dalsi co naletel na FB vir..

[motji]

Já ten log musím pořádně pročíst.

[motji]

Omlouvám se za zpoždění, dřív jsem se k počítači nedostala .

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - services32.exe
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:75D366A3
[2011.07.26 16:38:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
[2011.07.26 16:38:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
[2011.07.26 16:18:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
[2011.07.26 16:16:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\WinRAR
[2011.07.26 16:16:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
[2011.07.26 16:14:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
[2011.07.26 16:11:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
[2011.07.26 16:11:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-3-0
[2011.07.26 16:11:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-3-0-lnk
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [egui] File not found
O2 - BHO: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Gossiper Toolbar) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (FaceSmooch Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (Gossiper Toolbar) - {0A452A47-C5A8-4854-A237-4B9B06B376F0} - C:\Program Files\Gossiper\prxtbGoss.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (FaceSmooch Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll ()
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (XfireXO Toolbar) - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\prxtbXfi2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - Reg Error: Value error. File not found
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1220945662-764733703-725345543-1003\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch3/{709DCD84-3967-4FFF-98A4-3A3342FB2590}
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Documents and Settings\pc\Application Data\Toolbar4
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
C:\Documents and Settings\pc\Application Data\Search Settings
C:\WINDOWS\System32\ezsidmv.dat
 C:\WINDOWS\phoenix.rar
C:\WINDOWS\ufa.rar
 C:\WINDOWS\rpcminer.rar
 C:\WINDOWS\geoiplist
C:\WINDOWS\geoiplist.rar
 C:\WINDOWS\unrar.exe
 C:\WINDOWS\info1
 C:\WINDOWS\loader2.exe_ok

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

[eyewar]

v pohodicke zatial som sa vyspal.. idem na to

[eyewar]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:75D366A3 deleted successfully.
C:\WINDOWS\ufa folder moved successfully.
C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.
C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.
C:\WINDOWS\phoenix\kernels folder moved successfully.
C:\WINDOWS\phoenix folder moved successfully.
C:\WINDOWS\update.2 folder moved successfully.
C:\Documents and Settings\LocalService\Application Data\WinRAR folder moved successfully.
C:\WINDOWS\update.5.0 folder moved successfully.
C:\WINDOWS\av_ico folder moved successfully.
C:\WINDOWS\update.1 folder moved successfully.
C:\WINDOWS\update.tray-3-0 folder moved successfully.
C:\WINDOWS\update.tray-3-0-lnk folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
C:\Program Files\DivX\DivX Update\DivXUpdate.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\egui deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ deleted successfully.
C:\Program Files\Gossiper\prxtbGoss.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\prxConduitEngine.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
File C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ deleted successfully.
C:\Program Files\XfireXO\prxtbXfi2.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
C:\Program Files\FaceSmooch Toolbar\tbcore3.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0a452a47-c5a8-4854-a237-4b9b06b376f0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0a452a47-c5a8-4854-a237-4b9b06b376f0}\ not found.
File C:\Program Files\Gossiper\prxtbGoss.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
File C:\Program Files\ConduitEngine\prxConduitEngine.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ deleted successfully.
File C:\Program Files\FaceSmooch Toolbar\tbcore3.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
File C:\Program Files\XfireXO\prxtbXfi2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0A452A47-C5A8-4854-A237-4B9B06B376F0} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A452A47-C5A8-4854-A237-4B9B06B376F0}\ not found.
File C:\Program Files\Gossiper\prxtbGoss.dll not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ not found.
File C:\Program Files\FaceSmooch Toolbar\tbcore3.dll not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}\ not found.
File C:\Program Files\XfireXO\prxtbXfi2.dll not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "XfireXO Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.conduit.com/ResultsExt.as ... earchTerms}" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{F3FEE66E-E034-436a-86E4-9690573BEE8A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436a-86E4-9690573BEE8A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1220945662-764733703-725345543-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files\ICQ6Toolbar\ICQToolBar.dll not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002979_.tmp moved successfully.
C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP folder moved successfully.
C:\WINDOWS\8A809006C25A4A3A9DAB94659BCDB107.TMP folder moved successfully.
C:\WINDOWS\95FC26FB19FD4A96BBB1B1062E8648F5.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\nsc6.tmp moved successfully.
C:\WINDOWS\SET29.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP111.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP189.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1D4.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B8.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2D7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP502.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E3E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F67.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7ECF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9F7.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI26F.tmp moved successfully.
C:\WINDOWS\Installer\MSI2823.tmp moved successfully.
C:\WINDOWS\Installer\MSI2861.tmp moved successfully.
C:\WINDOWS\Installer\MSI2862.tmp moved successfully.
C:\WINDOWS\Installer\MSI2863.tmp moved successfully.
C:\WINDOWS\Installer\MSI2883.tmp moved successfully.
C:\WINDOWS\Installer\MSI28E4.tmp moved successfully.
C:\WINDOWS\Installer\MSI7FC.tmp moved successfully.
C:\WINDOWS\Installer\MSIE0.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt211.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt223.tmp moved successfully.
C:\WINDOWS\system32\ConduitEngine.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\system32\tmp1B.tmp moved successfully.
C:\WINDOWS\system32\tmp1C.tmp moved successfully.
C:\WINDOWS\Temp\OCL34.tmp moved successfully.
C:\WINDOWS\Temp\OCL3A.tmp moved successfully.
C:\WINDOWS\Temp\OCL43.tmp moved successfully.
C:\WINDOWS\Temp\OCL4E.tmp moved successfully.
C:\WINDOWS\Temp\OCL58.tmp moved successfully.
C:\WINDOWS\Temp\OCL5F.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgends.tmp moved successfully.
C:\Documents and Settings\pc\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files folder moved successfully.
C:\Documents and Settings\pc\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache folder moved successfully.
C:\Documents and Settings\pc\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E} folder moved successfully.
C:\Documents and Settings\pc\Application Data\Toolbar4 folder moved successfully.
C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Documents and Settings\pc\Application Data\Search Settings\temp folder moved successfully.
C:\Documents and Settings\pc\Application Data\Search Settings\res folder moved successfully.
C:\Documents and Settings\pc\Application Data\Search Settings folder moved successfully.
C:\WINDOWS\System32\ezsidmv.dat moved successfully.
C:\WINDOWS\phoenix.rar moved successfully.
C:\WINDOWS\ufa.rar moved successfully.
C:\WINDOWS\rpcminer.rar moved successfully.
C:\WINDOWS\geoiplist moved successfully.
C:\WINDOWS\geoiplist.rar moved successfully.
C:\WINDOWS\unrar.exe moved successfully.
C:\WINDOWS\info1 moved successfully.
C:\WINDOWS\loader2.exe_ok moved successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33373 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 270393370 bytes

User: pc
->Temp folder emptied: 16086353 bytes
->Temporary Internet Files folder emptied: 35748996 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 241674562 bytes
->Google Chrome cache emptied: 6155409 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 9858 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1442620 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 158292619 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 696,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

User: pc
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.26.1 log created on 07272011_220301

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

[motji]

Poprosím o nový log ze rsitu, jak je na tom počítač?

[eyewar]

ako som uz hovoril. problem bol celkom vcera ked sa zasekaval a tak.. ale potom to uz bolo v poho. oka spravim rkill

[motji]

Ne rkill, ale rsit

[eyewar]

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 27.07.2011 at 22:15:42.
Operating System: Microsoft Windows XP


Processes terminated by Rkill or while it was running:



Rkill completed on 27.07.2011 at 22:15:45.

