Yontoo 1.10.02 nejde smazat

Zpráva

Sulfaen · #1 Příspěvek od **Sulfaen** » 14 srp 2012 20:33

Zdravim
Dnes večer mi začal ESET psát oznámení že blokuje stránku api.yontoo.com pokaždé když přejdu na další stránku.
V odinstalova nebo změnit program jsem našel yontoo 1.10.02 který nejde odstranit a nevim ani kde se tam vzal.
pomoc prosím.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sator at 2012-08-14 21:24:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 29 GB (37%) free of 80 GB
Total RAM: 4094 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:24:28, on 14.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
D:\Programky\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
C:\Program Files (x86)\ICQ7.5\ICQ.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
D:\AML Products\Registry Cleaner\regclean.exe
C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Sator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (file missing)
O3 - Toolbar: KMP Media Toolbar - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programky\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [AML Registry Cleaner] D:\AML Products\Registry Cleaner\regclean.exe /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programky\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Sator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "D:\Programky\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [GNE_SwapScreen] C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: ICQ – zástupce.lnk = C:\Program Files (x86)\ICQ7.5\ICQ.exe
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O4 - Global Startup: Content Manager Assistant for PlayStation(R).lnk = C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NAUpdate - Unknown owner - (no file)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8529 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
WLIDSvcM.exe 2032
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\Programky\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe"
"C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe"
"C:\Program Files (x86)\ICQ7.5\ICQ.exe"
"C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe"
"C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe"
"C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe"
"D:\AML Products\Registry Cleaner\regclean.exe" /min
"C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe" 2104
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Mozilla Firefox\firefox.exe"
"W:\Astahování\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-05-11 75656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}]
KMP Media Toolbar - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{daf5b34c-1aa3-4c33-ae24-766a370635d2} - KMP Media Toolbar - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll [2012-03-22 87008]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-05-01 8060960]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2012-03-07 4081008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Programky\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Google Update"=C:\Users\Sator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
"uTorrent"=D:\Programky\uTorrent\uTorrent.exe [2012-05-15 880496]
"GNE_SwapScreen"=C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe [2011-04-13 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2009-03-25 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\Programky\uTorrent\uTorrent.exe [2012-05-15 880496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Windows\SysWOW64\NeroCheck.exe [2001-07-09 155648]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=D:\Programky\QuickTime\QTTask.exe [2011-10-24 421888]
"NBKeyScan"=C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-12-02 2221352]
"AML Registry Cleaner"=D:\AML Products\Registry Cleaner\regclean.exe [2012-05-20 565096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Content Manager Assistant for PlayStation(R).lnk - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ICQ – zástupce.lnk - C:\Program Files (x86)\ICQ7.5\ICQ.exe
Samsung Auto Backup Guage.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
Samsung Auto Backup Real-Time Daemon.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
Samsung Auto Backup Scheduler.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-14 21:24:20 ----D---- C:\rsit
2012-08-14 21:24:20 ----D---- C:\Program Files\trend micro
2012-08-10 19:46:35 ----D---- C:\Program Files\KaM - The Peasants Rebellion
2012-08-10 19:46:18 ----A---- C:\Windows\SYSWOW64\Msvbvm50.dll
2012-08-10 19:46:04 ----A---- C:\Windows\system32\Msvbvm50.dll
2012-08-04 12:36:54 ----D---- C:\ProgramData\Remedy
2012-08-04 12:36:49 ----D---- C:\ProgramData\OUTLAWS
2012-07-22 10:41:06 ----D---- C:\ProgramData\Ask
2012-07-22 10:40:46 ----D---- C:\Program Files (x86)\Oracle
2012-07-22 10:40:29 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-07-22 10:40:29 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-07-22 10:40:25 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-07-22 10:40:25 ----A---- C:\Windows\SYSWOW64\java.exe

