záseky ntb - vista - výpis hjt Vyřešeno

[pikaso.andreas]

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

A zatím to vypadá dobře, teď jsem na ntb 3 hodiny nesáhl, jsem zaklapl víko a ok... Ale nechci to zakříknout

[Reklama]

[Damned]

Odinstaluj ComboFix ( nutné ) .
ComboFix se odinstaluje takto:
Start-Spustit a zadej Combofix[mezera]/uninstall

Stáhni si T-Cleaner ( nutné - smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš)

(pozn.Pokud máš AVG nebo Aviru, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG i Aviru (i rezidenty), následně T-Cleaner smaž a zapni si AVG, Aviru.)
*****************************************************************************************************************************************
Stáhni si OTL na Plochu.
Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Output klikni na minimal Output.Pod Standard Registry změň na All. Zatrhni LOP Check a Purity Check. File age změň na 14 days. Všechny ostatní nastavení ponech jak jsou. Klikni na Run Scan. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj

[pikaso.andreas]

otl
OTL logfile created on: 28.2.2010 16:29:27 - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Users\Ondra\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,99 Gb Total Space | 45,95 Gb Free Space | 20,33% Space Free | Partition Type: NTFS
Drive D: | 226,03 Gb Total Space | 29,97 Gb Free Space | 13,26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive O: | 465,76 Gb Total Space | 68,09 Gb Free Space | 14,62% Space Free | Partition Type: NTFS

Computer Name: ANDREASBIGPLACE
Current User Name: Ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Ondra\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Ondra\Dokumenty\Downloads\T-Cleaner.exe ()
PRC - C:\Users\Ondra\AppData\Local\temp\RtkBtMnt.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Cyberlink\Shared files\RichVideo.exe ()
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
PRC - C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
PRC - C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
PRC - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Windows\System32\CNAC4RPK.EXE (CANON INC.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Synaptics, Inc.)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Windows\System32\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Acer\Mobility Center\MobilityService.exe ()
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Ondra\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\SysHook.dll (Acer Inc.)


========== Win32 Services (SafeList) ==========

SRV - (TuneUp.Defrag) -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe (TuneUp Software)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (gupdate1ca1091a0e80399) Služba Google Update (gupdate1ca1091a0e80399) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (Adobe LM Service) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (RichVideo) Cyberlink RichVideo Service(CRVS) -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (ETService) -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MobilityService) -- C:\Acer\Mobility Center\MobilityService.exe ()
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (LightScribeService) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (XAudioService) -- C:\Windows\System32\drivers\XAudio.exe (Conexant Systems, Inc.)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (Irmon) -- C:\Windows\System32\irmon.dll (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Computer, Inc.)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - ({B154377D-700F-42cc-9474-23858FBDF4BD}) -- C:\Program Files\PowerDVD9\PowerDVD9\000.fcl (CyberLink Corp.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (s0017mdm) -- C:\Windows\System32\drivers\s0017mdm.sys (MCCI Corporation)
DRV - (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM) -- C:\Windows\System32\drivers\s0017unic.sys (MCCI Corporation)
DRV - (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s0017mgmt.sys (MCCI Corporation)
DRV - (s0017obex) -- C:\Windows\System32\drivers\s0017obex.sys (MCCI Corporation)
DRV - (s0017bus) Sony Ericsson Device 0017 driver (WDM) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS) -- C:\Windows\System32\drivers\s0017nd5.sys (MCCI Corporation)
DRV - (s0017mdfl) -- C:\Windows\System32\drivers\s0017mdfl.sys (MCCI Corporation)
DRV - (hidshim) -- C:\Windows\System32\drivers\hidshim.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (nuvotonhidgeneric) -- C:\Windows\System32\drivers\nuvotonhidgeneric.sys (Nuvoton Technology Corporation)
DRV - (int15) -- C:\Windows\System32\drivers\int15.sys (Acer, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (psdvdisk) -- C:\Windows\System32\drivers\PSDVdisk.sys (Egis Incorporated)
DRV - (PSDFilter) -- C:\Windows\system32\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV - (PSDNServ) -- C:\Windows\System32\drivers\PSDNServ.sys (Egis Incorporated)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ENTECH) -- C:\Windows\System32\drivers\Entech.sys (EnTech Taiwan)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (NTIDrvr) -- C:\Windows\System32\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (NSCIRDA) -- C:\Windows\System32\drivers\nscirda.sys (National Semiconductor Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (HSFHWAZL) -- C:\Windows\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (ATITool) -- C:\Windows\System32\drivers\ATITool.sys ()
DRV - (DKbFltr) -- C:\Windows\System32\drivers\DKbFltr.sys (Dritek System Inc.)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (mdmxsdk) -- C:\Windows\System32\drivers\mdmxsdk.sys (Conexant)
DRV - (VD_FileDisk) -- C:\Windows\System32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: tabscope@xuldev.org:0.3
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c9626}:1.6
FF - prefs.js..extensions.enabledItems: {b41cb5f0-2e52-11de-8c30-0800200c9a66}:2.0.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.06.30 15:57:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.05.29 08:09:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.02.13 21:41:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.02.08 16:09:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.02.13 21:41:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.23\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2009.11.08 14:14:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2009.07.08 20:45:49 | 000,000,000 | ---D | M]

