Prosím o kontrolu logu +

Fílek · Příspěvekod **Fílek** » 23 říj 2010 18:52

Dobrý večer, jsem tu už po druhé, po problému s Combofixem jsem svoje staré téma nevyřešil.
Opět mám menší problém s rychlostí PC. Paměti jsou zatížené na 50% v klidu, a počítač není uplně nejrychlejší. Do reinstallu systému se mi taky moc nechce :smile:

Děkuji za práci se mnou :wink:

Tady je log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:49:32, on 23.10.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18975)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\DU Meter\DUMeter.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Users\Fílek\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [WrtMon.exe] C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Fílek\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Miranda.lnk = C:\Program Files\Yaho's Miranda IM\miranda32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://login.facebook.com
O15 - Trusted Zone: http://*.facebook.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 8274 bytes

Reklama

Příspěvekod **memphisto** » 23 říj 2010 18:56

Vypni rezidentní štít Windows Defendera. Máš AVAST

Fixni:
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)

Pak udělej ten ATF a Mbam

Fílek · Příspěvekod **Fílek** » 23 říj 2010 19:13

Ten Windows Defender nevím jak ukončit, byl vypnutý, jak mám vypnout i rezidenční štít?

Mbam:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4927

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

23.10.2010 19:13:05
mbam-log-2010-10-23 (19-13-05).txt

Typ skenu: Rychlý sken
Skenované objekty: 145342
Uplynulý čas: 5 minuta(y), 10 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Příspěvekod **memphisto** » 23 říj 2010 19:17

Spustíš toho Defendera a tam v nastavení najdeš Vypnout rezidentní štít. Dál udělej tohle:

Stáhni si OTL
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

Fílek · Příspěvekod **Fílek** » 23 říj 2010 19:44

Pardon za zdržení..

OTL:

OTL logfile created on: 23.10.2010 19:20:54 - Run 1
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Users\Fílek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,14 Gb Total Space | 68,24 Gb Free Space | 27,95% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 118,70 Gb Free Space | 53,56% Space Free | Partition Type: NTFS
Drive M: | 298,09 Gb Total Space | 84,25 Gb Free Space | 28,26% Space Free | Partition Type: NTFS

Computer Name: FÍLEK-PC | User Name: Fílek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Fílek\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Fílek\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
PRC - C:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
PRC - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Fílek\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (DUMeterSvc) -- C:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MgiSvr) -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- E:\INSTALL\GMSIPCI.SYS File not found
DRV - (catchme) -- C:\Users\FLEK~1\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (DUMeterDrv) -- C:\Program Files\DU Meter\DUMetr32.sys (Hagel Technologies Ltd.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\Windows\System32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (VD_FileDisk) -- C:\Windows\System32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.12.03 22:31:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.26 09:38:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.22 15:05:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.23 15:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.26 09:38:16 | 000,000,000 | ---D | M]