[eyewar]

jaj prepac

[eyewar]

Logfile of random's system information tool 1.09 (written by random/random)
Run by pc at 2011-07-27 22:16:50
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (2%) free of 477 GB
Total RAM: 3327 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:55, on 27.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ASUS\Six Engine\SixEngine.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
c:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\WINDOWS\emMON.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\GamersFirst\LIVE!\Live.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Programy\Tunngle\TnglCtrl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\pc\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\pc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch Toolbar\tbhelper.dll
R3 - URLSearchHook: (no name) - {0a452a47-c5a8-4854-a237-4b9b06b376f0} - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\Six Engine\SixEngine.exe" -r
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Remote Control.lnk = C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
O4 - Global Startup: SetPointII.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.21.0.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8ECB3DC3-6D8D-4789-8AA8-111D6B5A694D}: NameServer = 217.118.96.203,217.118.96.205
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate1ca3d78520b2574) (gupdate1ca3d78520b2574) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PEVSystemStart - Unknown owner - C:\ComboFix\pev.cfxxe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe

--
End of file - 13542 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default

prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "anycolor.pavlos256@gmail.com:0.3.3, battlefieldheroespatcher@ea.com:4.0.23.0, {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, personas@christopher.beard:1.6.2, {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2, youtubedownloader@mybrowserbar.com:4.3, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, toolbar@ask.com:3.11.3.15590, wtxpcom@mybrowserbar.com:4.3, 2020Player@2020Technologies.com:4.5.4.0, engine@conduit.com:3.3.3.2, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, mozilla_cc@internetdownloadmanager.com:7.2.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, nasanightlaunch@example.com:0.6.20110419, redshift_V2@shift-themes.com:3.6"
prefs.js - "keyword.URL" - "http://slirsredirect.search.aol.com/sli ... pab&query="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@comrade.gamespy.com/comrade]
"Description"=
"Path"=C:\Program Files\GameSpy\Comrade\npcomrade.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gamersfirst.com/LiveLauncher]
"Description"=GamersFirst LIVE! Web Launcher
"Path"=C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@research.microsoft.com/HDView]
"Description"=Microsoft Research HD View
"Path"=C:\Program Files\Microsoft Research\HD View\nphdview.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npijjiCHPlugin.xpt
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npDivxPlayerPlugin.dll
npijjiautoinstallpluginff.dll
npijjiCHPlugin.dll
npLegitCheckPlugin.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class
uc_luminary_launching.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\
2020Player@2020Technologies.com
anycolor.pavlos256@gmail.com
battlefieldheroespatcher@ea.com
personas@christopher.beard
redshift_V2@shift-themes.com
toolbar@ask.com
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
{20a82645-c095-46ed-80e3-08825760534b}
{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}

C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
search.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2008-03-24 884736]
"Six Engine"=C:\Program Files\ASUS\Six Engine\SixEngine.exe [2008-05-14 5958656]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-07-17 55824]
"VolPanel"=C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe [2008-05-05 221300]
"NPSStartup"= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe [2003-09-15 270336]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2010-07-21 1778064]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-03-16 1040384]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2010-10-30 20480]
"LVCOMS"=C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE [2002-12-10 127022]
"LogitechGalleryRepair"=C:\Program Files\Logitech\ImageStudio\ISStart.exe [2002-12-10 155648]
"LogitechImageStudioTray"=C:\Program Files\Logitech\ImageStudio\LogiTray.exe [2002-12-10 61440]
"emMON"=C:\WINDOWS\emMON.exe [2006-05-31 61440]
"QuickTime Task"=C:\Program Files\QuickTime Alternative\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-01-25 421160]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-05 98304]
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-05-17 395144]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RocketDock"=C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-19 630784]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2010-01-25 102400]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-05-19 1957888]
"LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe [2010-10-30 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for ViewSonic\traybar.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^ASUS WiFi-AP @n Utility.lnk]
C:\PROGRA~1\ASUS\WIFI-A~1\WIFI-A~1.EXE [2007-08-15 1224704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2003-09-16 237568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk]
C:\PROGRA~1\INTERV~1\Common\Bin\WINCIN~1.EXE [2004-06-04 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^pc^Start Menu^Programs^Startup^FreeRapid 0.82.lnk]
C:\DOCUME~1\pc\Desktop\FREERA~1.82\frd.exe [2009-04-15 35840]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Remote Control.lnk - C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetpointII.exe