[2009.04.10 18:33:46 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions
[2009.04.10 18:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.02.26 09:38:53 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions
[2009.11.15 15:23:01 | 000,000,000 | ---D | M] (ANTHEM) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{07b2a769-ed19-4483-87ce-c643914c9626}
[2009.07.23 20:57:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.26 09:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}
[2010.02.26 09:28:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}
[2009.11.08 14:04:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6}
[2010.01.29 21:47:37 | 000,000,000 | ---D | M] (Black Stratini) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{b41cb5f0-2e52-11de-8c30-0800200c9a66}
[2010.01.16 13:40:04 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.02.26 09:28:21 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\camifox@altmusictv.com
[2010.02.26 09:28:26 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\chromifox@altmusictv.com
[2010.01.29 21:47:37 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\extensions\tabscope@xuldev.org
[2010.02.26 00:58:58 | 000,001,000 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\majestic-seo.xml
[2009.06.28 22:53:32 | 000,001,679 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\thepiratebayorg.xml
[2010.02.26 09:38:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.02.08 16:09:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.12.07 18:21:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.01.16 04:11:42 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.01.16 04:11:42 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009.10.11 04:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.10.28 13:17:37 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.16 04:11:42 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007.03.22 18:23:30 | 000,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009.11.08 14:13:56 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2009.11.08 14:14:06 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2009.11.08 14:13:52 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010.01.16 01:50:40 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.01.16 01:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 01:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 01:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 01:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 01:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.02.28 08:44:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF29668.cfx File not found
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.16.16.161 88.146.158.2
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
O24 - Desktop BackupWallPaper: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010.02.28 16:22:50 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2010.02.28 10:27:07 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\Adobe
[2010.02.28 08:49:21 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.02.28 08:49:21 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\temp
[2010.02.28 08:44:23 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2010.02.27 22:12:41 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\Apple
[2010.02.27 21:58:29 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.02.26 17:47:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Protexis
[2010.02.26 17:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2010.02.24 07:25:04 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.02.24 07:24:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.02.24 07:23:57 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.02.24 07:23:56 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.02.24 07:23:51 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.02.24 07:23:50 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.02.24 07:23:49 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.02.24 07:23:49 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.02.24 07:23:48 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.02.24 07:23:48 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.02.24 07:23:47 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2010.02.24 07:23:41 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2010.02.24 07:23:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2010.02.24 07:23:38 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2010.02.22 14:30:52 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Roaming\OpenOffice.org
[2010.02.22 14:25:18 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.02.21 17:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\RCHelicopter
[2010.02.20 09:56:30 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\Logitech
[2010.02.17 21:38:47 | 000,000,000 | ---D | C] -- C:\Users\Ondra\Documents\Rockstar Games
[2010.02.17 21:28:50 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.02.17 21:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.02.17 20:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010.02.17 20:00:14 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010.02.16 15:41:43 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\Ubisoft
[2010.02.16 15:38:38 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.02.16 15:38:38 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.02.16 15:38:36 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.02.16 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.02.16 15:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.02.16 15:26:24 | 000,078,784 | ---- | C] (Macrovision Corporation) -- C:\Windows\System32\ISUSPM.cpl
[2010.02.16 15:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\Shaun White Snowboarding
[2010.02.15 14:41:41 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\Wheelman
[2010.02.15 14:41:41 | 000,000,000 | ---D | C] -- C:\Users\Ondra\AppData\Local\PC
[2009.04.11 07:06:11 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Ondra\Documents\*.tmp files -> C:\Users\Ondra\Documents\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010.02.28 16:27:03 | 008,769,536 | ---- | M] () -- C:\Users\Ondra\ntuser.dat
[2010.02.28 16:23:37 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Users\Ondra\Desktop\OTL.exe
[2010.02.28 16:21:06 | 000,000,960 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.02.28 16:18:58 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.02.28 16:18:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.28 16:18:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.28 16:18:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.28 16:18:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.28 16:18:40 | 3215,945,728 | -HS- | M] () -- C:\hiberfil.sys
[2010.02.28 16:17:50 | 000,524,288 | -HS- | M] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010.02.28 16:17:50 | 000,065,536 | -HS- | M] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TM.blf
[2010.02.28 16:17:49 | 006,291,456 | -H-- | M] () -- C:\Users\Ondra\AppData\Local\IconCache.db
[2010.02.28 15:58:40 | 000,524,288 | -HS- | M] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010.02.28 12:46:55 | 008,912,896 | -HS- | M] () -- C:\Users\Ondra\NTUSER.DAT_tureg_old
[2010.02.28 12:46:53 | 000,524,288 | -HS- | M] () -- C:\Users\Ondra\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.02.28 12:46:53 | 000,065,536 | -HS- | M] () -- C:\Users\Ondra\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.02.28 09:24:13 | 000,200,704 | ---- | M] () -- C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.28 08:44:29 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2010.02.28 08:44:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.02.27 22:09:47 | 000,001,386 | ---- | M] () -- C:\Users\Ondra\Documents\cc_20100227_220944.reg