[2010.09.17 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Extensions
[2010.09.17 23:00:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fílek\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.10.19 21:19:33 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions
[2010.09.18 12:58:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.21 20:06:07 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions\battlefieldheroespatcher@ea.com
[2010.09.24 13:56:54 | 000,002,059 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\searchplugins\daemon-search.xml
[2010.09.11 18:34:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.22 15:05:52 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.12.04 18:10:31 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}
[2010.01.16 19:06:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.06.11 12:56:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.22 15:05:51 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.09.22 15:05:51 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.09.22 15:05:52 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006.10.26 20:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2010.08.13 07:03:40 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010.01.07 17:46:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.12.03 11:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2009.10.21 04:10:38 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.09.10 14:59:54 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.09.10 14:59:54 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 14:59:54 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.10 14:59:54 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.10 14:59:54 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.10 14:59:54 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.09.17 22:53:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKCU..\Run: [Google Update] C:\Users\Fílek\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Domains: facebook.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: facebook.com ([login] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.3.1.1 212.80.66.7 212.80.66.8
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Fílek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Fílek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010.10.23 19:04:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.10.23 19:04:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.10.23 15:14:47 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.10.23 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.10.23 15:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.10.23 15:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.10.23 15:10:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.10.23 15:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.10.23 15:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010.10.23 15:07:24 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Microsoft Help
[2010.10.23 15:07:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.10.23 15:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.10.23 15:05:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.10.23 14:55:48 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\MS office 2007 cz + key
[2010.10.22 13:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.10.20 21:26:35 | 000,011,776 | ---- | C] (Microsoft) -- C:\Users\Fílek\Desktop\MWM_Resolution_Changer.exe
[2010.10.20 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\Street Legal Racing - Redline
[2010.10.20 19:05:42 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\HEXelon
[2010.10.20 19:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\TC UP
[2010.10.20 15:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Hagel Technologies
[2010.10.19 21:28:10 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\GHISLER
[2010.10.19 21:01:09 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\GHISLER
[2010.10.17 18:44:31 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\seki
[2010.10.17 16:17:07 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\TeamViewer
[2010.10.17 16:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010.10.17 09:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\SignSIS-GUI
[2010.10.17 09:40:42 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\Certifikace v PC
[2010.10.17 09:36:37 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\SignSISTool (1)
[2010.10.17 09:36:23 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\SignSISTool
[2010.10.17 09:35:56 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\5800
[2010.10.17 00:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Uloz.to Uploader
[2010.10.16 20:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.10.16 18:51:13 | 000,000,000 | ---D | C] -- C:\Program Files\Kwyshell
[2010.10.16 13:26:12 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\face
[2010.10.16 13:24:11 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\Sygic
[2010.10.15 18:41:47 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\Einvagen_Duhen_Ishima_Focer
[2010.10.14 13:23:20 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 13:22:50 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 13:22:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 13:22:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 13:22:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 13:22:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.14 13:22:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.14 13:22:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.14 13:22:17 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.14 13:22:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 13:22:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.14 13:22:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.14 13:22:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.14 13:22:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.14 13:22:17 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.14 13:22:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.14 13:22:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.14 13:22:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.14 13:22:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.14 13:22:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.14 13:21:45 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 13:21:44 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 13:21:15 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 13:21:13 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 13:21:12 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.09 21:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.10.09 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Square Enix
[2010.10.09 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\119614890733675764
[2010.10.09 18:06:49 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\119611678098138356
[2010.10.09 17:35:30 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.10.09 17:35:30 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.10.08 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Pointstone
[2010.10.06 17:56:56 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\ArcSoft
[2010.10.06 17:55:27 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Canon
[2010.10.04 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Microsoft Games
[2010.10.04 16:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.10.04 16:47:15 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.10.04 14:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Left 4 Dead 2
[2010.10.03 18:34:44 | 000,000,000 | RH-D | C] -- C:\Users\Fílek\AppData\Roaming\SecuROM
[2010.10.02 09:33:33 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\n73
[2010.10.01 15:00:20 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Screaming Bee
[2010.10.01 14:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2010.10.01 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\AV Vcs 4.0
[2010.09.30 20:06:05 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\eax.dll
[2010.09.30 20:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010.09.30 19:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia
[2010.09.29 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.09.29 19:21:21 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Nová složka
[2010.09.29 08:45:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.28 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\AmitySource
[2010.09.28 17:28:58 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Nero
[2010.09.27 21:27:50 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\WinOmeter
[2010.09.26 18:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010.09.26 10:41:08 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\NokiaAccount
[2010.09.26 09:40:05 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Nokia
[2010.09.26 09:38:02 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.09.26 09:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.09.26 09:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.09.25 20:10:45 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\GTA San Andreas User Files
[2010.09.25 11:29:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.09.25 10:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.09.24 17:45:58 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Eden Games
[2010.09.24 17:33:05 | 000,000,000 | ---D | C] -- C:\game
[2010.09.24 16:00:41 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Malwarebytes
[2010.09.24 13:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.09.23 21:30:48 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\PC Suite
[2010.09.23 21:30:45 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Nokia
[2010.09.23 21:29:21 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\DAEMON Tools Lite
[2010.09.23 20:42:22 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Battlefield Heroes
[8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.10.23 19:08:59 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.23 19:08:59 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.23 19:04:48 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.23 18:58:55 | 000,002,487 | ---- | M] () -- C:\Users\Fílek\Desktop\HiJackThis.lnk
[2010.10.23 18:29:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000UA.job
[2010.10.23 16:55:43 | 000,122,781 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.10.23 16:55:43 | 000,122,781 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.10.23 14:44:24 | 000,138,240 | ---- | M] () -- C:\Users\Fílek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.23 11:08:40 | 043,166,042 | ---- | M] () -- C:\Users\Fílek\Desktop\23102010004.mp4
[2010.10.23 09:08:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.23 09:08:56 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.22 23:20:24 | 000,138,520 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.10.22 23:20:15 | 000,233,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.10.22 19:28:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000Core.job
[2010.10.20 19:08:20 | 000,000,724 | ---- | M] () -- C:\Users\Public\Desktop\TC UP.lnk
[2010.10.20 19:02:57 | 145,778,315 | ---- | M] () -- C:\Users\Fílek\Desktop\TC UP 5.1.rar
[2010.10.19 19:45:04 | 000,115,962 | ---- | M] () -- C:\Users\Fílek\Desktop\Video call snapshot 1.png
[2010.10.18 16:08:30 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.10.18 16:08:30 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.10.18 15:20:04 | 000,125,352 | ---- | M] () -- C:\Users\Fílek\Desktop\Capree.iON.BatteryTimer.v1.05.S60v3.v5(symbianzone.co.cc)_signed.sis
[2010.10.17 18:50:20 | 000,170,717 | ---- | M] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-25-77.jpg
[2010.10.17 18:46:30 | 000,177,057 | ---- | M] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-17-27.jpg
[2010.10.17 09:43:28 | 000,019,776 | ---- | M] () -- C:\Users\Fílek\Desktop\RamControl_v1.0_signed.sis
[2010.10.17 09:42:18 | 000,000,800 | ---- | M] () -- C:\Users\Fílek\Desktop\SignSIS-GUI.lnk
[2010.10.17 09:35:17 | 000,512,394 | ---- | M] () -- C:\Users\Fílek\Desktop\SignSISTool (1).zip
[2010.10.17 00:47:44 | 000,000,862 | ---- | M] () -- C:\Users\Public\Desktop\Uloz.to Uploader.lnk
[2010.10.16 20:35:02 | 000,000,951 | ---- | M] () -- C:\Users\Fílek\Desktop\Format Factory.lnk
[2010.10.16 19:57:24 | 000,000,701 | ---- | M] () -- C:\Users\Fílek\Desktop\Street Legal Racing - Redline.lnk
[2010.10.16 17:39:58 | 000,001,736 | ---- | M] () -- C:\Users\Fílek\Desktop\fail.png
[2010.10.16 09:45:32 | 000,251,056 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.15 15:36:21 | 000,000,010 | RHS- | M] () -- C:\config.sys
[2010.10.15 15:33:15 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_2
[2010.10.15 14:49:05 | 000,000,173 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\D2Info0
[2010.10.10 21:32:50 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_1
[2010.10.04 16:47:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.04 16:47:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.03 20:11:52 | 000,005,033 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2010.10.03 11:14:29 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_3
[2010.09.30 20:05:33 | 000,000,729 | ---- | M] () -- C:\Users\Fílek\Desktop\Mafia.lnk
[2010.09.26 09:30:24 | 000,697,328 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.09.23 20:41:53 | 000,138,056 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\PnkBstrK.sys
[2010.09.23 20:41:32 | 002,427,248 | ---- | M] () -- C:\Windows\System32\pbsvc_heroes.exe
[8 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.10.23 19:04:48 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.23 18:46:19 | 000,002,487 | ---- | C] () -- C:\Users\Fílek\Desktop\HiJackThis.lnk
[2010.10.23 13:15:59 | 043,166,042 | ---- | C] () -- C:\Users\Fílek\Desktop\23102010004.mp4
[2010.10.20 19:08:20 | 000,000,724 | ---- | C] () -- C:\Users\Public\Desktop\TC UP.lnk
[2010.10.20 18:36:20 | 145,778,315 | ---- | C] () -- C:\Users\Fílek\Desktop\TC UP 5.1.rar
[2010.10.19 19:45:04 | 000,115,962 | ---- | C] () -- C:\Users\Fílek\Desktop\Video call snapshot 1.png
[2010.10.19 19:24:00 | 000,000,962 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000UA.job
[2010.10.19 19:23:59 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000Core.job
[2010.10.18 15:20:04 | 000,125,352 | ---- | C] () -- C:\Users\Fílek\Desktop\Capree.iON.BatteryTimer.v1.05.S60v3.v5(symbianzone.co.cc)_signed.sis
[2010.10.18 15:19:06 | 000,116,876 | ---- | C] () -- C:\Users\Fílek\Desktop\Capree.iON.BatteryTimer.v1.05.S60v3.v5(symbianzone.co.cc).sis
[2010.10.17 18:40:35 | 000,177,057 | ---- | C] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-17-27.jpg
[2010.10.17 18:40:35 | 000,170,717 | ---- | C] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-25-77.jpg
[2010.10.17 09:43:28 | 000,019,776 | ---- | C] () -- C:\Users\Fílek\Desktop\RamControl_v1.0_signed.sis
[2010.10.17 09:42:18 | 000,000,800 | ---- | C] () -- C:\Users\Fílek\Desktop\SignSIS-GUI.lnk
[2010.10.17 09:34:56 | 000,512,394 | ---- | C] () -- C:\Users\Fílek\Desktop\SignSISTool (1).zip
[2010.10.17 00:47:44 | 000,000,862 | ---- | C] () -- C:\Users\Public\Desktop\Uloz.to Uploader.lnk
[2010.10.16 20:35:02 | 000,000,951 | ---- | C] () -- C:\Users\Fílek\Desktop\Format Factory.lnk
[2010.10.16 19:57:24 | 000,000,701 | ---- | C] () -- C:\Users\Fílek\Desktop\Street Legal Racing - Redline.lnk
[2010.10.16 17:39:57 | 000,001,736 | ---- | C] () -- C:\Users\Fílek\Desktop\fail.png
[2010.10.16 14:53:36 | 000,011,376 | ---- | C] () -- C:\Users\Fílek\Desktop\RamControl_v1.0_Unsigned.sis
[2010.10.15 18:41:33 | 000,055,254 | ---- | C] () -- C:\Users\Fílek\Desktop\Einvagen_Duhen_Ishima_Focer.rpk
[2010.10.04 16:47:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.04 16:47:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.04 16:47:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.09.30 20:05:33 | 000,000,729 | ---- | C] () -- C:\Users\Fílek\Desktop\Mafia.lnk
[2010.09.23 20:41:53 | 000,138,056 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\PnkBstrK.sys
[2010.09.23 20:41:32 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.09.20 16:06:10 | 000,000,004 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\steam_md2.dat
[2010.09.18 14:05:10 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_3
[2010.09.18 00:08:00 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_2
[2010.09.18 00:07:38 | 000,000,173 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\D2Info0
[2010.09.18 00:07:38 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_1

Fílek · Příspěvekod **Fílek** » 23 říj 2010 19:51

Pokračování:
[2010.09.17 17:14:02 | 000,000,062 | ---- | C] () -- C:\Windows\Wininit.ini
[2010.08.06 13:23:19 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.08.06 13:22:40 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.07.30 23:06:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.07.30 07:43:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.06.30 11:49:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010.05.12 17:30:59 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.12 12:54:15 | 000,000,093 | ---- | C] () -- C:\Users\Fílek\AppData\Local\fusioncache.dat
[2009.12.25 11:40:06 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.24 19:43:25 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.12.07 20:29:02 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2009.12.07 20:27:30 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.12.05 19:10:50 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.05 12:54:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.04 20:04:39 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2009.12.04 18:14:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.03 20:02:01 | 000,122,781 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.12.03 20:02:01 | 000,122,781 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.12.03 16:09:28 | 000,000,552 | ---- | C] () -- C:\Users\Fílek\AppData\Local\d3d8caps.dat
[2009.12.02 23:19:54 | 000,138,240 | ---- | C] () -- C:\Users\Fílek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.02 23:10:28 | 000,001,356 | ---- | C] () -- C:\Users\Fílek\AppData\Local\d3d9caps.dat
[2007.02.13 08:03:42 | 000,001,324 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.04.28 17:34:24 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2004.06.27 21:49:42 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Fílek\AppData\Roaming\MafiaSetup.exe