C:\Documents and Settings\pc\Start Menu\Programs\Startup
Alienware Dock.lnk - C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
RocketDock.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
TransBar.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
UberIcon.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
Y'z Shadow.lnk - C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-05-05 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCMD"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableSecureUIAPaths"=0
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoFolderOptions"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoFolderOptions"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\InterVideo\DVD6\WinDVD.exe"="C:\Program Files\InterVideo\DVD6\WinDVD.exe:*:Enabled:WinDVD"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe"="F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="F:\Games\Valves\Steam\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe"="F:\Games\valve\SteamApps\eyewar123\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\games\Warcraft III\Warcraft III.exe"="C:\games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="D:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Games\valve\Steam.exe"="D:\Games\valve\Steam.exe:*:Enabled:Steam"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Programy\Garena\Garena.exe"="C:\Programy\Garena\Garena.exe:*:Enabled:Garena"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\games\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\games\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\games\BFHeroes.exe"="C:\games\BFHeroes.exe:*:Enabled:BFHeroes"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe"="C:\Program Files\Ahead\ODD Toolkit\ODDUpdate.exe:*:Enabled:AsusUpdate"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\cod4\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\pc\temp\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\games\HiveRise\HiveRise.exe"="C:\games\HiveRise\HiveRise.exe:*:Enabled:HiveRise"
"D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe"="D:\Games\Electronic Arts\BattleForge\Bootstrapper.exe:*:Enabled:BattleForge™ Launcher"
"D:\Games\Electronic Arts\BattleForge\BattleForge.exe"="D:\Games\Electronic Arts\BattleForge\BattleForge.exe:*:Enabled:BattleForge™"
"D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe"="D:\Games\supcom\SupCom\Supreme Commander\bin\SupremeCommander.exe:*:Enabled:Supreme Commander Application"
"C:\Program Files\GameSpy\Comrade\Comrade.exe"="C:\Program Files\GameSpy\Comrade\Comrade.exe:*:Enabled:Comrade"
"D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe"="D:\Games\Ubisoft\Tom Clancy's Splinter Cell Double Agent\SCDA-Offline\System\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\FirefoxPortable\App\Firefox\firefox.exe"="C:\FirefoxPortable\App\Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe"="D:\Progames\Ubisoft\Gearbox Software\Brothers in Arms - Hell's Highway\Binaries\biahh.exe:*:Enabled:biahh"
"D:\Games\RESIDENT EVIL 5\RE5DX9.EXE"="D:\Games\RESIDENT EVIL 5\RE5DX9.EXE:*:Enabled:RESIDENT EVIL 5"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Messenger\Msmsgs.exe"="C:\Program Files\Messenger\Msmsgs.exe:*:Enabled:Windows Messenger"
"D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe"="D:\Games\valve\SteamApps\eyewar123\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe"="D:\Games\Volition Inc\Red Faction Guerrilla\rfg.exe:*:Enabled:Red Faction: Guerrilla"
"D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe"="D:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Games\World of Warcraft\Launcher.exe"="D:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe"="D:\Games\2K Games\Gearbox Software\Borderlands\Binaries\Borderlands.exe:*:Enabled:Borderlands"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="D:\Games\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"D:\Games\Mass Effect\Binaries\MassEffect.exe"="D:\Games\Mass Effect\Binaries\MassEffect.exe:*:Enabled:Mass Effect Game"
"D:\Games\Mass Effect\MassEffectLauncher.exe"="D:\Games\Mass Effect\MassEffectLauncher.exe:*:Enabled:Mass Effect Launcher"
"D:\Games\Mass Effect 2\Binaries\MassEffect2.exe"="D:\Games\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Hra"
"D:\Games\Mass Effect 2\MassEffect2Launcher.exe"="D:\Games\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Spustit"
"D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Games\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe"="C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction"
"C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe"="C:\games\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction aktualizace"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\games\League of Legends\Air\LolClient.exe"="C:\games\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\games\League of Legends\Game\League of Legends.exe"="C:\games\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\games\World of Warcraft Public Test\Launcher.exe"="C:\games\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\games\World of Warcraft Public Test\Launcher.patch.exe"="C:\games\World of Warcraft Public Test\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\games\Activision\Modern Warfare 2\iw4mp.exe"="C:\games\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe"="D:\Games\valve\SteamApps\common\trackmania nations forever\TmForever.exe:*:Enabled:TrackMania Nations Forever"
"D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe"="D:\Games\valve\SteamApps\common\trackmania nations forever\TmForeverLauncher.exe:*:Enabled:TrackMania Nations Forever"
"D:\Games\World of Warcraft\Launcher.patch.exe"="D:\Games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Games\World of Warcraft\Blizzard Downloader.exe"="D:\Games\World of Warcraft\Blizzard Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe"="C:\ijji\ENGLISH\GenesisAD\AnotherDay.exe:*:Enabled:AnotherDay"
"C:\ijji\ENGLISH\GenesisAD\GameConsole.bin"="C:\ijji\ENGLISH\GenesisAD\GameConsole.bin:*:Enabled:adhost"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Enabled:backWeb-8876480"
"C:\Program Files\REACTOR\ijjiOptimizer.exe"="C:\Program Files\REACTOR\ijjiOptimizer.exe:*:Enabled:ijjiOptimizer.exe"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe"="D:\Games\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Games\505games\1C\Men of War\mow.exe"="D:\Games\505games\1C\Men of War\mow.exe:*:Disabled:Main executable"
"C:\DeadSpace2 MULTI6\deadspace2.exe"="C:\DeadSpace2 MULTI6\deadspace2.exe:*:Enabled:Dead Space™ 2"
"D:\Games\valve\SteamApps\common\alien swarm\srcds.exe"="D:\Games\valve\SteamApps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe"="D:\Games\Duty Calls\binaries\Win32\DutyCalls.exe:*:Enabled:DutyCalls"
"D:\Games\Paradox Interactive\Magicka\Magicka.exe"="D:\Games\Paradox Interactive\Magicka\Magicka.exe:*:Enabled:Magicka"
"D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe"="D:\Games\Stunlock Studios\Bloodline Champions\Binary\BloodlineChampions.exe:*:Enabled:Bloodline Champions"
"D:\Games\CCP\EVE\bin\ExeFile.exe"="D:\Games\CCP\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile"
"C:\Programy\Xfire\Xfire.exe"="C:\Programy\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe"="D:\Games\valve\SteamApps\common\r.u.s.e\Ruse.exe:*:Enabled:R.U.S.E"
"C:\games\World of Warcraft\Launcher.patch.exe"="C:\games\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\runme.exe:*:Enabled:Command and Conquer: Red Alert 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game"="D:\Games\valve\SteamApps\common\command and conquer red alert 3\Data\ra3_1.12.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe"="D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\RA3EP1.exe:*:Enabled:Command and Conquer: Red Alert 3 - Uprising"
"D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm"="D:\Games\valve\SteamApps\common\command and conquer red alert 3 uprising\Support\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Command and Conquer: Red Alert 3 - Uprising"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe"="D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Launcher.exe:*:Enabled:Crysis® 2 Demo"
"D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe"="D:\Games\Electronic Arts\Crytek\Crysis 2 Demo\bin32\Crysis2Demo.exe:*:Enabled:Crysis2Demo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.ACDV"=ACDV.dll
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.LEAD"=LCODCCMP.DLL
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.voxacm160"=vct3216.acm
"MSVideo"=vfwwdm32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"vidc.mxmc"=MimicICM.DLL
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.MP43"=mpg4c32.dll
"msacm.divxa32"=msaud32_divx.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-07-27 22:03:01 ----D---- C:\_OTL
2011-07-27 00:13:57 ----D---- C:\Documents and Settings\pc\Application Data\Malwarebytes
2011-07-27 00:13:53 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-07-27 00:13:53 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-27 00:13:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-27 00:13:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-26 23:54:04 ----D---- C:\rsit
2011-07-26 23:54:04 ----D---- C:\Program Files\trend micro
2011-07-26 23:11:41 ----SD---- C:\ComboFix
2011-07-26 22:46:28 ----A---- C:\Boot.bak
2011-07-26 22:46:23 ----RASHD---- C:\cmdcons
2011-07-26 22:44:30 ----A---- C:\WINDOWS\zip.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWSC.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\SWREG.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\sed.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\PEV.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\MBR.exe
2011-07-26 22:44:30 ----A---- C:\WINDOWS\grep.exe
2011-07-26 22:44:24 ----D---- C:\WINDOWS\ERDNT
2011-07-26 22:40:57 ----D---- C:\Qoobox
2011-07-26 16:18:54 ----A---- C:\WINDOWS\iecheck_iplist.txt
2011-07-26 16:17:07 ----A---- C:\WINDOWS\btc_client_iplist.txt
2011-07-26 16:15:35 ----A---- C:\WINDOWS\iplist.txt
2011-07-26 16:14:51 ----A---- C:\WINDOWS\front_ip_list.txt
2011-07-26 15:57:39 ----A---- C:\WINDOWS\winlog-ids.txt
2011-07-26 15:57:39 ----A---- C:\WINDOWS\winlog-dirs.txt
2011-07-20 16:12:14 ----A---- C:\APB_Reloaded_Installer.exe
2011-07-20 15:47:56 ----D---- C:\Program Files\GamersFirst
2011-07-19 17:26:14 ----D---- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
2011-07-17 19:31:22 ----ASH---- C:\pagefile.sys
2011-07-16 05:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-16 05:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-05 03:43:30 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-07-05 01:03:42 ----D---- C:\menofwar1.90.4
2011-07-04 17:19:18 ----D---- C:\Super.Street.Fighter.IV.Arcade.Edition-SKIDROW
2011-07-03 22:25:31 ----D---- C:\terrariaverzia
2011-07-03 22:06:04 ----A---- C:\WINDOWS\system32\Access.dat
2011-07-03 21:53:55 ----D---- C:\Documents and Settings\pc\Application Data\Tunngle
2011-07-03 21:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Tunngle
2011-07-03 21:53:51 ----A---- C:\WINDOWS\system32\drivers\tap0901t.sys
2011-07-03 20:46:35 ----D---- C:\Men.of.War.Assault.Squad-SKIDROW
2011-06-29 17:53:52 ----D---- C:\crackalice
2011-06-29 17:45:19 ----D---- C:\Crack
2011-06-29 10:09:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-06-28 22:36:27 ----D---- C:\Alice.Madness.Returns.Crackfix-SKIDROW