======List of files/folders modified in the last 1 month======

2012-08-14 21:24:28 ----D---- C:\Windows\Prefetch
2012-08-14 21:24:20 ----RD---- C:\Program Files
2012-08-14 21:12:44 ----D---- C:\Windows\Temp
2012-08-14 21:08:11 ----D---- C:\Users\Sator\AppData\Roaming\uTorrent
2012-08-14 21:07:54 ----D---- C:\Users\Sator\AppData\Roaming\ICQ
2012-08-14 20:46:41 ----RD---- C:\Program Files (x86)
2012-08-14 13:04:09 ----D---- C:\Users\Sator\AppData\Roaming\AIMP3
2012-08-13 17:39:04 ----D---- C:\Windows\SysWOW64
2012-08-13 17:33:31 ----SHD---- C:\Windows\Installer
2012-08-13 17:32:44 ----RSD---- C:\Windows\assembly
2012-08-13 17:32:24 ----SHD---- C:\System Volume Information
2012-08-13 10:59:51 ----D---- C:\Windows\System32
2012-08-13 10:59:51 ----D---- C:\Windows\inf
2012-08-13 10:59:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-08-10 17:45:39 ----HD---- C:\ProgramData
2012-08-08 21:55:35 ----D---- C:\Windows\system32\config
2012-08-04 14:21:05 ----D---- C:\Windows\system32\Tasks
2012-08-03 22:12:22 ----D---- C:\Windows\Microsoft.NET
2012-08-03 11:25:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-08-03 11:22:27 ----D---- C:\Windows\SYSWOW64\en-US
2012-08-03 11:22:27 ----D---- C:\Windows\system32\en-US
2012-08-03 11:21:35 ----D---- C:\Windows
2012-07-28 18:20:03 ----D---- C:\Windows\system32\catroot2
2012-07-22 10:41:04 ----D---- C:\Program Files (x86)\Common Files
2012-07-18 09:43:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-28 270912]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-13 314016]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-13 43680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-05 1974944]
R3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-04-06 236544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-12-02 877864]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-04-24 624856]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-18 113120]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2009-03-25 537896]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 14 srp 2012 20:45

Zdravim a pekny vecer preji

Predpokladam, ze na ten ESET mate zakoupenou licenci

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Sulfaen · #3 Příspěvek od **Sulfaen** » 14 srp 2012 20:48

Ano ESET jsem kupoval před pár měsíci.