========== LOP Check ==========

[2010.09.18 00:07:41 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\app
[2010.10.06 17:55:39 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Canon
[2010.09.25 17:19:52 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\DAEMON Tools Lite
[2010.10.09 09:52:32 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Dofus 2
[2010.09.18 00:08:00 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.09.18 14:05:10 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.09.18 00:07:38 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.10.19 21:07:44 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\GHISLER
[2010.10.20 19:05:42 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\HEXelon
[2010.09.17 22:58:52 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\KWorld Multimedia
[2010.09.26 10:41:33 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Nokia
[2010.10.13 19:53:23 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\PC Suite
[2010.09.18 00:07:41 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
[2010.10.01 15:00:56 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Screaming Bee
[2010.10.17 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\TeamViewer
[2010.10.23 18:42:53 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\uTorrent
[2010.10.22 23:25:25 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 606 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

EXTRAS:

OTL Extras logfile created on: 23.10.2010 19:20:54 - Run 1
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Users\Fílek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,14 Gb Total Space | 68,24 Gb Free Space | 27,95% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 118,70 Gb Free Space | 53,56% Space Free | Partition Type: NTFS
Drive M: | 298,09 Gb Total Space | 84,25 Gb Free Space | 28,26% Space Free | Partition Type: NTFS

Computer Name: FÍLEK-PC | User Name: Fílek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- C:\Users\Fílek\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02484968-9A6C-4391-A16E-494132D70389}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{12AC77FB-B69E-41C9-91FA-48546AEA6D82}" = lport=137 | protocol=17 | dir=in | app=system |
"{1DF5F72D-444A-496E-9439-D1F15AC8E9F2}" = lport=445 | protocol=6 | dir=in | app=system |
"{1E987650-972F-4AF7-8C88-29C6E23E7512}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{46904F37-A6C7-46DB-A1EA-15519F77BFC9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4C878A7D-08ED-4D62-A0ED-8D8B760AAFC6}" = lport=3724 | protocol=6 | dir=in | name=wow down |
"{551DBDBE-BE51-40FC-9ACA-1BCFE2EDB614}" = rport=10243 | protocol=6 | dir=out | app=system |
"{59770EE2-1124-44E5-B12D-13062C6DFC2B}" = lport=138 | protocol=17 | dir=in | app=system |
"{602AC588-440D-4489-9264-25F7EE9292BB}" = lport=6112 | protocol=6 | dir=in | name=blizzard downloader |
"{61E889CB-C9E9-44DB-AF5A-261DC287511D}" = rport=138 | protocol=17 | dir=out | app=system |
"{75D28CB1-2732-4066-A33E-72EE504129DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75EC72D5-D09B-41AF-B32C-622FE062D581}" = lport=1119 | protocol=6 | dir=in | name=wow down |
"{77DCD7D6-E8A2-4C41-B076-CECE86E39832}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{888BE3C9-C7D2-499D-AC7F-1212819FCD0D}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C911082-83D7-430D-87FA-50296E2EF453}" = rport=137 | protocol=17 | dir=out | app=system |
"{9860B328-B778-4FB1-BD2D-A3F041D5C5D4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F0EC20D-2458-4294-92D6-0D7B39EDC500}" = rport=445 | protocol=6 | dir=out | app=system |
"{B331AFB6-0DDD-4495-AC23-0C55F7641ABE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B4E38D3A-5B70-4411-85D9-673BA43CA4A3}" = lport=1120 | protocol=6 | dir=in | name=wow down |
"{CABC2B87-0E6F-4517-84F2-2FD0D78D7CB3}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD3724E4-53B2-4346-A300-AE8A93241CBF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EC2CDE5C-ECA9-4C5F-A7B7-BE7164B6D110}" = rport=139 | protocol=6 | dir=out | app=system |
"{F8CA2F46-E494-403C-AC4D-88F2B2151919}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FECACEFA-9430-4930-B208-9389C8CC7DE9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08ABBD89-EEC1-43E0-A5D5-39A312C79962}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{096C8E9D-3253-402B-83F2-0E24B901396B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1300E28B-49CC-4F8F-8AEA-936FD19CD8D1}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{19840B9F-784A-4002-91F0-D9CB9412D51E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1C68FB3E-48D9-496A-A13E-4E61C75F92A0}" = protocol=6 | dir=in | app=d:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{1C70DBCE-AA33-421A-972C-39363902DB65}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"{2898BD3F-C320-4A58-A1B7-DA26F7F8B1DB}" = protocol=17 | dir=in | app=d:\program files\rockstar games\rockstar games social club\rgsclauncher.exe |
"{2D121FA0-2904-4762-AAC0-C6BB87940BE4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{3066A7BA-FC85-4673-B723-4F975518576F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{34483412-9410-4D87-9FAC-CD58E9567E65}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{3C13DD09-9FFC-411F-8DB6-3476F1E3ADCC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{410FD7F4-2F40-4F9A-ACE6-609E3439B5AE}" = protocol=17 | dir=in | app=d:\wowko 3.1.3\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{41F24512-3EC4-4C25-AF84-6D2613B418AA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{428D46D5-5F26-4DD8-9F7F-FD39AF4C3FE3}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{49725884-DD72-49D0-B27D-83DBA278CECB}" = protocol=17 | dir=in | app=d:\program files\world of warcraft beta\launcher.exe |
"{4E9FFDC2-8EAD-4694-9A87-4CF585C8C008}" = protocol=6 | dir=in | app=d:\wowko 3.1.3\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{4F448081-85F1-47B7-9D38-32C41018E07E}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{51D56AF3-3440-423F-A9AF-A78C0405B8DC}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5322DDC5-8DB2-4797-A220-97C9F95F7AB1}" = protocol=6 | dir=in | app=d:\program files\world of warcraft beta\launcher.exe |
"{55D4A3B4-4899-4652-B24A-7552F09ADC41}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{55EA3F0B-9119-4954-BEA4-E8AB9AF67D61}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55F3E838-9F07-47BF-99D4-377AF6969B6D}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{5726C394-C107-4FA9-AF6B-41ABE1719F8A}" = protocol=6 | dir=out | app=system |
"{58CAC95A-F896-4C04-96FD-0BC1138FF897}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{5966DA4A-FEC9-42B6-A89F-96C07027DE6C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{59BE8879-8051-4185-A51D-74AD08F15033}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C52F504-159E-4BB1-8C1C-8BE7F656D6D1}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{5ED069D8-B56D-4769-A7FC-42A61A196D58}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5F0295D4-4D98-4999-A7F9-B90C6005C3C0}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6078C581-0AEB-497A-BA6F-2915887933AE}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{638CE8D0-20FA-4EBC-9EB2-8B661B80BAF9}" = protocol=17 | dir=in | app=d:\hry\rockstar games\rockstar games social club\rgsclauncher.exe |
"{6884EC78-0791-49F6-A063-8AE6C24154DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{68DA0FCB-3E81-485F-89CF-D69E18007911}" = protocol=6 | dir=in | app=c:\program files\codemasters\dirt2\dirt2_game.exe |
"{6CC60224-CD3C-4104-B444-4F69F34448D8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6D4A7630-A90E-4B6A-A904-DB72FF3976B9}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{6DFA5005-A834-4E53-A4B6-8B5B4DF2FF83}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-203 |
"{7250F131-7DD5-4D09-BB74-6C01EFD2EE71}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{763A4852-D724-47DA-895A-9A93DB97C8C1}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{76FA428A-4179-4690-8155-2AF07356A14A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{79493EBD-AE7E-43BE-B94C-DC4287AB49E9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7C0D5A26-8A33-43EB-AFF8-02A234306878}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforever.exe |
"{81B2854D-A980-41D2-A84F-D62BB1ADDD49}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{82785A8A-38EF-4A5A-B96F-51D7F7D43808}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{886AFCC8-4FBD-4EF7-8B08-88F3445A10CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8C1B1291-56F4-47D4-AF15-649A9F31F8F1}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{8D4D5178-EDC8-4B48-9DD7-DAF7428D99C7}" = protocol=17 | dir=in | app=c:\program files\codemasters\dirt2\dirt2_game.exe |