======List of files/folders modified in the last 1 month======

2011-07-27 22:16:55 ----D---- C:\WINDOWS\Prefetch
2011-07-27 22:15:52 ----D---- C:\WINDOWS\Temp
2011-07-27 22:13:36 ----D---- C:\Documents and Settings\pc\Application Data\Skype
2011-07-27 22:08:16 ----D---- C:\WINDOWS\system32\config
2011-07-27 22:05:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-27 22:04:32 ----SD---- C:\WINDOWS\Tasks
2011-07-27 22:04:32 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-27 22:04:32 ----D---- C:\WINDOWS\system32
2011-07-27 22:04:32 ----AD---- C:\WINDOWS
2011-07-27 22:04:31 ----D---- C:\WINDOWS\twain_32
2011-07-27 22:04:20 ----SHD---- C:\WINDOWS\Installer
2011-07-27 22:04:15 ----SHD---- C:\WINDOWS\CSC
2011-07-27 22:03:25 ----D---- C:\Program Files\ICQ6Toolbar
2011-07-27 22:03:23 ----D---- C:\Program Files\FaceSmooch Toolbar
2011-07-27 22:03:20 ----D---- C:\Program Files\Ask.com
2011-07-27 22:03:19 ----D---- C:\Program Files\XfireXO
2011-07-27 22:03:16 ----D---- C:\Program Files\ConduitEngine
2011-07-27 22:03:14 ----D---- C:\Program Files\Gossiper
2011-07-27 22:01:32 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files
2011-07-27 20:08:38 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-07-27 09:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2011-07-27 09:22:51 ----D---- C:\WINDOWS\system32\drivers
2011-07-27 09:20:39 ----D---- C:\Terraria.v1.0.2.cracked-THETA
2011-07-27 08:12:06 ----D---- C:\Documents and Settings\pc\Application Data\PriceGong
2011-07-27 00:13:50 ----D---- C:\Program Files
2011-07-26 23:19:17 ----D---- C:\WINDOWS\AppPatch
2011-07-26 23:19:15 ----D---- C:\Program Files\Common Files
2011-07-26 23:12:10 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-26 22:46:28 ----RASH---- C:\boot.ini
2011-07-26 22:35:37 ----D---- C:\Program Files\Mozilla Firefox
2011-07-26 16:21:39 ----SHD---- C:\System Volume Information
2011-07-26 16:21:39 ----D---- C:\WINDOWS\system32\Restore
2011-07-26 09:18:48 ----D---- C:\OA
2011-07-25 22:51:41 ----D---- C:\Documents and Settings\pc\Application Data\Mumble
2011-07-25 01:40:26 ----RD---- C:\Program Files\Skype
2011-07-25 01:40:24 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2011-07-25 01:40:09 ----D---- C:\Documents and Settings\All Users\Application Data\Easybits GO
2011-07-25 01:40:01 ----D---- C:\Documents and Settings\pc\Application Data\go
2011-07-22 16:02:58 ----D---- C:\WINDOWS\Debug
2011-07-22 08:58:47 ----A---- C:\WINDOWS\wincmd.ini
2011-07-21 23:05:31 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-07-20 19:00:26 ----D---- C:\Program Files\REACTOR
2011-07-20 17:33:54 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-07-20 17:33:50 ----D---- C:\WINDOWS\system32\DirectX
2011-07-20 17:33:49 ----HD---- C:\WINDOWS\inf
2011-07-20 17:18:17 ----D---- C:\games
2011-07-20 04:05:56 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-19 17:21:29 ----RSD---- C:\WINDOWS\assembly
2011-07-19 17:21:03 ----D---- C:\WINDOWS\WinSxS
2011-07-19 17:17:03 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-16 17:13:13 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-16 05:49:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-16 05:46:32 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-16 05:46:23 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-07-13 09:29:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-13 00:02:43 ----D---- C:\Documents and Settings\All Users\Application Data\Skype Extras
2011-07-10 06:20:18 ----D---- C:\Documents and Settings\pc\Application Data\uTorrent
2011-07-05 23:17:56 ----D---- C:\Program Files\Zrychlenie PC
2011-07-05 18:38:52 ----D---- C:\Documents and Settings\pc\Application Data\Xfire
2011-07-03 21:55:02 ----D---- C:\Programy
2011-07-03 21:53:51 ----RSD---- C:\WINDOWS\Fonts
2011-06-29 10:10:00 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mv61xx;mv61xx; C:\WINDOWS\system32\DRIVERS\mv61xx.sys [2008-05-19 150568]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-09-29 66048]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 appdrv01;Application Driver (01); C:\WINDOWS\System32\Drivers\appdrv01.sys [2010-04-13 2627760]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-08-20 9072]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-08-20 9200]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-19 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-19 25888]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-03-24 331264]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-05-05 6537728]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdXP3.sys [2011-03-30 101392]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-07-17 34960]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-07-17 36240]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-02-26 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-04-16 10368]
R3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0); C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-12-10 236121]
R3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys [2006-03-17 392960]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-08-15 265856]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 catchme;catchme; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-01-21 24504]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\pc\LOCALS~1\Temp\UGM8BE4.tmp []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Programy\Garena\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-02-26 51056]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-02-26 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-02-26 21488]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2007-07-28 517632]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\WINDOWS\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\WINDOWS\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\WINDOWS\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 skfilt;skfilt; C:\WINDOWS\system32\drivers\skfilt.sys [2008-02-12 1670016]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 USB28xxBGA;USB 2870 Device; C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-09-12 292864]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-22 7168]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-01-05 37664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-05-05 643072]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 417792]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-07-24 53248]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-07-20 75136]
R2 TunngleService;TunngleService; C:\Programy\Tunngle\TnglCtrl.exe [2011-07-15 741624]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-01-25 820008]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\WINDOWS\System32\appdrvrem01.exe [2010-04-13 316888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-25 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe []
S2 gupdate1ca3d78520b2574;Služba Google Update (gupdate1ca3d78520b2574); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-25 133104]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.cfxxe [2011-06-26 256000]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-08-25 79360]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-25 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-03-14 3613896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-02-26 65795]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[motji]

Ještě doladíme pár drobností, ale můžu Vás poprosit, spustte znovu OTL a dejte sken. Pak mi sem vložte log.

[eyewar]

OTL logfile created on: 27.7.2011 22:21:25 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Documents and Settings\pc\My Documents\Preberanie
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovakia | Language: SKY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 69,87% Memory free
7,09 Gb Paging File | 6,11 Gb Available in Paging File | 86,12% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 11,42 Gb Free Space | 2,45% Space Free | Partition Type: NTFS
Drive D: | 465,75 Gb Total Space | 7,16 Gb Free Space | 1,54% Space Free | Partition Type: NTFS
Drive F: | 5,40 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: MATRIX | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.27 09:37:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Preberanie\OTL.exe
PRC - [2011.07.20 15:48:15 | 003,071,384 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011.07.15 03:14:44 | 000,741,624 | ---- | M] (Tunngle.net GmbH) -- C:\Programy\Tunngle\TnglCtrl.exe
PRC - [2011.06.30 22:21:10 | 002,588,784 | ---- | M] (GamersFirst) -- C:\Program Files\GamersFirst\LIVE!\Live.exe
PRC - [2011.06.27 22:51:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.10.30 14:22:50 | 000,020,480 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2010.10.30 14:21:06 | 000,016,384 | ---- | M] () -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.01.25 00:57:29 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.05.14 18:42:56 | 005,958,656 | ---- | M] () -- C:\Program Files\ASUS\Six Engine\SixEngine.exe
PRC - [2008.04.30 04:27:50 | 000,417,792 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2008.04.14 02:12:19 | 000,975,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.08.30 18:13:06 | 000,319,488 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\SetPoint II\SetPointII.exe
PRC - [2007.08.27 12:52:28 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2007.03.19 00:05:02 | 000,630,784 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
PRC - [2006.10.05 14:05:51 | 000,090,112 | ---- | M] (Kworld Computer Co., Ltd.) -- C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe
PRC - [2006.10.03 17:12:08 | 002,074,360 | ---- | M] (Stardock) -- C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
PRC - [2006.05.31 06:24:20 | 000,061,440 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\emMON.exe
PRC - [2006.05.21 09:43:14 | 000,155,648 | ---- | M] (Y'z@Home) -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
PRC - [2006.05.21 09:43:08 | 000,180,224 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
PRC - [2005.05.12 11:02:24 | 000,437,760 | ---- | M] (Stardock Systems, Inc) -- C:\Program Files\AlienGUIse\wbload.exe
PRC - [2003.08.04 17:28:18 | 000,049,152 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\HP Software Update\hpwuSchd.exe


========== Modules (SafeList) ==========

MOD - [2011.07.27 09:37:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Preberanie\OTL.exe
MOD - [2010.10.30 14:21:06 | 000,024,576 | ---- | M] (BackWeb) -- C:\Documents and Settings\pc\Local Settings\TempIadHide3.dll
MOD - [2010.08.23 18:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2007.03.19 00:04:22 | 000,069,632 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
MOD - [2006.08.08 14:09:54 | 000,501,821 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\AlienGUIse\wblind.dll
MOD - [2006.08.01 21:16:56 | 000,020,480 | ---- | M] () -- C:\Program Files\AlienGUIse\AlienwareDock\DockShellHookOEM.dll
MOD - [2006.05.21 09:43:14 | 000,053,248 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.dll
MOD - [2006.05.21 09:43:08 | 000,065,536 | ---- | M] () -- C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon.dll
MOD - [2003.02.26 22:24:32 | 000,028,740 | ---- | M] (Stardock.Net, Inc) -- C:\Program Files\AlienGUIse\wbhelp.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (wuauserv)
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - File not found [Auto | Stopped] -- -- (ekrn)
SRV - File not found [On_Demand | Stopped] -- -- (EhttpSrv)
SRV - [2011.07.15 03:14:44 | 000,741,624 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Programy\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.06.02 16:58:20 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.04.13 02:26:55 | 000,316,888 | ---- | M] (Protection Technology) [Auto | Stopped] -- C:\WINDOWS\System32\appdrvrem01.exe -- (appdrvrem01) Application Driver Auto Removal Service (01)
SRV - [2010.03.14 21:46:00 | 003,613,896 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc)
SRV - [2009.08.25 09:33:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009.03.31 10:39:36 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.04.30 04:27:50 | 000,417,792 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.04.07 10:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2004.02.26 12:56:42 | 000,065,795 | R--- | M] (HP) [On_Demand | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)