[2010.02.26 19:20:21 | 002,469,152 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.02.26 17:49:37 | 000,447,088 | ---- | M] () -- C:\Windows\System32\GDIPFONTCACHEV1.DAT
[2010.02.24 09:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.02.24 09:14:38 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.02.24 09:14:38 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.02.24 09:14:38 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.02.24 09:14:38 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.02.24 09:14:37 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.02.19 20:16:46 | 000,000,003 | ---- | M] () -- C:\Windows\Twain001.Mtx
[2010.02.19 20:16:45 | 000,000,156 | ---- | M] () -- C:\Windows\Twunk001.MTX
[2010.02.19 16:32:44 | 000,102,729 | -H-- | M] () -- C:\treeinfo.wc
[2010.02.17 21:28:50 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2010.02.16 15:42:54 | 000,000,199 | ---- | M] () -- C:\DARE.INI
[2010.02.16 15:13:00 | 000,271,360 | ---- | M] () -- C:\Users\Ondra\Documents\Věc.doc
[2010.02.16 14:00:37 | 000,000,162 | -H-- | M] () -- C:\Users\Ondra\Documents\~$Věc.doc
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Ondra\Documents\*.tmp files -> C:\Users\Ondra\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.28 12:48:07 | 000,524,288 | -HS- | C] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms
[2010.02.28 12:48:07 | 000,524,288 | -HS- | C] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010.02.28 12:48:07 | 000,065,536 | -HS- | C] () -- C:\Users\Ondra\ntuser.dat{80b15ae4-245e-11df-95cf-806e6f6e6963}.TM.blf
[2010.02.28 08:05:49 | 000,000,960 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2010.02.27 22:09:46 | 000,001,386 | ---- | C] () -- C:\Users\Ondra\Documents\cc_20100227_220944.reg
[2010.02.16 15:42:54 | 000,000,199 | ---- | C] () -- C:\DARE.INI
[2010.02.16 14:00:37 | 000,271,360 | ---- | C] () -- C:\Users\Ondra\Documents\Věc.doc
[2010.02.16 14:00:37 | 000,000,162 | -H-- | C] () -- C:\Users\Ondra\Documents\~$Věc.doc
[2010.02.10 09:00:55 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.10.10 22:15:19 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009.08.30 18:38:16 | 000,000,031 | ---- | C] () -- C:\Windows\idc.ini
[2009.08.30 18:38:02 | 000,000,148 | ---- | C] () -- C:\Windows\usdthank.ini
[2009.07.03 22:00:41 | 000,000,000 | ---- | C] () -- C:\Windows\bench32.INI
[2009.07.01 15:04:17 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.04.24 15:23:49 | 000,000,308 | ---- | C] () -- C:\Windows\game.ini
[2009.04.12 14:31:36 | 000,782,336 | ---- | C] () -- C:\Windows\System32\IlmImf.dll
[2009.04.12 14:31:36 | 000,446,464 | ---- | C] () -- C:\Windows\System32\Photomatix_jpg.dll
[2009.04.12 14:31:36 | 000,353,280 | ---- | C] () -- C:\Windows\System32\pmtf2.dll
[2009.04.12 14:31:36 | 000,266,240 | ---- | C] () -- C:\Windows\System32\Photomatix25Lib.dll
[2009.04.12 14:31:36 | 000,249,856 | ---- | C] () -- C:\Windows\System32\Photomatix25Lib2.dll
[2009.04.12 14:31:36 | 000,205,824 | ---- | C] () -- C:\Windows\System32\pmtf1.dll
[2009.04.12 14:31:36 | 000,204,288 | ---- | C] () -- C:\Windows\System32\pmtf3.dll
[2009.04.12 14:31:36 | 000,167,936 | ---- | C] () -- C:\Windows\System32\Photomatix25Lib3.dll
[2009.04.12 14:31:36 | 000,053,248 | ---- | C] () -- C:\Windows\System32\pmexr.dll
[2009.04.12 14:31:36 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmbm.dll
[2009.04.10 21:06:03 | 000,000,091 | ---- | C] () -- C:\ProgramData\PS.log
[2009.04.10 19:50:40 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.04.10 19:38:28 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.04.10 19:38:28 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009.04.10 19:34:29 | 000,200,704 | ---- | C] () -- C:\Users\Ondra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.10 15:50:53 | 000,006,068 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.04.10 15:48:01 | 000,092,425 | ---- | C] () -- C:\Users\Ondra\AppData\Local\edsinstaller.txt-20090410.log
[2009.04.10 15:35:36 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.04.10 15:35:36 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009.04.10 15:31:29 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.01.30 04:49:44 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.01.30 04:34:56 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2009.01.30 04:34:56 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008.11.11 04:27:31 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.11.11 04:27:24 | 000,872,448 | ---- | C] () -- C:\Windows\iconv.dll
[2008.11.11 04:27:24 | 000,743,424 | ---- | C] () -- C:\Windows\libxml2.dll
[2008.11.11 04:26:52 | 000,000,040 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2006.11.10 14:08:50 | 000,024,064 | ---- | C] () -- C:\Windows\System32\drivers\ATITool.sys
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009.01.30 04:20:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Acer GameZone Console
[2009.07.05 21:38:10 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AltrixSoft
[2009.12.01 18:32:17 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\AmazeCopy
[2009.05.08 11:54:48 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Ashampoo
[2009.10.18 13:01:40 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Atari
[2009.12.20 18:47:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Canon
[2009.06.27 19:19:47 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Command & Conquer 3 Kane's Wrath
[2009.06.06 18:06:14 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2009.06.28 00:45:15 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools
[2009.11.17 23:39:59 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
[2009.04.10 18:25:43 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\ESET
[2010.01.25 22:41:29 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\FileZilla
[2009.04.11 08:56:54 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Flood Light Games
[2009.07.13 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Foxit
[2010.01.23 15:04:35 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\GHISLER
[2009.12.28 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HateML
[2009.04.10 18:27:10 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\HEXelon
[2010.01.24 13:25:30 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\IBP
[2009.09.28 10:13:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Leadertech
[2009.07.01 08:41:57 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Micropro
[2010.02.18 09:48:19 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\MyPhoneExplorer
[2009.05.29 08:12:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Nokia
[2010.02.22 14:30:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\OpenOffice.org
[2009.10.21 18:21:02 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\PC Suite
[2009.11.24 18:02:25 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Publish Providers
[2009.11.24 20:35:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Sony
[2010.01.29 22:04:52 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Thinstall
[2009.04.11 07:53:44 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Thunderbird
[2010.02.14 14:54:21 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Tropico 3
[2010.01.09 11:58:55 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\TuneUp Software
[2010.02.23 14:32:56 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\uTorrent
[2009.08.30 19:05:15 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\VitySoft
[2009.11.29 02:37:58 | 000,000,000 | ---D | M] -- C:\Users\Ondra\AppData\Roaming\Zoner
[2010.02.28 16:17:52 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 229 bytes -> C:\ProgramData\Temp:8FF81EB0
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:F3176E45
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F65733F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:4D066AD2
< End of report >