"{8D79566B-556E-429B-A20A-D194472240EF}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{8F6AA500-389C-4FFC-A3C8-9F26DEFF81A4}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{94C470F8-8A79-4075-A494-7BE40B35C0A0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{964CDA1D-1789-454A-90A6-C8AE48639AD5}" = protocol=17 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{B14D0BF4-1D70-4B3F-9ED2-4A05AF7A60F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B462347A-C613-4CA4-9BEC-E35E824F5E88}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BCE97FFC-C13E-4DC4-86BB-CDAAB6A6D4C2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C09F4DC1-198B-4DCB-8FA8-DCFC11C3B0FC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{CA57510E-5674-410E-B63C-1957DE31FEFA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{D0F1FD34-EA6E-4E90-A000-72BF2F4FFEC2}" = protocol=58 | dir=in | app=system |
"{DEBDAC96-62A5-4BB7-864B-F9C3DC5B2152}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E6ED4EAF-C9FD-45D3-8B35-371111C72594}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{E91BAD70-BE79-4E5E-8397-E0461576ADA1}" = protocol=6 | dir=in | app=d:\program files\electronic arts\battlefield bad company 2\bfbc2updater.exe |
"{E9C32A0D-5254-45C0-9D24-B9C02EE331BC}" = protocol=6 | dir=in | app=d:\hry\rockstar games\rockstar games social club\rgsclauncher.exe |
"{F1582282-DD5F-429E-A6F8-C58764AB13C0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F465E056-B771-4A80-A527-8BA0792063EF}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{FEBA3576-6788-4DAD-AC56-8496029BDDA7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\trackmania nations forever\tmforeverlauncher.exe |
"TCP Query User{020FF55B-6A3D-4763-B737-84E5B091C123}C:0\wowko 3.1.3\launcher.exe" = protocol=6 | dir=in | app=c:0\wowko 3.1.3\launcher.exe |
"TCP Query User{054D02EB-1913-4508-99BE-5D7814EF5124}C:\program files\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\yaho's miranda im\miranda32.exe |
"TCP Query User{0E5BE554-6140-4016-B63A-678E8A466AFA}C:\program files\ultima online 2d\client_3.0.6m.exe" = protocol=6 | dir=in | app=c:\program files\ultima online 2d\client_3.0.6m.exe |
"TCP Query User{11E4ABB4-74B4-46A5-8F83-C4C10F6DD1B2}D:\hry\cod 6\iw4mp.dat" = protocol=6 | dir=in | app=d:\hry\cod 6\iw4mp.dat |
"TCP Query User{1231286C-9A25-4994-AEBF-0972B9640453}C:\users\fílek\appdata\local\temp\pylfaf8.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pylfaf8.tmp\pyrun.exe |
"TCP Query User{17278B1C-EEC0-46CE-A320-A6DC1B564393}C:\users\fílek\appdata\local\temp\pyl1e1a.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl1e1a.tmp\pyrun.exe |
"TCP Query User{1BB6132A-EAA9-4FAD-A4D9-B31885E1F772}D:\wowko 3.1.3\launcher.exe" = protocol=6 | dir=in | app=d:\wowko 3.1.3\launcher.exe |
"TCP Query User{22897A39-E851-42FA-B98D-7541175220DD}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{25A082C0-E83A-4559-B25F-CB6463D7D847}C:\program files\activision\modern warfare 2\iw4mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\modern warfare 2\iw4mp.exe |
"TCP Query User{2A1DABF8-954A-4FFD-AA8C-565FAE44412D}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{2CBCADE6-F869-4280-BD04-CD7D5508E08A}D:\hry\x-plane 9.00 beta-1\x-plane 900 beta-1.exe" = protocol=6 | dir=in | app=d:\hry\x-plane 9.00 beta-1\x-plane 900 beta-1.exe |
"TCP Query User{470E53D9-694F-403A-B19F-CC68D1FDD809}C:\users\fílek\desktop\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\fílek\desktop\world of warcraft\launcher.exe |
"TCP Query User{5697AC3C-1015-4070-A47E-2073CE16B77F}C:0\wowko 3.1.3\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=6 | dir=in | app=c:0\wowko 3.1.3\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |
"TCP Query User{56EAC7C6-48C7-496C-9082-62CB420257E9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{5725E3F2-9B0F-4346-A894-B5078DCBB0A1}C:\program files\miranda im kp v5.0.8.15\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im kp v5.0.8.15\miranda32.exe |
"TCP Query User{5DC9549A-BC20-4923-8A61-40B5BAA1AE61}C:\program files\aspyr\guitar hero world tour\ghwt.exe" = protocol=6 | dir=in | app=c:\program files\aspyr\guitar hero world tour\ghwt.exe |
"TCP Query User{7206E9BA-4F02-48DB-8BCD-3F28C264980A}C:\program files\tc up\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\tc up\totalcmd.exe |
"TCP Query User{74FF0BCE-AA4D-429A-8FD3-A94A72AB72C9}C:\users\fílek\appdata\local\temp\pylbb1f.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pylbb1f.tmp\pyrun.exe |
"TCP Query User{79151C36-F0D2-4963-9EE5-28C648674090}C:0\wowko 3.3.3 - kopie\launcher.exe" = protocol=6 | dir=in | app=c:0\wowko 3.3.3 - kopie\launcher.exe |
"TCP Query User{8A2ED110-AFC3-4AD5-BFC6-57D9E44C31D6}D:\hry\metin\sindicate\client.bin" = protocol=6 | dir=in | app=d:\hry\metin\sindicate\client.bin |
"TCP Query User{909612F5-67C1-4DCC-A2FF-4A55F4869FD7}D:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{A721FE73-1AEC-4D0B-85BD-37D61B5C7E6A}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{AA6B85D0-CF30-4F42-9563-CD70BFF93A24}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{B0AA121B-AB22-4D1C-92EA-67EA1970889E}C:\users\fílek\downloads\wow-engb-installer-downloader.exe.exe" = protocol=6 | dir=in | app=c:\users\fílek\downloads\wow-engb-installer-downloader.exe.exe |
"TCP Query User{B620BE2C-130E-4D11-A042-49AB34E913D9}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=6 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |
"TCP Query User{C01AD941-2A2D-4BB1-8D85-7462C21DD72A}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{C320CA61-12C6-4253-87FA-AED1A9B13B5E}C:\program files\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\yaho's miranda im\miranda32.exe |
"TCP Query User{C7E2790B-B8F5-4834-83DD-C2CE6AD3CA40}C:\program files\www.cproxy.com\cproxy.exe" = protocol=6 | dir=in | app=c:\program files\www.cproxy.com\cproxy.exe |
"TCP Query User{C7EF932D-C9DF-4AB8-8EA0-3B2AB87CD721}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{CE33069A-A553-4D6D-BFFB-90A8FA5D72F2}C:\program files\qip\qip.exe" = protocol=6 | dir=in | app=c:\program files\qip\qip.exe |
"TCP Query User{D4EE752D-49DD-4327-AC24-60DE29BC19BE}C:\users\fílek\appdata\local\temp\pyl1a7d.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl1a7d.tmp\pyrun.exe |
"TCP Query User{E281C2AC-3734-487A-B268-F858B3B5115C}C:\users\fílek\appdata\local\temp\pyl7d1c.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl7d1c.tmp\pyrun.exe |
"TCP Query User{E3CB998D-809D-41DC-B0DB-BD74FE38108C}D:\age of empires 2\empires2.exe" = protocol=6 | dir=in | app=d:\age of empires 2\empires2.exe |
"TCP Query User{E71647B6-E83B-4AD9-82D7-B45A45DF91D2}D:\hry\cod 6\iw4mp.exe" = protocol=6 | dir=in | app=d:\hry\cod 6\iw4mp.exe |
"TCP Query User{F04E50D9-8460-420E-B48E-95EB9E1A800B}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{F1C614C3-3760-4A70-9C01-F9FECAE96F4E}C:\game\test drive unlimited 2 beta\testdrive2.dat" = protocol=6 | dir=in | app=c:\game\test drive unlimited 2 beta\testdrive2.dat |
"TCP Query User{F3E0891C-F15C-4A0A-9867-849F9445206E}D:\hry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=d:\hry\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{F6864591-BF55-446C-AFB3-0BD1910E596D}C:\users\fílek\appdata\local\temp\pyl9a99.tmp\pyrun.exe" = protocol=6 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl9a99.tmp\pyrun.exe |
"TCP Query User{FD16C396-C6D0-4AA0-AFAB-B0859169B645}C:0\wowko 3.1.3\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=6 | dir=in | app=c:0\wowko 3.1.3\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |
"UDP Query User{05635811-72BC-47AC-9FE1-43F069421EB0}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{06E2EAD8-5F0A-44F7-8E2E-84A0EC170F7F}C:\users\fílek\appdata\local\temp\pyl1a7d.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl1a7d.tmp\pyrun.exe |
"UDP Query User{0B188918-394B-45C7-8CD6-F2EF2A23D628}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{18FA5D71-3647-4549-A144-8C7774816D2F}D:\hry\metin\sindicate\client.bin" = protocol=17 | dir=in | app=d:\hry\metin\sindicate\client.bin |
"UDP Query User{1CD9CC80-9F40-435C-908B-F9768DD4DDDC}C:\users\fílek\appdata\local\temp\pyl7d1c.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl7d1c.tmp\pyrun.exe |
"UDP Query User{1F254FBF-11CF-4A49-994D-633E333ADF74}D:\wowko 3.1.3\launcher.exe" = protocol=17 | dir=in | app=d:\wowko 3.1.3\launcher.exe |
"UDP Query User{38946CE2-4A22-4C4C-AFE9-FFC7E2887410}D:\hry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\hry\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{3EBF8B87-E375-4477-9D5A-15545F93F8CD}C:\users\fílek\appdata\local\temp\pyl1e1a.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl1e1a.tmp\pyrun.exe |
"UDP Query User{3EBF9546-FECB-4F37-B672-D06C927A1553}C:\program files\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\yaho's miranda im\miranda32.exe |