========== Driver Services (SafeList) ==========

DRV - [2011.05.05 08:06:16 | 006,537,728 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011.03.30 20:46:12 | 000,101,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.04.13 02:26:56 | 002,627,760 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\appdrv01.sys -- (appdrv01) Application Driver (01)
DRV - [2010.04.12 10:44:34 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.01.21 11:48:38 | 000,024,504 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV - [2009.11.16 10:06:48 | 000,055,768 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdi.sys -- (epfwtdi)
DRV - [2009.11.16 10:06:44 | 000,135,048 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\epfw.sys -- (epfw)
DRV - [2009.11.16 10:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.11.16 09:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.09.16 08:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV - [2009.06.19 09:10:40 | 000,033,096 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009.04.19 06:05:32 | 000,279,712 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.04.19 06:01:18 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.04.16 12:50:04 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2009.03.31 10:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009.03.20 11:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2009.03.20 11:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2009.03.20 11:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM)
DRV - [2008.08.20 19:58:58 | 000,009,200 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2008.08.20 19:58:58 | 000,009,072 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2008.05.19 09:46:30 | 000,150,568 | R--- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mv61xx.sys -- (mv61xx)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.02.12 04:50:56 | 001,670,016 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\skfilt.sys -- (skfilt)
DRV - [2008.01.25 11:12:34 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2007.12.17 11:14:06 | 000,012,400 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2007.09.17 16:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.08.15 10:22:00 | 000,265,856 | R--- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2007.07.28 14:50:36 | 000,517,632 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2007.07.17 17:40:20 | 000,036,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2007.07.17 17:40:14 | 000,034,960 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.06.18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem)
DRV - [2007.04.03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116unic.sys -- (s116unic) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM)
DRV - [2007.04.03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116obex.sys -- (s116obex)
DRV - [2007.04.03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116nd5.sys -- (s116nd5) Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS)
DRV - [2007.04.03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mgmt.sys -- (s116mgmt) Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdm.sys -- (s116mdm)
DRV - [2007.04.03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116mdfl.sys -- (s116mdfl)
DRV - [2007.04.03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s116bus.sys -- (s116bus) Sony Ericsson Device 116 driver (WDM)
DRV - [2007.04.03 13:59:30 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s616bus.sys -- (s616bus) Sony Ericsson Device 616 driver (WDM)
DRV - [2006.09.12 22:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2006.08.22 00:38:46 | 000,007,168 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006.03.17 11:18:58 | 000,392,960 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2005.09.29 19:01:51 | 000,066,048 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005.08.10 16:06:28 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2005.08.10 14:44:04 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2002.12.10 17:53:24 | 000,236,121 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CamDrL21.sys -- (PhilCam8116) Logitech QuickCam Pro 3000(PID_08B0)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKCU\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch Toolbar\tbhelper.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.param.yahoo-fr: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.useDBForOrder: ""
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:4.0.23.0
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:3.3.3.2
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: 2020Player@2020Technologies.com:4.5.4.0
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.2.8
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20110419
FF - prefs.js..extensions.enabledItems: redshift_V2@shift-themes.com:3.6
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/sli ... pab&query="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@comrade.gamespy.com/comrade: C:\Program Files\GameSpy\Comrade\npcomrade.dll (IGN Entertainment)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Documents and Settings\pc\Application Data\Octoshape\Octoshape Streaming Services\sua-1002170-0-npoctoshape.dll (Octoshape ApS)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\pc\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\www.floatingminds.com/Tunnelers: C:\games\Tunnelers\npTunnelers.dll (Floating Minds)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.04.16 21:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.04.16 21:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.06.27 22:51:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.06 15:53:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Documents and Settings\pc\Application Data\IDM\idmmzcc3

[2009.09.06 07:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions
[2009.09.06 07:22:36 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions\prism@developer.mozilla.org
[2011.07.07 21:04:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions
[2011.06.28 12:33:45 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.06.29 15:02:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.28 12:33:47 | 000,000,000 | ---D | M] (XfireXO Community Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2011.03.22 19:50:03 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.12.28 01:33:21 | 000,000,000 | ---D | M] (20-20 3D Viewer) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\2020Player@2020Technologies.com
[2010.08.25 15:13:52 | 000,000,000 | ---D | M] (AnyColor) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\anycolor.pavlos256@gmail.com
[2009.09.16 17:08:12 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\battlefieldheroespatcher@ea.com
[2011.03.22 19:50:03 | 000,000,000 | ---D | M] (Personas) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\personas@christopher.beard
[2010.11.20 00:49:44 | 000,000,000 | ---D | M] (RedShift V3.6) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\redshift_V2@shift-themes.com
[2011.05.27 17:00:29 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\toolbar@ask.com
[2011.07.26 23:28:13 | 000,002,396 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\askcom.xml
[2010.04.21 12:06:36 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\conduit.xml
[2011.07.23 07:32:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-1.xml
[2010.02.05 15:53:13 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-10.xml
[2010.02.07 05:26:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-11.xml
[2010.02.19 18:46:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-12.xml
[2010.03.13 20:26:20 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-13.xml
[2010.03.24 02:57:23 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-14.xml
[2010.04.03 13:03:35 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-15.xml
[2010.05.30 04:15:33 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-16.xml
[2010.06.27 22:34:11 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-17.xml
[2010.06.27 22:35:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-18.xml
[2010.07.21 04:18:00 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-19.xml
[2009.07.27 14:13:57 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-2.xml
[2010.07.25 05:57:18 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-20.xml
[2010.09.08 14:29:42 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-21.xml
[2010.09.17 21:46:01 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-22.xml
[2010.09.17 22:32:27 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-23.xml
[2010.10.21 04:50:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-24.xml
[2010.10.29 05:44:49 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-25.xml
[2010.11.16 08:17:29 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-26.xml
[2010.12.11 22:23:16 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-27.xml
[2011.03.03 01:28:05 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-28.xml
[2011.03.06 23:07:50 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-29.xml
[2009.08.04 16:15:13 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-3.xml
[2011.03.11 10:43:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-30.xml
[2011.03.24 00:52:06 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-31.xml
[2011.04.30 08:32:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-32.xml
[2011.05.07 03:14:02 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-33.xml
[2009.09.02 06:29:59 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-4.xml
[2009.09.06 10:21:56 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-5.xml
[2009.10.28 20:46:19 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-6.xml
[2009.11.06 04:54:08 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-7.xml
[2009.12.17 03:00:20 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-8.xml
[2010.01.07 05:09:29 | 000,000,961 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin-9.xml
[2010.05.12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\icqplugin.xml
[2011.03.30 17:50:36 | 000,002,380 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\search.xml
[2009.08.08 09:18:06 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\winamp-search.xml
[2011.05.06 15:53:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.04.21 20:43:40 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.07.14 02:01:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) --
[2009.04.17 01:58:18 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.27 22:51:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.27 17:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009.01.29 13:08:06 | 000,132,528 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiCHPlugin.dll
[2009.03.31 18:43:32 | 000,053,248 | ---- | M] (<NHN USA Inc>.) -- C:\Program Files\mozilla firefox\plugins\uc_luminary_launching.dll
[2010.01.01 10:00:00 | 000,001,583 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\atlas-sk.xml
[2010.01.01 10:00:00 | 000,001,380 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\azet-sk.xml
[2010.01.01 10:00:00 | 000,001,479 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\dunaj-sk.xml
[2010.01.01 10:00:00 | 000,001,473 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slovnik-sk.xml
[2010.01.01 10:00:00 | 000,001,104 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-sk.xml
[2010.01.01 10:00:00 | 000,000,830 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\zoznam-sk.xml