nfo.txt logfile of random's system information tool 1.09 2012-08-14 21:24:30

======Uninstall list======

Leawo Video Converter version 5.1.0.0-->"D:\hry\Video Converter\unins000.exe"
-->""
-->C:\Program Files (x86)\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->D:\GOG.com\Icewind Dale Complete\unins000.exe
-->D:\hry\GOG.com\Alien Nations\unins000.exe
-->D:\hry\GOG.com\Baldurs Gate II\unins000.exe
-->D:\hry\GOG.com\Baldurs Gate II\unins000.exe
-->D:\hry\GOG.com\Fallout Tactics\unins000.exe
-->D:\hry\GOG.com\Heroes of Might and Magic 3 Complete\unins000.exe
-->D:\hry\GOG.com\Legend of Grimrock\unins000.exe
-->D:\hry\GOG.com\The Whispered World\unins000.exe
-->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
µTorrent-->"D:\Programky\uTorrent\uTorrent.exe" /UNINSTALL
1ClickDownloader-->C:\Program Files (x86)\1ClickDownload\uninstall.exe
7-Zip 9.21beta-->"C:\Program Files (x86)\7-Zip\Uninstall.exe"
Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_Plugin.exe -maintain plugin
Adobe Reader X (10.1.3) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
AIMP2: Audio Tools-->C:\Program Files (x86)\AIMP2 Tools\atUninstall.exe
AIMP3-->D:\AIMP3\Uninstall.exe
Alien Nations-->"D:\hry\GOG.com\Alien Nations\unins000.exe"
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD AVIVO64 Codecs-->MsiExec.exe /X{CD54A15F-4FBA-04DE-FE24-20AE11BE07AE}
AMD Catalyst Install Manager-->msiexec /q/x{5831C6D6-309D-DBB5-14F7-FEE57086CEE7} REBOOT=ReallySuppress
AMD Drag and Drop Transcoding-->MsiExec.exe /X{D77162FE-B7B2-8E1E-D80D-89DE6217DF13}
AMD Media Foundation Decoders-->MsiExec.exe /X{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}
AML Free Registry Cleaner 4.24-->"D:\AML Products\Registry Cleaner\unins000.exe"
Angry Birds Space-->MsiExec.exe /I{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}
Angry Birds-->MsiExec.exe /I{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}
Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Audiosurf-->MsiExec.exe /I{6D316D67-DA52-4659-9C98-F479963534D6}
Baldur's Gate II-->"D:\hry\GOG.com\Baldurs Gate II\unins000.exe"
Bastion-->"D:\Steam\steam.exe" steam://uninstall/107100
Capsule-->D:\Capsule\uninstaller.exe
Catalyst Control Center - Branding-->MsiExec.exe /I{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
Command and Conquer 3: Tiberium Wars-->"D:\Steam\steam.exe" steam://uninstall/24790
Content Manager Assistant for PlayStation(R)-->MsiExec.exe /X{BE841724-78F0-44D6-B6C4-C3D53708293B}
DAEMON Tools Lite-->D:\programky\DAEMON Tools Lite\uninst.exe
Diablo III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III\Uninstall.exe
Fallout Tactics-->"D:\hry\GOG.com\Fallout Tactics\unins000.exe"
Heroes of Might and Magic 3 Complete-->"D:\hry\GOG.com\Heroes of Might and Magic 3 Complete\unins000.exe"
High-Definition Video Playback-->MsiExec.exe /X{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}
HydraVision-->MsiExec.exe /X{AB25C7D6-B68B-DC97-5138-3A7E1E23683E}
Chantelise-->"D:\Steam\steam.exe" steam://uninstall/70420
Icewind Dale Complete-->"D:\GOG.com\Icewind Dale Complete\unins000.exe"
Inversion-->"D:\hry\Inversion\unins000.exe"
Java(TM) 7 Update 1 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86417001FF}
Java(TM) 7 Update 5-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217005FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
K-Lite Codec Pack 7.9.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
KMP Media Toolbar-->C:\Program Files (x86)\kmpmediatoolbar\uninstall.exe
Legend of Grimrock-->"D:\hry\GOG.com\Legend of Grimrock\unins000.exe"
LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
LG United Mobile Drivers-->MsiExec.exe /X{461B11E8-BF34-4ACB-962A-1CBE905BD9EB}
LG USB Modem Drivers-->MsiExec.exe /X{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}
Machinarium-->"D:\Steam\steam.exe" steam://uninstall/40700
Mass Effect-->C:\Program Files (x86)\InstallShield Installation Information\{6365F76B-1FBF-449A-9075-5A78B924DE17}\setup.exe -runfromtemp -l0x0005 -removeonly
Mass Effect™ 3-->"C:\Program Files (x86)\Common Files\EAInstaller\Mass Effect 3\Cleanup.exe" uninstall_game -autologging
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft .NET Framework 4 Extended-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /x64 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{8E34682C-8118-31F1-BC4C-98CD9675E1C2}
Microsoft AppLocale-->MsiExec.exe /I{394BE3D9-7F57-4638-A8D1-1D88671913B7}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Windows Application Compatibility Database-->C:\Windows\SysWow64\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb"
Microsoft XNA Framework Redistributable 3.1-->MsiExec.exe /I{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
Microsoft XNA Framework Redistributable 4.0-->MsiExec.exe /I{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
Mozilla Firefox 14.0.1 (x86 cs)-->D:\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
My Game Long Name-->D:\hry\Waves\Binaries\UnSetup.exe /uninstall
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero 8-->MsiExec.exe /X{C9FFC925-E27E-436E-A2DF-652324D51029}
Nero Audio Pack 1-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
NeroKwikMedia Help (CHM)-->MsiExec.exe /X{02FCAA8F-59D3-4198-822E-135C61EE4F0B}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Neverwinter Nights 2: Platinum-->"D:\Steam\steam.exe" steam://uninstall/2760
NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}
Odinstalovat LG PC Suite III-->"D:\programky\LG PC Suite III\unins000.exe"
OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U
OpenOffice.org 3.0-->MsiExec.exe /I{564D0000-547B-4ED8-8070-85286CC8C9BF}
Orcs Must Die 2-->"D:\hry\Orcs Must Die 2\unins000.exe"
Orcs Must Die!-->"D:\hry\Orcs Must Die!\unins000.exe"
Pandora Service-->"C:\Program Files (x86)\PANDORA.TV\PanService\unins000.exe"
Picasa 3-->"D:\programky\Google\Picasa3\Uninstall.exe"
Puzzle Quest: Challenge of the Warlords 1.01-->D:\hry\Puzzle Quest\Uninstal.exe
QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Recettear: An Item Shop's Tale-->"D:\Steam\steam.exe" steam://uninstall/70400
Resonance version 1.0-->"D:\hry\Resonance\unins000.exe"
Revo Uninstaller 1.93-->D:\programky\Revo Uninstaller\uninst.exe
Rollcage Stage II-->C:\Windows\IsUninst.exe -f"D:\hry\Rollcage Stage II\Uninst.isu"
Samsung Auto Backup-->"C:\Program Files (x86)\InstallShield Installation Information\{821D6F49-1B20-4809-8C73-286CFC52B1B1}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sanitarium-->"D:\hry\GOG.com\Sanitarium\unins000.exe"
Star Wars: The Old Republic-->C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe
Subtitle Workshop 2.51-->"D:\URUSoft\Subtitle Workshop\uninstall.exe"
Team Fortress 2-->"D:\Steam\steam.exe" steam://uninstall/440
The Elder Scrolls V: Skyrim-->"D:\Steam\steam.exe" steam://uninstall/72850
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
The Whispered World-->"D:\hry\GOG.com\The Whispered World\unins000.exe"
The Witcher 2 (CZ)-->"C:\Program Files (x86)\InstallShield Installation Information\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}\setup.exe" -runfromtemp -l0x0405 -removeonly
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Unlocker 1.9.1-x64-->C:\Program Files\Unlocker\uninst.exe
Visual Studio 2008 x64 Redistributables-->MsiExec.exe /I{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{9B48B0AC-C813-4174-9042-476A887592C7}
WinRAR 4.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
XviD MPEG-4 Video Codec-->C:\Windows\system32\rundll32.exe setupapi,InstallHinfSection Remove_XviD 132 C:\Windows\inf\xvid.inf
XviD4PSP 6.0-->D:\Winnydows\XviD4PSP60\Uninstall.exe
XviD4PSP-->W:\Winnydows\XviD4PSP\Uninstall.exe
Yontoo 1.10.02-->C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe /remove /q0