"UDP Query User{3F44000A-A050-4B3E-8443-A251FD76069A}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{414E82E6-76FF-45CA-B152-A474CC9EFAF7}C:\program files\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\yaho's miranda im\miranda32.exe |
"UDP Query User{481E6455-0836-4168-B423-84C5EA86A0CC}C:\program files\www.cproxy.com\cproxy.exe" = protocol=17 | dir=in | app=c:\program files\www.cproxy.com\cproxy.exe |
"UDP Query User{4AB22BEB-E566-46C3-92AE-907743690F5C}C:\users\fílek\desktop\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\fílek\desktop\world of warcraft\launcher.exe |
"UDP Query User{4B3EA352-229D-4D1A-9657-CF5A40AB8406}C:\program files\left 4 dead 2\left4dead2.exe" = protocol=17 | dir=in | app=c:\program files\left 4 dead 2\left4dead2.exe |
"UDP Query User{560A1BDA-4BB9-4AA7-ACFC-0A6FF6AD89C5}C:\program files\ultima online 2d\client_3.0.6m.exe" = protocol=17 | dir=in | app=c:\program files\ultima online 2d\client_3.0.6m.exe |
"UDP Query User{56824292-7D8C-4A57-B7A0-F6AC0AE38C90}C:\game\test drive unlimited 2 beta\testdrive2.dat" = protocol=17 | dir=in | app=c:\game\test drive unlimited 2 beta\testdrive2.dat |
"UDP Query User{5B068899-968A-4521-8A99-DF4C4BF797F8}C:0\wowko 3.1.3\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe" = protocol=17 | dir=in | app=c:0\wowko 3.1.3\wow-3.3.2.11403-to-3.3.3.11685-enus-downloader.exe |
"UDP Query User{6B2DC934-FEAA-46A0-9A3C-1145B15C3FA6}D:\hry\cod 6\iw4mp.dat" = protocol=17 | dir=in | app=d:\hry\cod 6\iw4mp.dat |
"UDP Query User{6E3E81DB-34AD-42D1-A066-103A5914B19B}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{72ADAC7A-B5B8-4FDB-88CD-DDC8100FA919}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{893F43CE-CC46-42A0-9C96-1BF49FFC6ED3}D:\hry\cod 6\iw4mp.exe" = protocol=17 | dir=in | app=d:\hry\cod 6\iw4mp.exe |
"UDP Query User{8D943023-5DE2-47A9-A7FD-C210889A7ADA}C:\program files\miranda im kp v5.0.8.15\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im kp v5.0.8.15\miranda32.exe |
"UDP Query User{907ED339-64FB-4383-8E6D-D16082D47320}D:\age of empires 2\empires2.exe" = protocol=17 | dir=in | app=d:\age of empires 2\empires2.exe |
"UDP Query User{918FB500-5D52-462F-A2EB-3B140F5B15BF}D:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=d:\program files\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{9EB72CE6-298A-4820-A756-2F9C1AC9C772}C:\users\fílek\appdata\local\temp\pyl9a99.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pyl9a99.tmp\pyrun.exe |
"UDP Query User{B4386012-0439-4472-83C3-FFA4822B5EDB}C:\program files\activision\modern warfare 2\iw4mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\modern warfare 2\iw4mp.exe |
"UDP Query User{B86A63E0-9972-4EA5-952B-3066FCF48AD3}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{C174E195-83D5-4F92-A12F-5CD0DE129575}C:0\wowko 3.1.3\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe" = protocol=17 | dir=in | app=c:0\wowko 3.1.3\wow-3.3.3.11685-to-3.3.3.11723-enus-downloader.exe |
"UDP Query User{C67ED3C0-771A-4C2B-8E84-87650114A713}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{CC697DB4-F767-4EFD-AC44-322079940CB9}C:\program files\tc up\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\tc up\totalcmd.exe |
"UDP Query User{CF044B08-B742-44B8-A2B4-CE27D385F7BD}C:\users\fílek\downloads\wow-engb-installer-downloader.exe.exe" = protocol=17 | dir=in | app=c:\users\fílek\downloads\wow-engb-installer-downloader.exe.exe |
"UDP Query User{CFB26A8A-D6AB-4727-9428-4E89D32B8B9B}C:\program files\qip\qip.exe" = protocol=17 | dir=in | app=c:\program files\qip\qip.exe |
"UDP Query User{E96CD099-6955-4063-8F4D-95DBA0FC88E6}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{EA28FF8F-3FCD-4BEF-9A79-88F8330404E9}C:0\wowko 3.3.3 - kopie\launcher.exe" = protocol=17 | dir=in | app=c:0\wowko 3.3.3 - kopie\launcher.exe |
"UDP Query User{EC90C0A2-C6BD-4864-9AD4-3DFAEBEC3AF8}C:\users\fílek\appdata\local\temp\pylbb1f.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pylbb1f.tmp\pyrun.exe |
"UDP Query User{F0122FE5-C144-4F39-A891-DAE38BFC436B}C:0\wowko 3.1.3\launcher.exe" = protocol=17 | dir=in | app=c:0\wowko 3.1.3\launcher.exe |
"UDP Query User{F059C854-AD01-4C44-8EB6-BA3912AA38D4}C:\program files\aspyr\guitar hero world tour\ghwt.exe" = protocol=17 | dir=in | app=c:\program files\aspyr\guitar hero world tour\ghwt.exe |
"UDP Query User{FC74A4F4-2EB0-43E7-854F-33B5335DDE16}D:\hry\x-plane 9.00 beta-1\x-plane 900 beta-1.exe" = protocol=17 | dir=in | app=d:\hry\x-plane 9.00 beta-1\x-plane 900 beta-1.exe |
"UDP Query User{FED8CB91-064D-4560-B0AD-DD2D0C88F2C1}C:\users\fílek\appdata\local\temp\pylfaf8.tmp\pyrun.exe" = protocol=17 | dir=in | app=c:\users\fílek\appdata\local\temp\pylfaf8.tmp\pyrun.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series" = Canon iP1800 series
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412" = CanoScan LiDE 90
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1A0D2EFC-C4FC-446A-8BC3-57A54CE5EADD}" = Opera 10.53
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = oZone3D.Net FurMark v1.8.2
"{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 20
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3F900346-A316-BA88-B83C-2513F1260AD7}" = Reg (DOFUS Audio Subsystem)
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{553B20C6-59CD-4C2F-BE37-16ABF32064BF}" = aTube Catcher 1.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5EBF7AAB-98C5-2C43-0844-4BD9B9FCA7AD}" = Dofus
"{66D475AE-F18B-43A0-8BAF-61AF4403E339}" = Webcam 1200
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D45EF03-E8EE-4355-81C3-F918CBCF1033}" = Nero 8
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7814358B-1284-4305-AE5A-6667DBDF4771}" = ArcSoft WebCam Companion 2
"{7A65E382-1843-4B46-861B-1BECB8354911}" = Falcon 4.0: Allied Force
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E655FA7-355E-49CB-B742-9508B8AA5C8B}" = ArcSoft Magic-i 3
"{A126E617-63F0-4E57-BFA4-7190F5845C39}" = Guitar Hero World Tour
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C34E19B2-F4D4-4C1F-A565-BA92627178D8}" = Sony Media Manager 2.0
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = PageManager
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.3.22 Game
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR)
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EA57EFB9-A257-4DD0-BC6D-0FA5625F3421}" = ArcSoft PhotoImpression 5
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin'
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"AV Voice Changer Software 4.0" = AV Voice Changer Software 4.0
"avast5" = avast! Free Antivirus
"Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01
"BSPlayer1" = BSPlayer
"CamStudio" = CamStudio
"CANONIJPLM100" = PIXMA Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.15
"Dofus 1.28.0" = Dofus 1.28.0
"Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Dofus
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DUMeter3_is1" = DU Meter
"Easy-LayoutPrint" = Canon Utilities Easy-LayoutPrint
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"EAX Unified" = EAX Unified
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"ffdshow_is1" = ffdshow [rev 2844] [2009-03-30]
"FormatFactory" = FormatFactory 2.45
"Fraps" = Fraps (remove only)
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Live For Speed S2 Drift Edition 2010 z25" = Live For Speed S2 Drift Edition 2010 z25
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mafia Game" = Mafia Game
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"Need For Speed World Online" = Need For Speed World Online
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OCCT_is1" = OCCT Perestroika 3.1.0
"OpenAL" = OpenAL
"PokerStars" = PokerStars
"PSPad editor_is1" = PSPad editor
"PunkBusterSvc" = PunkBuster Services
"Rapid-USD NoCaptcha -Th3zone.com Sep2007" = Rapid-USD NoCaptcha -Th3zone.com Sep2007
"Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1" = Reg (DOFUS Audio Subsystem)
"Registrace uživatele zařízení Canon iP1800 series" = Registrace uživatele zařízení Canon iP1800 series
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Steam App 11020" = TrackMania Nations Forever
"Steam App 630" = Alien Swarm
"TC UP" = Total Commander Ultima Prime 5.1.0.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Test Drive Unlimited 2 Beta_is1" = Test Drive Unlimited 2 Beta
"TNod" = TNod User & Password Finder
"Total Video Converter 3.12_is1" = Total Video Converter 3.12 080330
"Traktor Simulátor_is1" = Traktor Simulátor
"TVP3XDrv" = KWorld TV713X BDA Driver
"Uloz.to Uploader" = Uloz.to Uploader 1.1.1.122
"UserBar Generator_is1" = UserBar Generator 1.2
"uTorrent" = µTorrent
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
"Wubi" = Ubuntu
"Xvid CZ 1.01_is1" = Xvid CZ 1.01