O1 HOSTS File: ([2011.07.27 22:04:32 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [emMON] C:\WINDOWS\emMON.exe (eMPIA Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe (Logitech Inc.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\Six Engine\SixEngine.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe ()
O4 - HKCU..\Run: [NBJ] C:\Program Files\Ahead\Nero BackItUp\NBJ.exe (Ahead Software AG)
O4 - HKCU..\Run: [RocketDock] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe (Logitech)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Remote Control.lnk = C:\Program Files\KWorld Multimedia\EM_USB Device Utilities\EMRCtl.exe (Kworld Computer Co., Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SetPointII.lnk = C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Alienware Dock.lnk = C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe (Stardock)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe ()
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe (AKSoftware)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe ()
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe (Y'z@Home)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.21.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shoc ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WB: DllName - C:\Program Files\AlienGUIse\fastload.dll - C:\Program Files\AlienGUIse\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\yodm3d\desktopwallpaper0.bmp
O24 - Desktop BackupWallPaper: C:\yodm3d\desktopwallpaper0.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.04.16 11:32:18 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.02.10 03:55:59 | 000,423,304 | R--- | M] (Electronic Arts) - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 08:21:09 | 000,000,000 | R--D | M] - F:\Autorun -- [ CDFS ]
O32 - AutoRun File - [2010.01.31 10:21:13 | 000,367,686 | R--- | M] () - F:\Autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:55:03 | 009,965,568 | R--- | M] () - F:\autorun.dat -- [ CDFS ]
O32 - AutoRun File - [2010.02.10 04:54:55 | 000,000,155 | R--- | M] () - F:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{71a40a41-45b1-11e0-8c0a-0022151b9c82}\Shell - "" = AutoRun
O33 - MountPoints2\{71a40a41-45b1-11e0-8c0a-0022151b9c82}\Shell\AutoRun\command - "" = "M:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{a1a45761-2f86-11de-88b2-0022151b9223}\Shell\AutoRun\command - "" = Iexplores.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.27 22:03:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.07.27 21:09:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\riotsGamesLogs
[2011.07.27 00:13:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Malwarebytes
[2011.07.27 00:13:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.27 00:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.27 00:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011.07.27 00:13:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.27 00:13:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.07.26 23:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.26 23:54:04 | 000,000,000 | ---D | C] -- C:\rsit
[2011.07.26 23:11:41 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.07.26 22:46:23 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.07.26 22:44:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.07.26 22:44:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.07.26 22:44:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.07.26 22:44:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.07.26 22:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.07.26 22:40:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.07.26 22:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Desktop\RK_Quarantine
[2011.07.25 01:40:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2011.07.20 16:12:14 | 078,078,224 | ---- | C] (K2 Network, Inc.) -- C:\APB_Reloaded_Installer.exe
[2011.07.20 15:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\GamersFirst LIVE!
[2011.07.20 15:48:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Desktop\GamersFirst
[2011.07.20 15:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\GamersFirst
[2011.07.19 17:26:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Might & Magic Heroes VI - Public Closed Beta
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\CrashRpt
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\My Documents\Arktos
[2011.07.19 14:51:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\Arktos
[2011.07.16 05:42:45 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\pc\Recent
[2011.07.06 02:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Start Menu\Programs\Curse
[2011.07.05 03:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011.07.05 01:03:42 | 000,000,000 | ---D | C] -- C:\menofwar1.90.4
[2011.07.05 00:50:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\1C Company
[2011.07.04 17:19:18 | 000,000,000 | ---D | C] -- C:\Super.Street.Fighter.IV.Arcade.Edition-SKIDROW
[2011.07.03 22:25:31 | 000,000,000 | ---D | C] -- C:\terrariaverzia
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\My Documents\Tunngle
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Tunngle
[2011.07.03 21:53:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011.07.03 21:53:51 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys
[2011.07.03 21:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tunngle
[2011.07.03 21:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Tunngle
[2011.07.03 20:46:35 | 000,000,000 | ---D | C] -- C:\Men.of.War.Assault.Squad-SKIDROW
[2011.06.30 21:13:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Start Menu\Programs\Perpetuum
[2011.06.29 17:53:52 | 000,000,000 | ---D | C] -- C:\crackalice
[2011.06.29 17:45:19 | 000,000,000 | ---D | C] -- C:\Crack
[2011.06.28 22:36:27 | 000,000,000 | ---D | C] -- C:\Alice.Madness.Returns.Crackfix-SKIDROW
[2010.06.02 05:22:02 | 001,801,048 | ---- | C] (Microsoft Corporation) -- C:\Program Files\dsetup32.dll
[2010.06.02 05:22:02 | 000,537,432 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DXSETUP.exe
[2010.06.02 05:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\DSETUP.dll
[2010.02.26 16:39:22 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\pc\Application Data\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2011.07.27 22:12:14 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.07.27 22:10:00 | 000,001,004 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003UA.job
[2011.07.27 22:08:09 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.27 22:07:34 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.27 22:07:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.27 22:04:32 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2011.07.27 21:28:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.27 20:08:44 | 000,141,200 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.07.27 20:08:38 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2011.07.27 19:10:00 | 000,000,952 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-764733703-725345543-1003Core.job
[2011.07.27 13:26:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.07.27 10:31:16 | 000,281,656 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2011.07.27 09:39:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.07.27 03:27:46 | 000,000,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hîsts
[2011.07.26 23:27:31 | 000,001,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SkypeSetupFull.exe
[2011.07.26 23:26:49 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011.07.26 22:46:28 | 000,000,343 | RHS- | M] () -- C:\boot.ini
[2011.07.26 22:34:02 | 000,000,149 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\rk-proxy.reg
[2011.07.26 16:11:55 | 000,000,227 | ---- | M] () -- C:\Boot.bak
[2011.07.25 23:25:49 | 000,002,563 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Word.lnk
[2011.07.22 08:58:47 | 000,002,692 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2011.07.20 17:34:18 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
[2011.07.20 17:11:49 | 3816,745,337 | ---- | M] () -- C:\Client1.5.1.565640.7z
[2011.07.20 17:11:48 | 078,078,224 | ---- | M] (K2 Network, Inc.) -- C:\APB_Reloaded_Installer.exe
[2011.07.20 15:48:02 | 000,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.07.20 15:48:02 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011.07.20 04:05:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.07.19 17:22:01 | 000,001,890 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Might & Magic Heroes VI - Public Closed Beta.lnk
[2011.07.19 17:21:11 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011.07.19 14:10:05 | 000,000,174 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\WarInc.url
[2011.07.16 17:12:25 | 000,000,593 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011.07.16 17:12:24 | 000,000,575 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2011.07.16 05:52:12 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.16 02:05:03 | 000,222,720 | ---- | M] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.06 02:24:56 | 000,000,312 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Curse Client.appref-ms
[2011.07.05 18:24:09 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2011.07.05 00:50:23 | 000,001,821 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Men of War. Assault Squad.lnk
[2011.07.04 17:10:08 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.07.03 13:13:43 | 000,000,457 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\BABKA 70-tka.lnk
[2011.07.02 21:21:24 | 001,083,411 | ---- | M] () -- C:\WoWScrnShot_070211_212053.jpg
[2011.07.02 00:21:03 | 000,170,209 | ---- | M] () -- C:\New home.jpg
[2011.07.01 16:12:45 | 511,420,100 | ---- | M] () -- C:\babka 70-tka.rar
[2011.06.30 21:13:54 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Perpetuum.lnk
[2011.06.30 21:13:54 | 000,000,540 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Perpetuum.lnk