[pikaso.andreas]

extras
OTL Extras logfile created on: 28.2.2010 16:29:27 - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Users\Ondra\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,99 Gb Total Space | 45,95 Gb Free Space | 20,33% Space Free | Partition Type: NTFS
Drive D: | 226,03 Gb Total Space | 29,97 Gb Free Space | 13,26% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive O: | 465,76 Gb Total Space | 68,09 Gb Free Space | 14,62% Space Free | Partition Type: NTFS

Computer Name: ANDREASBIGPLACE
Current User Name: Ondra
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 14 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.txt [@ = txtfile] -- C:\Program Files\PSPad editor\PSPad.exe (Prog-Soft s.r.o.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- "C:\Program Files\PSPad editor\PSPad.exe" "%1" (Prog-Soft s.r.o.)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4016117494-3182526739-4166363913-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D955381-DA4E-44B1-95F9-FDC73F3CE258}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{117100AA-F849-4646-960D-61D442501F53}" = rport=445 | protocol=6 | dir=out | app=system |
"{22FB2B2A-1A58-4A11-88FD-2C4193440B33}" = lport=138 | protocol=17 | dir=in | app=system |
"{2BFA6553-CD58-4967-8942-BE55D9CE8F58}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2D17F6D4-8652-455A-93FC-46D94377E8B0}" = lport=5190 | protocol=6 | dir=in | name=icq |
"{32482510-D3AC-427F-9E21-AE095F07898B}" = lport=139 | protocol=6 | dir=in | app=system |
"{32CDB320-FB37-4B4E-9F8E-23C8EEC70A27}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{44989B5E-DD40-4B0B-9906-839B140235E7}" = lport=137 | protocol=17 | dir=in | app=system |
"{4F5B9F66-189A-4A40-A64E-FD35DEF49207}" = rport=138 | protocol=17 | dir=out | app=system |
"{810A9B39-66CC-43F8-B2D0-97657E5C74AA}" = rport=139 | protocol=6 | dir=out | app=system |
"{B526155D-3C67-4CD4-929A-CEECA600DA5F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BC8A579C-E123-4A70-BEC2-BD6E98095920}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C38BA5D8-EF97-4A10-A379-71072052ECC8}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C810A3A6-C686-447F-B03B-0710B13B3330}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD9E6F29-EC7A-4DDD-A5C9-0CCACEB0A458}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E1243BB3-87F4-4834-9868-39EE1831E302}" = lport=445 | protocol=6 | dir=in | app=system |
"{E67D813B-60EC-44EE-A6B0-4BD111749839}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E93F2F45-042E-41F8-9D4E-33D248E53E92}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F79975C6-3398-4464-9F30-07C754132D71}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008BFE9D-699D-4454-8445-FDC9A7642F7C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{06D467AD-6CCD-4A0F-BD0C-B16364DFF60F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{11190A18-1C97-4FBF-B9F1-66B62CE5F62A}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{26085DE0-0986-448A-B1AD-94C1C7A68903}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{374CD0C6-968D-4C23-9B42-8AB5C0D5A9EE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3BE0DA2D-9170-48F7-A8FD-E443A5032ECF}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{409019E9-3995-42C1-A31E-35600895B2E9}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{44F04412-CAA8-4078-BC65-9821A8C7D98E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{4D12F60C-4C6D-43C1-8081-87501C2D0E11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4D1FA083-B649-45DB-8149-94D84548C6E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5B695173-254B-4E8A-A388-13766F88FD1F}" = protocol=17 | dir=in | app=c:\program files\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{5CB60EEF-A44E-4B60-AAC6-A53CCB9B19DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71036223-2C77-4AAE-9868-A43D3DE6614A}" = dir=in | app=c:\program files\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat |
"{75BB6993-F07F-4166-BC04-7E869BAF28C1}" = protocol=6 | dir=in | app=c:\program files\call of duty 4 - modern warfare\iw3mp.exe |
"{863CD40B-A3C7-4DA6-A274-FA957AB81497}" = protocol=6 | dir=in | app=c:\program files\shaun white snowboarding\shaunwhitesnowboardinggame.exe |
"{882DDE59-771B-49CF-A027-930316B34C12}" = dir=in | app=c:\program files\powerdvd9\powerdvd9\powerdvd9.exe |