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
"QIP 2005" = QIP 2005 8095
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 23.10.2010 7:11:27 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 13:11:27 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 825, .\Application\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared():
Could not found pNotifyElement from m_listShowableElement

Error - 23.10.2010 8:51:49 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 14:51:49 (OviSuite) - ERROR - CommonWidgets, Thread
GUI, Line 353, .\Application\CommonHomeWidget\HomeAnimation.cpp, CHomeAnimation::start():
Visible item must be less than maximum pixmap items!

Error - 23.10.2010 8:58:08 | Computer Name = Fílek-PC | Source = LoadPerf | ID = 3002
Description =

Error - 23.10.2010 9:01:57 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 15:01:57 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 825, .\Application\DashboardView.cpp, CDashboardView::onNotifyWidgetCleared():
Could not found pNotifyElement from m_listShowableElement

Error - 23.10.2010 9:04:54 | Computer Name = Fílek-PC | Source = VSS | ID = 8194
Description =

Error - 23.10.2010 9:08:34 | Computer Name = Fílek-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 23.10.2010 9:12:25 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 15:12:25 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 23.10.2010 9:12:25 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 15:12:25 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 23.10.2010 9:12:25 | Computer Name = Fílek-PC | Source = OviSuite | ID = 1
Description = 23/10/2010 15:12:25 (OviSuite) - ERROR - DashboardPlugin, Thread
GUI, Line 706, .\Application\Dashboard.cpp, CDashboard::removeControl(): Could not
removed plug-in widget from Dashboard for some reason.

Error - 23.10.2010 10:55:35 | Computer Name = Fílek-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace dirt2_game.exe, verze 1.0.0.0, časové razítko 0x4b042091,
chybující modul dirt2_game.exe, verze 1.0.0.0, časové razítko 0x4b042091, kód výjimky
0xc0000005, posun chyby 0x00dd428b, ID procesu 0x1ef8, čas spuštění aplikace 0x01cb72bd9ff5265e.

[ System Events ]
Error - 21.10.2010 15:29:22 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7016
Description =

Error - 22.10.2010 1:11:02 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 22.10.2010 17:25:20 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7016
Description =

Error - 23.10.2010 3:10:29 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 23.10.2010 3:19:45 | Computer Name = Fílek-PC | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 23.10.2010 9:15:14 | Computer Name = Fílek-PC | Source = DCOM | ID = 10005
Description =

Error - 23.10.2010 9:15:14 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 23.10.2010 9:15:14 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 23.10.2010 9:15:14 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 23.10.2010 9:15:14 | Computer Name = Fílek-PC | Source = Service Control Manager | ID = 7000
Description =

< End of report >

Pardon táta mě tu honí protože koupil wifi router a testuje to.

Příspěvekod **jaro3** » 24 říj 2010 10:05

Z mozilla\Thunderbird---odstraň ESET Smart Security

Odinstaluj:
C:\Program Files\TNod User & Password Finder :evil:

C:\Users\Fílek\Desktop\MS office 2007 cz + key :evil:

C:\Users\Fílek\Desktop\MWM_Resolution_Changer.exe
C:\Users\Fílek\Desktop\5800
C:\Users\Fílek\AppData\Local\119614890733675764
C:\Users\Fílek\AppData\Local\119611678098138356
C:\Users\Fílek\Desktop\n73
Ty složky znáš?

