 17:02:54 | Computer Name = Intel-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (23:01:19, ?27.?7.?2011) bylo neočekávané.

Error - 27.7.2011 17:03:07 | Computer Name = Intel-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.

Error - 27.7.2011 17:03:07 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275

Error - 27.7.2011 17:08:21 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7034
Description = Služba hpqcxs08 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error - 27.7.2011 17:08:21 | Computer Name = Intel-PC | Source = Service Control Manager | ID = 7034
Description = Služba Služba HP CUE DeviceDiscovery byla neočekávaně ukončena. Tento
stav nastal již 1krát.


< End of report >