"{8868616E-1913-4B52-9954-ECD12F40CF74}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{8FB96DFA-D4DD-4CA7-BBE7-203756FA30B2}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{95329B7B-C08A-42ED-AE6F-E93FE77F1BBA}" = protocol=17 | dir=in | app=c:\program files\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{9D148695-7646-46BD-8B08-778F20EB910A}" = protocol=17 | dir=in | app=c:\program files\call of duty 4 - modern warfare\iw3mp.exe |
"{A0522460-ECA8-4738-991F-4D15088B2364}" = protocol=6 | dir=in | app=c:\program files\shaun white snowboarding\shaunwhitesnowboarding.exe |
"{A33AD644-3902-4879-9D40-5EBE94844509}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{AF09C14D-6EEF-4E8C-BAD7-4C52E4D77109}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B5D20B65-5F89-4C1C-8F3B-94A1AD3E9261}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update service\update service.exe |
"{BD154A85-4C98-4C89-9072-7A53058D48CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C11FBEBC-EF86-461E-92BF-3E4AE00F0387}" = dir=in | app=c:\program files\powerdvd9\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{CB0F2E22-E7B2-4554-A834-D5F9B62E8B82}" = dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat |
"{D0C3D6CD-AC2C-40E0-926C-74067024088A}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D27F56BD-C618-412B-AD96-A97275287BA8}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{DEA89D5F-8A65-4FCB-B42E-46F538B5BEE9}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{F1C1FA6C-56F9-47B2-9FB6-D81E5CF9F89C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{057FF98E-57B0-42DC-9664-A4D4DA487C35}C:\program files\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat |
"TCP Query User{15A38188-8C19-48FB-9CDC-4F8112C1947D}C:\users\ondra\desktop\prace\team\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\ondra\desktop\prace\team\teamviewer.exe |
"TCP Query User{2C975ADB-33B6-4E9C-B3F8-861A584A6B79}O:\download\left 4 dead\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=6 | dir=in | app=o:\download\left 4 dead\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"TCP Query User{473D51B5-699D-447E-AD10-D0C7AFD8C160}C:\program files\counterstrike 1.6 z killzone.cz\hl.exe" = protocol=6 | dir=in | app=c:\program files\counterstrike 1.6 z killzone.cz\hl.exe |
"TCP Query User{476A0FBE-6ECA-48A0-B6D8-8B4F230BC179}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{4D1D3A92-E397-4DB4-9CEF-6242D9B09ECB}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{579D6BC1-BC98-4E0D-8C49-DEC352F166C3}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{771BA0DB-7442-439C-A92D-B8ADADF2C3C1}C:\program files\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"TCP Query User{807B277E-8A1D-40C3-B3BD-15A3AB876502}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"TCP Query User{9321C0B3-C35C-4465-94A7-D06B20B902CC}C:\program files\total up\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\total up\totalcmd.exe |
"TCP Query User{9EDB7DAF-27B5-4A53-B44C-26DC1E2E9825}C:\program files\valve\cs1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\cs1.6\hl.exe |
"TCP Query User{A306A9A8-7F59-451C-99CA-AE55717DB5EF}C:\program files\valve\cs1.6\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\cs1.6\hl.exe |
"TCP Query User{ADC8AC98-73DB-49B3-9BC8-3833DF8F7F6A}C:\program files\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat" = protocol=6 | dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat |
"TCP Query User{CB848779-2654-4AF7-9C37-8DB74C26BF5A}C:\program files\total up\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\total up\totalcmd.exe |
"UDP Query User{00B19AE6-B134-406C-8391-9DE816FCCB9D}C:\users\ondra\desktop\prace\team\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\ondra\desktop\prace\team\teamviewer.exe |
"UDP Query User{0D6BE1AA-5550-4545-8B93-F103EF4AE6CF}C:\program files\counterstrike 1.6 z killzone.cz\hl.exe" = protocol=17 | dir=in | app=c:\program files\counterstrike 1.6 z killzone.cz\hl.exe |
"UDP Query User{15ECA576-40F0-4215-8B71-500827086837}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{16AC0701-D27C-495A-95AF-E14217B53101}C:\program files\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files\counter-strike source\hl2.exe |
"UDP Query User{1A6C41D8-4E5D-42FD-8D8F-5D239DF50055}C:\program files\total up\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\total up\totalcmd.exe |