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (GMSIPCI) -- E:\INSTALL\GMSIPCI.SYS File not found
DRV - (catchme) -- C:\Users\FLEK~1\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {EBE9E2B5-B526-48BC-AD46-687263EDCB0E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - No CLSID value found.
O4 - HKLM..\Run: [TNOD UP] C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero[X]Team)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
@Alternate Data Stream - 606 bytes -> C:\ProgramData\TEMP:05EE1EEF

:Files
C:\WINDOWS\System32\*.tmp 
C:\WINDOWS\*.tmp 
C:\WINDOWS\system32\*.tmp.dll 
C:\WINDOWS\system32\SET*.tmp 
c:\windows\Tasks\*.job 
C:\*.tmp
C:\ProgramData\nvModes.dat
C:\ProgramData\nvModes.001
C:\Users\Fílek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\ezsidmv.dat
C:\Users\Fílek\AppData\Local\d3d8caps.dat
C:\Users\Fílek\AppData\Local\d3d9caps.dat

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" =- 

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

+
Poklepej znovu na ikonu OTL by OldTimer, pod Vlastní skenování/opravy (Custom Scans/Fixes) vlož následující text , zeleně zbarvený:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT

Neměň nastavení, jen klikni na Prohledat (Run Scan), nech sken dokončit. Až se se objeví textový soubor , tak sem vlož prosím jeho celý obsah.

Fílek · Příspěvekod **Fílek** » 24 říj 2010 10:16

Ty Office mi tam dal táta. MWM_Resolution_Changer.exe je pro hru Street Legal Racing Redline. 5800 je složka se souborama pro můj mobil.

Složka n73 je záloha fotek, písniček a videí z mého starého mobilu. Ty v tom appdata neznám. TNod User? To netuším jak se mi to tam dostalo. Kde mám smazat ten Thunderbird? Nemůžu ho najít.

OTL:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File C:\Windows\System32\DRIVERS\ipinip.sys File not found not found.
Service GMSIPCI stopped successfully!
Service GMSIPCI deleted successfully!
File E:\INSTALL\GMSIPCI.SYS File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\FLEK~1\AppData\Local\Temp\catchme.sys File not found not found.
Service blbdrive stopped successfully!
Service blbdrive deleted successfully!
File C:\Windows\System32\drivers\blbdrive.sys File not found not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
File C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBE9E2B5-B526-48BC-AD46-687263EDCB0E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D5D47440-0750-463D-BAEF-A47D02414806} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5D47440-0750-463D-BAEF-A47D02414806}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TNOD UP not found.
File C:\Program Files\TNod User & Password Finder\TNODUP.exe (Tukero not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Low Rights\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msdaipp\ deleted successfully.
File Protocol\Handler\msdaipp - No CLSID value found not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
========== FILES ==========
C:\WINDOWS\System32\tmp42B3.tmp moved successfully.
C:\WINDOWS\System32\tmp4331.tmp moved successfully.
C:\WINDOWS\System32\tmp49E5.tmp moved successfully.
C:\WINDOWS\System32\tmp4A92.tmp moved successfully.
C:\WINDOWS\System32\tmp700.tmp moved successfully.
C:\WINDOWS\System32\tmp79D.tmp moved successfully.
C:\WINDOWS\System32\tmpFF2F.tmp moved successfully.
C:\WINDOWS\System32\tmpFF30.tmp moved successfully.
C:\WINDOWS\8A809006C25A4A3A9DAB94659BCDB107.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000Core.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-991023064-296523812-3436558302-1000UA.job moved successfully.
File\Folder C:\*.tmp not found.
C:\ProgramData\nvModes.dat moved successfully.
C:\ProgramData\nvModes.001 moved successfully.
C:\Users\Fílek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\ProgramData\ezsidmv.dat moved successfully.
C:\Users\Fílek\AppData\Local\d3d8caps.dat moved successfully.
C:\Users\Fílek\AppData\Local\d3d9caps.dat moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Fílek
->Temp folder emptied: 63197546 bytes
->Temporary Internet Files folder emptied: 45677819 bytes
->Java cache emptied: 49157035 bytes
->FireFox cache emptied: 77558630 bytes
->Google Chrome cache emptied: 387707785 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 44186 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3792 bytes
RecycleBin emptied: 24737 bytes

Total Files Cleaned = 595,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Fílek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.17.0 log created on 10242010_101717

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

OTL 2:

OTL logfile created on: 24.10.2010 10:24:18 - Run 2
OTL by OldTimer - Version 3.2.17.0 Folder = C:\Users\Fílek\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 244,14 Gb Total Space | 82,51 Gb Free Space | 33,80% Space Free | Partition Type: NTFS
Drive D: | 221,62 Gb Total Space | 118,70 Gb Free Space | 53,56% Space Free | Partition Type: NTFS

Computer Name: FÍLEK-PC | User Name: Fílek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Fílek\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Fílek\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe ()
PRC - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
PRC - C:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
PRC - C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft)
PRC - C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe (Nuance Communications, Inc.)
PRC - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
PRC - C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe ()
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
PRC - C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)

========== Modules (SafeList) ==========

MOD - C:\Users\Fílek\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (DUMeterSvc) -- C:\Program Files\DU Meter\DUMeterSvc.exe (Hagel Technologies Ltd.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (MgiSvr) -- C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe (ArcSoft, Inc.)
SRV - (IJPLMSVC) -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe ()
SRV - (MSSQL$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (DUMeterDrv) -- C:\Program Files\DU Meter\DUMetr32.sys (Hagel Technologies Ltd.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (cpuz132) -- C:\Windows\System32\drivers\cpuz132_x32.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (ARCSOFTVIRTUALCAPTURE) -- C:\Windows\System32\drivers\ArcSoftVirtualCapture.sys (ArcSoft, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (VD_FileDisk) -- C:\Windows\System32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.09.26 09:38:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.22 15:05:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.23 15:11:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.09.26 09:38:16 | 000,000,000 | ---D | M]