======System event log======

Computer Name: Sator-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 31532
Source Name: Service Control Manager
Time Written: 20111225171510.990471-000
Event Type: Informace
User:

Computer Name: Sator-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 31531
Source Name: Service Control Manager
Time Written: 20111225170510.989153-000
Event Type: Informace
User:

Computer Name: Sator-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 31530
Source Name: Service Control Manager
Time Written: 20111225170334.990662-000
Event Type: Informace
User:

Computer Name: Sator-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Spuštěno
Record Number: 31529
Source Name: Service Control Manager
Time Written: 20111225165334.990370-000
Event Type: Informace
User:

Computer Name: Sator-PC
Event Code: 7036
Message: Stav služby Funkčnost aplikací byl změněn na: Zastaveno
Record Number: 31528
Source Name: Service Control Manager
Time Written: 20111225155439.988739-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247F27-25
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20110827142941.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20110827142938.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 3
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20110827142934.585677-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247F27-25
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 2
Source Name: Microsoft-Windows-EventSystem
Time Written: 20110827142934.000000-000
Event Type: Informace
User:

Computer Name: 37L4247F27-25
Event Code: 1532
Message: Služba Profil uživatele byla zastavena.

Record Number: 1
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101121035831.124372-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: 37L4247F27-25
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110827142918.236848-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110827142918.221248-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x32829
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110827142918.002848-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110827142916.021644-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20110827142915.943644-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;D:\programky\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"windows_tracing_flags"=3
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 14 srp 2012 21:00

Zkuste Yontoo odinstalovat pres Revo http://www.stahuj.centrum.cz/utility_a_ ... installer/

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

Sulfaen · #5 Příspěvek od **Sulfaen** » 14 srp 2012 21:45

Celí OTL se do jednoho příspěvku nevejde tak jsem ho rozdělil.

OTL logfile created on: 14.8.2012 22:22:31 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Sator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 64,16% Memory free
8,00 Gb Paging File | 6,48 Gb Available in Paging File | 81,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 28,63 Gb Free Space | 36,64% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 67,74 Gb Free Space | 11,36% Space Free | Partition Type: NTFS
Drive E: | 4,09 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 931,51 Gb Total Space | 189,54 Gb Free Space | 20,35% Space Free | Partition Type: NTFS
Drive W: | 518,04 Gb Total Space | 60,88 Gb Free Space | 11,75% Space Free | Partition Type: NTFS