"UDP Query User{22288D8E-C926-41A8-90DC-84218FA3DB41}C:\program files\total up\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\total up\totalcmd.exe |
"UDP Query User{4D36CEE6-9560-4869-8EBF-19D565DC2860}C:\program files\valve\cs1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\cs1.6\hl.exe |
"UDP Query User{66AFDB64-C9E8-4646-8617-AD13CA71EAF3}O:\download\left 4 dead\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe" = protocol=17 | dir=in | app=o:\download\left 4 dead\left.4.dead.full-rip.skullptura\left 4 dead\left4dead.exe |
"UDP Query User{71F10250-EA75-4AF0-B548-7E4FF38FA741}C:\program files\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 3 kane's wrath\retailexe\1.1\cnc3ep1.dat |
"UDP Query User{8E0507F0-BF46-47A1-97F9-38B40467AEE4}C:\program files\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat" = protocol=17 | dir=in | app=c:\program files\electronic arts\command & conquer 3\retailexe\1.4\cnc3game.dat |
"UDP Query User{C172FAE3-EF80-430C-B210-BE448C01B940}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{CDE4E882-B543-420A-AB0B-B391740CF48D}C:\program files\valve\cs1.6\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\cs1.6\hl.exe |
"UDP Query User{CF97C555-BF5C-49A3-92E7-80C1C1651ED2}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{EBA91F1E-07D5-413D-AC72-0A4AE23D20A4}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW(R) Graphics Suite X4
"_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6400
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{07A540AB-D785-11D5-8E89-0090275862A0}" = Corel Graphics Suite 11
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0901FCE8-5415-4499-BBC8-1AA106DD66E2}" = Adobe Setup
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Pomocník pro přihlášení ke službě Windows Live ID
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{13B792AA-C078-43A4-8A3A-8B12D629940D}" = Counter-Strike 1.6
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}" = PDF Settings
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2E52FB79-7F60-4AD7-B946-5ED18B4F274E}" = ShaunWhiteSnowboarding
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.009.00
"{302E9B7B-2B6A-4C29-9A02-9F2110649779}" = Nuvoton EC Generic HID Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{33BC9D7E-E790-495E-A4EA-CFB160C17A91}" = Logitech Gaming Software 5.08
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Software Intel(R) PROSet/Wireless WiFi
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{44A27085-0616-4181-A0C3-81C7ECA17F73}" = CorelDRAW Graphics Suite X4
"{5178C1BB-1EB1-4468-894B-7DE964DDCAA2}" = Adobe Photoshop CS3
"{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}" = Adobe Audition 3.0
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{6179A7D2-A668-4F1D-BC9A-DCC6A10C7871}" = Adobe Color NA Extra Settings
"{69A13D2F-A08F-619A-1D42-94CB96F3635A}" = ATI Catalyst Install Manager
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6D12B99F-EAAA-49D8-8E2F-74FA7459CCB2}" = Adobe Asset Services CS3
"{6EC3499F-025A-4EDB-A03D-AB3DC042051D}" = Adobe Setup
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}" = Nokia PC Suite
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{7F05E704-30A6-421A-97A7-8EEB1C7FF010}" = CorelDRAW Graphics SUite X4 - ICA
"{7F05E704-30A6-421A-97A7-8EEB1C7FF012}" = CorelDRAW Graphics Suite X4 - Capture
"{7F05E704-30A6-421A-97A7-8EEB1C7FF013}" = CorelDRAW Graphics Suite X4 - Draw
"{7F05E704-30A6-421A-97A7-8EEB1C7FF014}" = CorelDRAW Graphics Suite X4 - PP
"{7F05E704-30A6-421A-97A7-8EEB1C7FF016}" = CorelDRAW Graphics Suite X4 - Content
"{7F05E704-30A6-421A-97A7-8EEB1C7FF017}" = CorelDRAW Graphics Suite X4 - Filters
"{7F05E704-30A6-421A-97A7-8EEB1C7FF019}" = CorelDRAW Graphics Suite X4 - FontNav
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8075BC83-7F8F-4FE0-9792-685723B06713}" = ESET Smart Security
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{824BADF8-9A1B-4D07-8817-8DDDC8543F23}" = OpenOffice.org 3.1
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0405-0000-0000000FF1CE}" = Sada Compatibility Pack pro systém Office 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}" = CorelDRAW Graphics Suite X4 - IPM
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.9.2
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B61D21B6-469D-4423-B161-62DB20B8A70E}" = Visual Basic for Applications (R) Core - English