[2010.09.17 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Extensions
[2010.10.19 21:19:33 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions
[2010.09.18 12:58:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.09.21 20:06:07 | 000,000,000 | ---D | M] -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\extensions\battlefieldheroespatcher@ea.com
[2010.09.24 13:56:54 | 000,002,059 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\Mozilla\Firefox\Profiles\yx90l2x8.default\searchplugins\daemon-search.xml
[2010.09.11 18:34:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.06.11 12:56:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.12 22:03:50 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.12.03 11:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\BearShareWebSearch.xml
[2009.10.21 04:10:38 | 000,001,425 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\Cetrumcz_igeared.xml
[2010.09.10 14:59:54 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 14:59:54 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.10 14:59:54 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.10 14:59:54 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.10 14:59:54 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2010.09.17 22:53:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Monitor] C:\Windows\PixArt\Pac207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
O4 - HKCU..\Run: [RGSC] D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe File not found
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O15 - HKCU\..Trusted Domains: facebook.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: facebook.com ([login] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/ ... ontrol.cab (Windows Genuine Advantage Validation Tool)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Fílek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Fílek\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.10.24 10:17:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.23 21:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Counter-Strike Source
[2010.10.23 21:01:26 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\Hry zástupce
[2010.10.23 19:04:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.10.23 19:04:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.10.23 15:14:47 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.10.23 15:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2010.10.23 15:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.10.23 15:10:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.10.23 15:10:04 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.10.23 15:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.10.23 15:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010.10.23 15:07:24 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Microsoft Help
[2010.10.23 15:07:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010.10.23 15:07:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.10.23 15:05:04 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.10.22 13:31:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.10.20 19:05:42 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\HEXelon
[2010.10.20 19:04:53 | 000,000,000 | ---D | C] -- C:\Program Files\TC UP
[2010.10.20 15:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Hagel Technologies
[2010.10.19 21:28:10 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\GHISLER
[2010.10.19 21:01:09 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\GHISLER
[2010.10.17 18:44:31 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\seki
[2010.10.17 16:17:07 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\TeamViewer
[2010.10.17 16:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010.10.17 09:42:18 | 000,000,000 | ---D | C] -- C:\Program Files\SignSIS-GUI
[2010.10.17 09:35:56 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Desktop\5800
[2010.10.17 00:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Uloz.to Uploader
[2010.10.16 20:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.10.16 18:51:13 | 000,000,000 | ---D | C] -- C:\Program Files\Kwyshell
[2010.10.14 13:23:20 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 13:22:50 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2010.10.14 13:22:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 13:22:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 13:22:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 13:22:20 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.14 13:22:17 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.14 13:22:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.14 13:22:17 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.14 13:22:17 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 13:22:17 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.14 13:22:17 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.14 13:22:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.14 13:22:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.14 13:22:17 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.14 13:22:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.14 13:22:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.14 13:22:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.14 13:22:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.14 13:22:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.14 13:21:45 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 13:21:44 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 13:21:15 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 13:21:13 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.14 13:21:12 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.09 21:47:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.10.09 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Square Enix
[2010.10.09 17:35:30 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.10.09 17:35:30 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.10.08 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\Pointstone
[2010.10.06 17:56:56 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\ArcSoft
[2010.10.06 17:55:27 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Canon
[2010.10.04 18:19:46 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Microsoft Games
[2010.10.04 16:51:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.10.04 16:47:15 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2010.10.04 14:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\Left 4 Dead 2
[2010.10.03 18:34:44 | 000,000,000 | RH-D | C] -- C:\Users\Fílek\AppData\Roaming\SecuROM
[2010.10.01 15:00:20 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Screaming Bee
[2010.10.01 14:59:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Screaming Bee
[2010.10.01 14:51:01 | 000,000,000 | ---D | C] -- C:\Program Files\AV Vcs 4.0
[2010.09.30 20:06:05 | 000,139,264 | ---- | C] (Creative Technology Ltd) -- C:\Windows\System32\eax.dll
[2010.09.30 20:06:05 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2010.09.30 19:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia
[2010.09.29 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.09.29 19:21:21 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Nová složka
[2010.09.29 08:45:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.28 21:16:07 | 000,000,000 | ---D | C] -- C:\Program Files\AmitySource
[2010.09.28 17:28:58 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Nero
[2010.09.26 18:20:13 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2010.09.26 10:41:08 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\NokiaAccount
[2010.09.26 09:40:05 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Local\Nokia
[2010.09.26 09:38:02 | 000,018,816 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2010.09.26 09:37:25 | 000,000,000 | ---D | C] -- C:\Program Files\PC Connectivity Solution
[2010.09.26 09:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.09.25 20:10:45 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\GTA San Andreas User Files
[2010.09.25 11:29:16 | 000,000,000 | ---D | C] -- C:\ComboFix
[2010.09.25 10:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2010.09.24 17:45:58 | 000,000,000 | ---D | C] -- C:\Users\Fílek\Documents\Eden Games
[2010.09.24 17:33:05 | 000,000,000 | ---D | C] -- C:\game
[2010.09.24 16:00:41 | 000,000,000 | ---D | C] -- C:\Users\Fílek\AppData\Roaming\Malwarebytes
[2010.09.24 13:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite

========== Files - Modified Within 30 Days ==========

[2010.10.24 10:23:36 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.10.24 10:21:58 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.10.24 10:21:57 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.10.24 10:21:21 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.24 10:21:20 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.24 10:21:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.24 10:21:07 | 3220,365,312 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.24 09:52:40 | 000,000,075 | ---- | M] () -- C:\ProgramData\nvUnsupRes.dat
[2010.10.24 09:11:01 | 000,377,528 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.23 21:59:12 | 000,001,768 | ---- | M] () -- C:\Users\Fílek\Desktop\Counter-Strike Source.lnk
[2010.10.22 23:20:24 | 000,138,520 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.10.22 23:20:15 | 000,233,960 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.10.18 16:08:30 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2010.10.18 16:08:30 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2010.10.17 18:50:20 | 000,170,717 | ---- | M] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-25-77.jpg
[2010.10.17 18:46:30 | 000,177,057 | ---- | M] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-17-27.jpg
[2010.10.15 15:36:21 | 000,000,010 | RHS- | M] () -- C:\config.sys
[2010.10.15 15:33:15 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_2
[2010.10.15 14:49:05 | 000,000,173 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\D2Info0
[2010.10.10 21:32:50 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_1
[2010.10.04 16:47:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.04 16:47:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.03 20:11:52 | 000,005,033 | ---- | M] () -- C:\Users\Public\Documents\Global.sw2
[2010.10.03 11:14:29 | 000,000,008 | ---- | M] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_3
[2010.09.26 09:30:24 | 000,697,328 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys

========== Files Created - No Company Name ==========

[2010.10.24 10:23:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.10.24 10:21:58 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.10.24 10:21:57 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.24 09:52:40 | 000,000,075 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2010.10.23 21:59:12 | 000,001,768 | ---- | C] () -- C:\Users\Fílek\Desktop\Counter-Strike Source.lnk
[2010.10.17 18:40:35 | 000,177,057 | ---- | C] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-17-27.jpg
[2010.10.17 18:40:35 | 000,170,717 | ---- | C] () -- C:\Users\Fílek\StreetLegal_Redline 2010-10-17 18-40-25-77.jpg
[2010.10.04 16:47:42 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.10.04 16:47:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.04 16:47:20 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.09.23 20:41:53 | 000,138,056 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\PnkBstrK.sys
[2010.09.20 16:06:10 | 000,000,004 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\steam_md2.dat
[2010.09.18 14:05:10 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_3
[2010.09.18 00:08:00 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_2
[2010.09.18 00:07:38 | 000,000,173 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\D2Info0
[2010.09.18 00:07:38 | 000,000,008 | ---- | C] () -- C:\Users\Fílek\AppData\Roaming\DofusAppId0_1
[2010.09.17 17:14:02 | 000,000,062 | ---- | C] () -- C:\Windows\Wininit.ini
[2010.08.06 13:23:19 | 000,138,520 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.08.06 13:22:40 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2010.07.30 23:06:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.07.30 07:43:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.06.30 11:49:17 | 000,000,000 | ---- | C] () -- C:\ProgramData\driverinfo.txt
[2010.05.12 17:30:59 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.02.12 12:54:15 | 000,000,093 | ---- | C] () -- C:\Users\Fílek\AppData\Local\fusioncache.dat
[2009.12.25 11:40:06 | 000,000,384 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.12.24 19:43:25 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.12.07 20:29:02 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2009.12.07 20:27:30 | 000,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2009.12.05 19:10:50 | 000,697,328 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.12.05 12:54:23 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.12.04 20:04:39 | 000,000,566 | ---- | C] () -- C:\Windows\System32\SP207.INI
[2007.02.13 08:03:42 | 000,001,324 | ---- | C] () -- C:\Windows\TVP3XDrv.ini
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.04.28 17:34:24 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 11:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 11:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 11:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 11:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 11:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 11:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2004.06.27 21:49:42 | 000,159,744 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2002.08.29 19:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Fílek\AppData\Roaming\MafiaSetup.exe

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: AGP440.SYS >
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.19 09:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\ERDNT\cache\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 09:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2009.12.03 18:26:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2009.12.03 18:26:31 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2009.12.03 18:26:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 09:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006.11.02 11:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.19 09:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 09:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.19 09:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 11:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< End of report >

Příspěvekod **jaro3** » 24 říj 2010 11:55

Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL

TNod User? To netuším jak se mi to tam dostalo. Kde mám smazat ten Thunderbird? Nemůžu ho najít.
Podívej sem:
C:\Program Files\TNod User & Password Finder Pokud tam ještě je , zkus odinstalovat nebo rovnou smazat.
Mozilla Thunderbird--tam by měl být (ESS) , ale už jsem ho smazal..

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

Fílek · Příspěvekod **Fílek** » 24 říj 2010 12:06

Děkuju, PC je rychlejší, při tom restartu u OTL to bootovalo rychleji než normálně. Díky Jaro a Memphisto :smile:

Prosím o kontrolu logu + Vyřešeno

Prosím o kontrolu logu +

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu +

Re: Prosím o kontrolu logu +

Re: Prosím o kontrolu logu +

Re: Prosím o kontrolu logu +

Re: Prosím o kontrolu logu +

Re: Prosím o kontrolu logu + Vyřešeno

Kdo je online