Computer Name: SATOR-PC | User Name: Sator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.08.14 22:20:35 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Sator\Desktop\OTL.exe
PRC - [2012.07.18 00:04:29 | 000,913,888 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2012.05.20 14:04:34 | 000,565,096 | ---- | M] (AML Software - AMLSOFT.COM) -- D:\AML Products\Registry Cleaner\regclean.exe
PRC - [2012.04.24 08:51:22 | 000,624,856 | ---- | M] (Pandora.TV) -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2012.01.26 20:38:52 | 000,525,768 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
PRC - [2012.01.26 20:38:42 | 002,520,504 | ---- | M] (Sony Computer Entertainment Inc.) -- C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
PRC - [2011.08.02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd) -- D:\Programky\DAEMON Tools Lite\DTLite.exe
PRC - [2011.08.01 10:28:16 | 000,124,480 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2010.03.15 16:00:46 | 000,102,400 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
PRC - [2010.03.15 15:33:52 | 000,077,824 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
PRC - [2010.03.15 15:32:38 | 000,888,832 | ---- | M] (Clarus, Inc.) -- C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
PRC - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Windows\SysWOW64\IoctlSvc.exe

========== Modules (No Company Name) ==========

MOD - [2012.07.18 00:04:29 | 002,003,424 | ---- | M] () -- D:\Mozilla Firefox\mozjs.dll
MOD - [2011.10.28 18:13:24 | 006,034,229 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MOD - [2011.10.28 18:13:24 | 000,962,568 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll
MOD - [2011.10.28 18:13:24 | 000,221,581 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MOD - [2011.10.28 10:00:00 | 003,578,880 | ---- | M] () -- C:\Program Files (x86)\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2009.10.29 17:10:20 | 000,615,424 | ---- | M] () -- D:\AML Products\Registry Cleaner\Styles\Office2007.cjstyles
MOD - [2001.08.23 20:00:00 | 001,388,544 | ---- | M] () -- D:\AML Products\Registry Cleaner\MSVBVM60.DLL

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.03.07 15:40:34 | 000,913,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (wuauserv)
SRV - [2012.07.18 00:04:29 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.24 08:51:22 | 000,624,856 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 09:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.14 08:40:04 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2012.03.14 08:40:02 | 000,209,768 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2012.03.14 08:40:02 | 000,148,528 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012.03.13 20:54:35 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012.03.13 20:54:35 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012.02.23 14:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.08.28 01:08:53 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2009.09.29 08:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
DRV:64bit: - [2009.09.29 08:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
DRV:64bit: - [2009.09.29 08:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.11.19 17:09:14 | 000,033,792 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2008.11.19 17:09:12 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2008.11.19 17:09:12 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{00FE2CD1-4F02-4569-98E4-0115280FB16A}: "URL" = http://websearch.ask.com/redirect?clien ... BAF767AFDB
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9F6F ... earchTerms}
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_result ... r=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.hrej.cz/"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... r=1.5.3&q="

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\programky\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Sator\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Sator\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012.06.03 20:06:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Mozilla Firefox\components [2012.07.18 00:04:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012.06.03 20:06:49 | 000,000,000 | ---D | M]