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B8B0FC8B-E69B-4215-AF1A-4BDFF20D794B}" = pdfforge Toolbar v1.0
"{B93E815A-ED3F-436C-8175-C0BB1AD4AA36}" = OSCAR Editor
"{B96D2269-568B-4CBF-9332-12FAE8B158F7}" = Medieval CUE Splitter
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD087F50-46B2-43E4-BD73-5DB3DC20B47C}" = Adobe Color EU Recommended Settings
"{BF439B41-0252-48DE-8B8B-0430CB26A181}" = CorelDRAW Graphics Suite X4 - VBA
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kane's Wrath
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE2DA11A-917F-4CF5-AB55-755EC115DD10}" = CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D6CD1A90-1421-4F19-AFD8-BE4E28A1D6D5}" = Adobe Illustrator CS3
"{D92B72E2-C854-4738-8ED6-4C3661CC17AE}" = Adobe Color JA Extra Settings
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB81779E-7CC5-4630-BCFC-754004956444}" = Visual Basic for Applications (R) Core
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"{FFFE7261-2318-4227-B827-E9E05E16DFE5}" = CorelDRAW Graphics Suite X4 - Lang CZ
"µTorrent CZ_is1" = µTorrent CZ 1.8.4 (build 16442)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Adobe Audition 3.0" = Adobe Audition 3.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_4977c84bcdc298c444ccfbdcccb660d" = Adobe Photoshop CS3
"Adobe_b5ed30048e229c36945fd3d95860c0b" = Adobe Illustrator CS3
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"AMCap" = AMCap
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Bryce 6.3 6.3.0.84" = Bryce 6.3
"Bryce 6.3 Content 6.3.0.84" = Bryce 6.3 Content
"Bryce Lightning 6.3 6.3.0.84" = Bryce Lightning 6.3
"Canon LBP5000" = Canon LBP5000
"CCleaner" = CCleaner
"Clear FTP 2006_is1" = Clear FTP 2006 verze 1.01
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118" = HDAUDIO Soft Data Fax Modem with SmartCP
"Counter-Strike: Source" = Counter-Strike: Source
"Counter-Strike: Source Texture Pack 1.00" = Counter-Strike: Source Texture Pack 1.00
"D978F69D5F15B845BD6BC6F8BF9BCD36982A2087" = Balíček ovladače systému Windows - Nokia Modem (02/24/2009 4.0)
"E7F682214B951640C9C539C41FDA1A7F836FF7B6" = Balíček ovladače systému Windows - Nokia Modem (02/23/2009 7.01.0.2)
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"ffdshow_is1" = ffdshow [rev 1928] [2008-04-10]
"FileZilla Client" = FileZilla Client 3.3.1
"FlatOut Ultimate Carnage" = FlatOut Ultimate Carnage
"FormatFactory" = FormatFactory 2.10
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"GOM Player" = GOM Player
"Google Updater" = Google Updater
"GridVista" = Acer GridVista
"HaaliMkx" = Haali Media Splitter
"HD Tune_is1" = HD Tune 2.54
"HijackThis" = HijackThis 2.0.2
"InstallShield_{07A540AB-D785-11D5-8E89-0090275862A0}" = CorelDRAW Graphics Suite 11
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{B93E815A-ED3F-436C-8175-C0BB1AD4AA36}" = OSCAR Editor
"left 4 dead 1014 FULL PATCH" = left 4 dead 1014 FULL PATCH
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaInfo" = MediaInfo 0.7.20
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"Mozilla Thunderbird (2.0.0.23)" = Mozilla Thunderbird (2.0.0.23)
"MPE" = MyPhoneExplorer
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"Nokia PC Suite" = Nokia PC Suite
"OpenAL" = OpenAL
"Photomatix Pro_is1" = Photomatix Pro version 2.5
"PhotomatixPro3_is1" = Photomatix Pro version 3.0
"Plane Arcade" = Plane Arcade
"PowerISO" = PowerISO
"PSPad editor_is1" = PSPad editor
"Qip Infium packverze: 9030 RC4 s IRC protokolem" = Qip Infium pack verze: 9030 RC4 s IRC protokolem
"rajče.net_is1" = rajče beta53 sestavení 96
"RC Helicopter" = RC Helicopter
"RealPlayer 12.0" = RealPlayer
"S7Z" = #7Z 0.7.5 - 7-Zip GUI
"Scorpions WinCheater 2.07 (s databází 109)_is1" = Scorpions WinCheater
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.12.2.4
"SWiSHmax" = SWiSHmax
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TC UP" = Total Commander Ultima Prime 4.7.0.0
"Teleport Pro" = Teleport Pro
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Trials 2 Second Edition_is1" = Trials 2 Second Edition v1.08
"Tropico3" = Tropico 3 1.00
"TuneUp Utilities" = TuneUp Utilities
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"Winamp" = Winamp (remove only)
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World Racing 2" = World Racing 2
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Tropico 3: Steam Special Edition Upgrade" = Tropico 3: Steam Special Edition Upgrade