========== Files Created - No Company Name ==========

[2011.07.27 09:39:33 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.07.26 22:46:28 | 000,000,227 | ---- | C] () -- C:\Boot.bak
[2011.07.26 22:46:25 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011.07.26 22:44:30 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.07.26 22:44:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.07.26 22:44:30 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.07.26 22:44:30 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.07.26 22:44:30 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.07.26 22:34:02 | 000,000,149 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\rk-proxy.reg
[2011.07.26 16:14:43 | 000,001,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SkypeSetupFull.exe
[2011.07.25 01:40:26 | 000,002,265 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.07.20 16:12:14 | 3816,745,337 | ---- | C] () -- C:\Client1.5.1.565640.7z
[2011.07.20 15:48:02 | 000,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.07.20 15:48:02 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GamersFirst LIVE!.lnk
[2011.07.19 17:22:01 | 000,001,890 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Might & Magic Heroes VI - Public Closed Beta.lnk
[2011.07.19 14:06:50 | 000,000,174 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\WarInc.url
[2011.07.17 19:31:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2011.07.05 00:50:23 | 000,001,821 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Men of War. Assault Squad.lnk
[2011.07.03 22:06:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.07.03 21:53:51 | 000,000,593 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2011.07.03 21:53:51 | 000,000,575 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2011.07.03 13:13:49 | 000,000,457 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\BABKA 70-tka.lnk
[2011.07.02 21:20:45 | 001,083,411 | ---- | C] () -- C:\WoWScrnShot_070211_212053.jpg
[2011.07.02 00:20:34 | 000,170,209 | ---- | C] () -- C:\New home.jpg
[2011.07.01 12:43:12 | 511,420,100 | ---- | C] () -- C:\babka 70-tka.rar
[2011.06.30 21:13:54 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Perpetuum.lnk
[2011.06.30 21:13:54 | 000,000,540 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Perpetuum.lnk
[2011.05.25 20:26:41 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.05.16 05:54:59 | 000,046,658 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\room.dat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.04.05 22:09:48 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011.02.28 17:22:01 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ra3.ini
[2011.02.09 07:13:16 | 000,050,372 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2011.02.07 10:12:06 | 000,000,800 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\SRDownloader.nast
[2011.01.28 12:06:10 | 000,502,192 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.12.28 15:53:42 | 002,601,752 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_moh.exe
[2010.10.30 14:25:41 | 000,000,241 | ---- | C] () -- C:\WINDOWS\QSync.INI
[2010.10.30 14:25:05 | 000,011,653 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010.10.30 14:23:35 | 000,000,744 | ---- | C] () -- C:\WINDOWS\_delis32.ini
[2010.10.30 14:23:07 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\MimicICM.dll
[2010.10.30 14:21:06 | 000,081,920 | R--- | C] () -- C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
[2010.08.04 20:51:33 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.08.04 20:51:32 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.07.27 04:09:26 | 000,001,899 | ---- | C] () -- C:\WINDOWS\TVEpaDrv.ini
[2010.07.27 03:35:49 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010.07.06 17:40:11 | 000,038,872 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat
[2010.07.06 17:40:11 | 000,029,363 | ---- | C] () -- C:\WINDOWS\hpoins03.dat
[2010.07.06 17:39:27 | 000,565,248 | R--- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2010.07.06 16:47:24 | 000,038,872 | ---- | C] () -- C:\WINDOWS\hpomdl03.dat.temp
[2010.07.06 16:47:24 | 000,029,363 | ---- | C] () -- C:\WINDOWS\hpoins03.dat.temp
[2010.06.02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x64.cab
[2010.06.02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Program Files\OCT2006_d3dx9_31_x86.cab
[2010.06.02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x64.cab
[2010.06.02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Program Files\Nov2008_XAudio_x86.cab
[2010.06.02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x64.cab
[2010.06.02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Program Files\OCT2006_XACT_x86.cab
[2010.06.02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x64.cab
[2010.06.02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Program Files\Oct2005_xinput_x86.cab
[2010.06.02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x64.cab
[2010.06.02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Program Files\Nov2008_d3dx9_40_x86.cab
[2010.06.02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x86.cab
[2010.06.02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x64.cab
[2010.06.02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Program Files\Nov2008_XACT_x86.cab
[2010.06.02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x64.cab
[2010.06.02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Program Files\Nov2008_X3DAudio_x86.cab
[2010.06.02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Program Files\Nov2008_d3dx10_40_x64.cab
[2010.06.02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x64.cab
[2010.06.02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Program Files\NOV2007_XACT_x86.cab
[2010.06.02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x64.cab
[2010.06.02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Program Files\NOV2007_X3DAudio_x86.cab
[2010.06.02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x64.cab
[2010.06.02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Program Files\Nov2007_d3dx9_36_x86.cab
[2010.06.02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x64.cab
[2010.06.02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Program Files\Nov2007_d3dx10_36_x86.cab
[2010.06.02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x86.cab
[2010.06.02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Program Files\Mar2009_XAudio_x64.cab
[2010.06.02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x64.cab
[2010.06.02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Program Files\Mar2009_XACT_x86.cab
[2010.06.02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x64.cab
[2010.06.02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Program Files\Mar2009_X3DAudio_x86.cab
[2010.06.02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x64.cab
[2010.06.02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Program Files\Mar2009_d3dx9_41_x86.cab
[2010.06.02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x64.cab
[2010.06.02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Program Files\Mar2009_d3dx10_41_x86.cab
[2010.06.02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x64.cab
[2010.06.02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Program Files\Mar2008_XAudio_x86.cab
[2010.06.02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x64.cab
[2010.06.02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Program Files\Mar2008_XACT_x86.cab
[2010.06.02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x64.cab
[2010.06.02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Program Files\Mar2008_d3dx9_37_x86.cab
[2010.06.02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x86.cab
[2010.06.02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x64.cab
[2010.06.02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Program Files\Mar2008_X3DAudio_x86.cab
[2010.06.02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x64.cab
[2010.06.02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Program Files\Mar2008_d3dx10_37_x64.cab
[2010.06.02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Program Files\Jun2010_d3dx9_43_x86.cab
[2010.06.02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x86.cab
[2010.06.02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Program Files\Jun2010_XAudio_x64.cab
[2010.06.02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x64.cab
[2010.06.02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Program Files\Jun2010_XACT_x86.cab
[2010.06.02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x86.cab
[2010.06.02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x64.cab
[2010.06.02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Program Files\Jun2010_d3dx10_43_x86.cab
[2010.06.02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x64.cab
[2010.06.02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Program Files\Jun2010_d3dx11_43_x86.cab
[2010.06.02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
[2010.06.02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
[2010.06.02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Program Files\Jun2010_d3dcsx_43_x64.cab
[2010.06.02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x86.cab
[2010.06.02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x64.cab
[2010.06.02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Program Files\JUN2008_d3dx9_38_x86.cab
[2010.06.02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x64.cab
[2010.06.02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Program Files\JUN2008_d3dx10_38_x86.cab
[2010.06.02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Program Files\JUN2008_XAudio_x64.cab
[2010.06.02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x86.cab
[2010.06.02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x64.cab
[2010.06.02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Program Files\JUN2008_XACT_x86.cab
[2010.06.02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x64.cab
[2010.06.02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Program Files\JUN2008_X3DAudio_x86.cab
[2010.06.02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x64.cab
[2010.06.02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Program Files\JUN2007_d3dx9_34_x86.cab
[2010.06.02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x86.cab
[2010.06.02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x64.cab
[2010.06.02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Program Files\JUN2007_d3dx10_34_x86.cab
[2010.06.02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Program Files\JUN2007_XACT_x64.cab
[2010.06.02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x64.cab
[2010.06.02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Program Files\JUN2006_XACT_x86.cab
[2010.06.02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Program Files\Jun2005_d3dx9_26_x64.cab
[2010.06.02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x86.cab
[2010.06.02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Program Files\Feb2010_XAudio_x64.cab
[2010.06.02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x64.cab
[2010.06.02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Program Files\Feb2010_XACT_x86.cab
[2010.06.02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x64.cab
[2010.06.02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Program Files\FEB2007_XACT_x86.cab
[2010.06.02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x64.cab
[2010.06.02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Program Files\Feb2010_X3DAudio_x86.cab
[2010.06.02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x64.cab
[2010.06.02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Program Files\Feb2006_XACT_x86.cab
[2010.06.02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x86.cab
[2010.06.02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x86.cab
[2010.06.02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Program Files\Feb2006_d3dx9_29_x64.cab
[2010.06.02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x64.cab
[2010.06.02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Program Files\Feb2005_d3dx9_24_x86.cab
[2010.06.02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x64.cab
[2010.06.02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Program Files\DEC2006_XACT_x86.cab
[2010.06.02 05:22:02 | 000,094,011 | ---- | C] () -- C:\Program Files\dxupdate.cab
[2010.06.02 05:22:02 | 000,042,410 | ---- | C] () -- C:\Program Files\dxdllreg_x86.cab
[2010.06.02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Program Files\DEC2006_d3dx9_32_x64.cab
[2010.06.02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x64.cab
[2010.06.02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Program Files\Dec2005_d3dx9_28_x86.cab
[2010.06.02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x64.cab
[2010.06.02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Program Files\Aug2009_XAudio_x86.cab
[2010.06.02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x64.cab
[2010.06.02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Program Files\DEC2006_d3dx10_00_x86.cab
[2010.06.02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x64.cab
[2010.06.02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Program Files\Aug2009_XACT_x86.cab
[2010.06.02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x64.cab
[2010.06.02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Program Files\Aug2009_d3dx9_42_x86.cab
[2010.06.02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x64.cab
[2010.06.02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Program Files\Aug2009_d3dx10_42_x86.cab
[2010.06.02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x64.cab
[2010.06.02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Program Files\Aug2009_d3dx11_42_x86.cab
[2010.06.02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x86.cab
[2010.06.02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Program Files\Aug2009_d3dcsx_42_x64.cab
[2010.06.02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
[2010.06.02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
[2010.06.02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x64.cab
[2010.06.02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Program Files\Aug2008_XAudio_x86.cab
[2010.06.02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x64.cab
[2010.06.02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Program Files\Aug2008_d3dx9_39_x86.cab
[2010.06.02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x86.cab
[2010.06.02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x64.cab
[2010.06.02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Program Files\AUG2007_XACT_x86.cab
[2010.06.02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x64.cab
[2010.06.02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Program Files\Aug2008_XACT_x86.cab
[2010.06.02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x64.cab
[2010.06.02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Program Files\AUG2007_d3dx9_35_x86.cab
[2010.06.02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Program Files\Aug2008_d3dx10_39_x64.cab
[2010.06.02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x64.cab
[2010.06.02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Program Files\AUG2007_d3dx10_35_x86.cab
[2010.06.02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x64.cab
[2010.06.02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Program Files\Aug2005_d3dx9_27_x86.cab
[2010.06.02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x64.cab
[2010.06.02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Program Files\AUG2006_XACT_x86.cab
[2010.06.02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x64.cab
[2010.06.02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Program Files\APR2007_xinput_x86.cab
[2010.06.02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Program Files\AUG2006_xinput_x86.cab
[2010.06.02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x86.cab
[2010.06.02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Program Files\APR2007_XACT_x64.cab
[2010.06.02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Program Files\APR2007_XACT_x86.cab
[2010.06.02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Program Files\APR2007_xinput_x64.cab
[2010.06.02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Program Files\APR2007_d3dx9_33_x64.cab
[2010.06.02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x64.cab
[2010.06.02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Program Files\APR2007_d3dx10_33_x86.cab
[2010.06.02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x86.cab
[2010.06.02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Program Files\Apr2006_xinput_x64.cab
[2010.06.02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
[2010.06.02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Program Files\Apr2006_MDX1_x86.cab
[2010.06.02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x64.cab
[2010.06.02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Program Files\Apr2006_XACT_x86.cab
[2010.06.02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x64.cab
[2010.06.02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x64.cab
[2010.06.02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Program Files\Apr2006_d3dx9_30_x86.cab
[2010.06.02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Program Files\Apr2005_d3dx9_25_x86.cab
[2010.04.14 21:57:14 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010.03.07 04:49:57 | 000,000,760 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\setup_ldm.iss
[2010.02.26 16:39:22 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\inst.exe
[2010.02.26 16:39:22 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.cat
[2010.02.26 16:39:22 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.inf
[2009.12.18 05:54:37 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009.12.18 05:54:37 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009.12.18 05:54:29 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\$_hpcst$.hpc
[2009.12.01 22:57:01 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.09.06 10:59:07 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009.08.25 09:34:38 | 000,024,825 | ---- | C] () -- C:\WINDOWS\System32\xfisk.ini
[2009.08.25 09:34:38 | 000,000,052 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009.08.25 09:34:28 | 000,151,040 | ---- | C] () -- C:\WINDOWS\System32\KSXPPI32.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.07.13 00:51:54 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2009.07.13 00:51:54 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2009.06.19 15:33:37 | 000,141,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.19 15:33:37 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
[2009.06.19 15:33:20 | 000,281,656 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2009.06.19 15:33:18 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2009.06.19 15:33:17 | 002,373,712 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2009.05.31 03:16:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2009.05.23 03:11:39 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2009.04.30 13:49:44 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.04.30 13:49:42 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.04.23 16:13:33 | 000,000,010 | ---- | C] () -- C:\WINDOWS\System32\wfxhelp21.dll
[2009.04.19 06:01:19 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.04.19 06:01:18 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.04.18 06:07:06 | 000,106,097 | ---- | C] () -- C:\WINDOWS\War3Unin.dat
[2009.04.17 13:44:07 | 000,000,056 | ---- | C] () -- C:\WINDOWS\wb.ini
[2009.04.17 07:04:00 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.04.17 01:55:43 | 000,002,692 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2009.04.17 01:49:09 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\fusioncache.dat
[2009.04.16 19:03:53 | 000,000,061 | ---- | C] () -- C:\WINDOWS\VSWizard.ini
[2009.04.16 18:18:56 | 000,222,720 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.16 13:24:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.04.16 13:23:12 | 000,307,600 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.04.16 12:56:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009.04.16 12:49:00 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.04.16 12:49:00 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.04.16 12:43:42 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2009.04.16 12:43:42 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2009.04.16 12:43:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2009.04.16 12:43:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2009.04.16 12:43:42 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2009.04.16 12:43:42 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2009.04.16 12:43:11 | 000,831,600 | ---- | C] () -- C:\WINDOWS\System32\Ctaa1.dat
[2009.04.16 12:43:11 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\cddvdint.dll
[2009.04.16 12:40:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.04.16 12:38:46 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009.04.16 12:38:34 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009.04.16 12:38:34 | 000,233,012 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009.04.16 12:03:49 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009.04.16 12:03:49 | 000,012,400 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009.04.16 12:03:47 | 000,011,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009.04.16 12:03:47 | 000,010,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009.04.16 11:44:15 | 000,041,615 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2009.04.16 11:44:09 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.04.16 11:43:56 | 000,041,160 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009.04.16 11:43:56 | 000,010,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009.04.16 11:33:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.04.16 11:30:24 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.07.27 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2007.07.27 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2007.07.27 14:00:00 | 000,497,052 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2007.07.27 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2007.07.27 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2007.07.27 14:00:00 | 000,085,536 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2007.07.27 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2007.07.27 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2007.07.27 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2007.07.27 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2007.07.27 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2007.07.27 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002.03.21 15:39:02 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\UNACEV2.DLL
[1999.01.27 13:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997.06.13 07:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll

< End of report >

[motji]

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {0a452a47-c5a8-4854-a237-4b9b06b376f0} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch 
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:4.3
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
2011.05.27 17:00:29 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\extensions\toolbar@ask.com
[2011.07.26 23:28:13 | 000,002,396 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\qxc0s7qt.default\searchplugins\askcom.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
2011.07.26 22:44:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.07.26 22:44:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.07.26 22:44:30 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.07.26 22:44:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.07.26 22:44:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.07.26 22:40:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.07.26 22:37:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Desktop\RK_Quarantine
[2011.06.29 17:53:52 | 000,000,000 | ---D | C] -- C:\crackalice
[2011.06.29 17:45:19 | 000,000,000 | ---D | C] -- C:\Crack
[2011.06.28 22:36:27 | 000,000,000 | ---D | C] -- C:\Alice.Madness.Returns.Crackfix-SKIDROW

:files
C:\Program Files\Ask.com
C:\Program Files\FaceSmooch Toolbar
C:\WINDOWS\iecheck_iplist.txt
C:\WINDOWS\btc_client_iplist.txt
C:\WINDOWS\iplist.txt
 C:\WINDOWS\front_ip_list.txt
C:\WINDOWS\winlog-ids.txt
 C:\WINDOWS\winlog-dirs.txt

:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

[eyewar]

no takze.. dal som tam ten script no zaseklo pri programfiles/facesmooch urcite nejaka sprosta facebook aplikacia. tak som to resetoval a skusil som to znovu a nastalo to iste cakal som 10 min a nic sa nedialo.

[motji]

Tak ten řádek vynechte ze skriptu.