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 27.2.2010 17:33:28 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 27.2.2010 17:43:38 | Computer Name = AndreasBigPlace | Source = Google Update | ID = 20
Description =

Error - 28.2.2010 3:03:44 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 3:11:20 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 3:18:43 | Computer Name = AndreasBigPlace | Source = Google Update | ID = 20
Description =

Error - 28.2.2010 3:27:30 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 5:32:48 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 7:47:57 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 10:59:50 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

Error - 28.2.2010 11:18:54 | Computer Name = AndreasBigPlace | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 28.2.2010 3:27:30 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7000
Description =

Error - 28.2.2010 3:27:31 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7026
Description =

Error - 28.2.2010 5:32:48 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7000
Description =

Error - 28.2.2010 5:32:49 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7026
Description =

Error - 28.2.2010 7:47:57 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7000
Description =

Error - 28.2.2010 7:47:58 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7026
Description =

Error - 28.2.2010 10:59:50 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7000
Description =

Error - 28.2.2010 10:59:51 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7026
Description =

Error - 28.2.2010 11:18:54 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7000
Description =

Error - 28.2.2010 11:18:55 | Computer Name = AndreasBigPlace | Source = Service Control Manager | ID = 7026
Description =

[ TuneUp Events ]
Error - 30.1.2010 12:10:26 | Computer Name = AndreasBigPlace | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 30.1.2010 12:10:26 | Computer Name = AndreasBigPlace | Source = TuneUp.UtilitiesSvc | ID = 300
Description =

Error - 30.1.2010 12:10:26 | Computer Name = AndreasBigPlace | Source = TuneUp.UtilitiesSvc | ID = 300
Description =


< End of report >

[Damned]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Custom Scans/Fixes do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
[2010.02.26 00:58:58 | 000,001,000 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\majestic-seo.xml
[2009.06.28 22:53:32 | 000,001,679 | ---- | M] () -- C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\thepiratebayorg.xml
O4 - HKLM..\Run: [combofix] C:\ComboFix\CF29668.cfx File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
@Alternate Data Stream - 229 bytes -> C:\ProgramData\Temp:8FF81EB0
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:05EE1EEF
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:F3176E45
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:73933431
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:F65733F1
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86
@Alternate Data Stream - 108 bytes -> C:\ProgramData\Temp:4D066AD2

:Files
C:\Windows\*.tmp
C:\Windows\System32\*.tmp
C:\Users\Ondra\Documents\*.tmp
C:\$RECYCLE.BIN
C:\Windows\tasks\SA.DAT
C:\Users\Ondra\Documents\cc_20100227_220944.reg
C:\Users\Ondra\Documents\~$Věc.doc
C:\DARE.INI
C:\ProgramData\PS.log

:Reg

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Run Fix. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

[pikaso.andreas]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\majestic-seo.xml moved successfully.
C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\7a9vku18.default\searchplugins\thepiratebayorg.xml moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\combofix deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
ADS C:\ProgramData\Temp:8FF81EB0 deleted successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
ADS C:\ProgramData\Temp:F3176E45 deleted successfully.
ADS C:\ProgramData\Temp:73933431 deleted successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:F65733F1 deleted successfully.
ADS C:\ProgramData\Temp:888AFB86 deleted successfully.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
========== FILES ==========
File\Folder C:\Windows\*.tmp not found.
C:\Windows\System32\tmp7C40.tmp moved successfully.
C:\Windows\System32\tmp7C60.tmp moved successfully.
C:\Windows\System32\tmpA822.tmp moved successfully.
C:\Windows\System32\tmpA842.tmp moved successfully.
C:\Windows\System32\tmpE523.tmp moved successfully.
C:\Windows\System32\tmpE572.tmp moved successfully.
C:\Users\Ondra\Documents\~.tmp moved successfully.
C:\$RECYCLE.BIN\S-1-5-21-4016117494-3182526739-4166363913-1000 folder moved successfully.
C:\$RECYCLE.BIN folder moved successfully.
C:\Windows\tasks\SA.DAT moved successfully.
C:\Users\Ondra\Documents\cc_20100227_220944.reg moved successfully.
C:\Users\Ondra\Documents\~$Věc.doc moved successfully.
C:\DARE.INI moved successfully.
C:\ProgramData\PS.log moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Ondra
->Temp folder emptied: 204800 bytes
->Temporary Internet Files folder emptied: 219145 bytes
->Java cache emptied: 55548059 bytes
->FireFox cache emptied: 47442652 bytes
->Google Chrome cache emptied: 181705107 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 272,00 mb


OTL by OldTimer - Version 3.1.30.3 log created on 02282010_170702

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[Damned]

To by mělo být vše.

Smaž složku C:\_OTL

Stáhni si ToolsCleaner2 (by de A.Rothstein & Dj Quiou) na Plochu a spusť ho.

Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění) a odstraň nalezené.
Zavři a smaž program.


Kdyby se něco zase objevilo, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se.

[pikaso.andreas]

Díků dík tobě i autoprdovi :-)