[2011.08.27 17:48:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sator\AppData\Roaming\Mozilla\Extensions
[2012.08.04 14:21:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions
[2012.07.25 23:16:24 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.24 08:42:59 | 000,000,000 | ---D | M] (KMP Media Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}
[2012.08.02 23:41:46 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.07.18 19:20:34 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2011.08.27 17:48:11 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2012.06.21 13:37:10 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\djziggy@gmail.com
[2011.08.27 17:48:04 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\DTToolbar@toolbarnet.com
[2011.08.27 17:48:08 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\ffxtlbr@Facemoods.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\plugin@yontoo.com
[2012.06.21 13:37:22 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\zigboom@ymail.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions
[2011.08.27 16:59:41 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions\plugin@yontoo.com
[2011.07.26 18:19:58 | 000,002,333 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\askcom.xml
[2009.02.26 14:22:28 | 000,000,880 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\conduit.xml
[2010.10.30 22:54:38 | 000,002,059 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\daemon-search.xml
[2012.08.07 22:01:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-1.xml
[2010.12.11 10:42:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-10.xml
[2011.03.05 13:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-11.xml
[2011.03.06 14:53:11 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-12.xml
[2011.04.09 12:30:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-13.xml
[2011.04.11 15:46:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-14.xml
[2011.05.01 00:17:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-15.xml
[2011.06.20 23:16:13 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-16.xml
[2011.06.23 19:37:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-17.xml
[2011.06.23 21:43:29 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-18.xml
[2011.06.24 08:31:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-19.xml
[2010.06.28 09:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-2.xml
[2011.06.25 20:45:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-20.xml
[2011.06.26 10:15:56 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-21.xml
[2011.07.01 09:26:25 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-22.xml
[2011.07.01 13:43:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-23.xml
[2011.07.01 14:21:30 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-24.xml
[2011.07.02 11:53:48 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-25.xml
[2011.07.06 16:21:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-26.xml
[2011.07.07 16:13:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-27.xml
[2011.07.09 20:39:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-28.xml
[2011.07.10 22:34:33 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-29.xml
[2010.07.21 13:09:14 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-3.xml
[2011.07.14 20:18:17 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-30.xml
[2011.07.14 20:19:52 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-31.xml
[2011.07.20 21:46:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-32.xml
[2011.07.21 19:55:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-33.xml
[2011.07.21 21:00:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-34.xml
[2011.07.21 21:49:59 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-35.xml
[2011.07.21 22:38:12 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-36.xml
[2011.07.24 19:30:24 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-37.xml
[2011.08.02 15:22:23 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-38.xml
[2011.08.02 17:30:09 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-39.xml
[2010.07.24 12:53:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-4.xml
[2011.08.09 19:50:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-40.xml
[2011.08.09 22:19:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-41.xml
[2011.08.16 15:20:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-42.xml
[2011.08.18 23:28:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-43.xml
[2011.08.20 00:22:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-44.xml
[2011.08.27 19:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-45.xml
[2011.08.28 22:44:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-46.xml
[2011.09.01 13:53:57 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-47.xml
[2011.09.07 21:46:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-48.xml
[2011.09.30 18:00:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-49.xml
[2010.08.30 22:20:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-5.xml
[2011.10.07 23:01:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-50.xml
[2011.11.07 16:38:08 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-51.xml
[2012.01.02 18:31:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-52.xml
[2012.02.04 23:27:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-53.xml
[2012.02.11 18:19:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-54.xml
[2012.02.17 20:00:21 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-55.xml
[2012.03.18 23:40:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-56.xml
[2012.03.27 21:16:04 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-57.xml
[2012.04.28 07:46:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-58.xml
[2012.06.06 11:59:46 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-59.xml
[2010.09.16 21:59:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-6.xml
[2012.06.16 15:04:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-60.xml
[2012.07.18 00:04:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-61.xml
[2012.07.22 15:11:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-62.xml
[2010.10.16 00:47:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-7.xml
[2010.10.21 09:43:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-8.xml
[2010.10.29 12:54:53 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-9.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.xml
[2011.08.27 22:13:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.08.27 22:13:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.08.27 22:13:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011.08.27 22:13:36 | 000,000,000 | ---D | M] (Seznam liĹˇtiÄŤka) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2012.07.30 23:14:48 | 000,526,190 | ---- | M] () (No name found) -- C:\USERS\SATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\818NO063.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
[2011.12.11 03:03:43 | 000,061,705 | ---- | M] () (No name found) -- C:\USERS\SATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\818NO063.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI
[2011.08.09 19:50:21 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.11.29 15:12:45 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,208 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2010.01.01 10:00:00 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2010.01.01 10:00:00 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2010.01.01 10:00:00 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2010.01.01 10:00:00 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - homepage: http://www.hrej.cz/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.hrej.cz/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Sator\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Sator\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sator\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = D:\programky\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java(TM) Platform SE 7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Sator\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = D:\programky\Google\Picasa3\npPicasa3.dll
CHR - Extension: YouTube = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: 1Click Downloader = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jplinpmadfkdgipabgcdchbdikologlh\1.1_0\
CHR - Extension: Yontoo = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
CHR - Extension: Gmail = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O3 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AML Registry Cleaner] D:\AML Products\Registry Cleaner\regclean.exe (AML Software - AMLSOFT.COM)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Windows\SysWOW64\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000..\Run: [DAEMON Tools Lite] D:\Programky\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000..\Run: [GNE_SwapScreen] C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe (GNE)
O4 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000..\Run: [uTorrent] D:\Programky\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ICQ – zástupce.lnk = C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk = C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
O4 - Startup: C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk = C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
O4 - Startup: C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk = C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.195.165.131 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B048534B-388B-431F-98B2-28D58ED820DF}: DhcpNameServer = 217.195.165.131 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\Shell - "" = AutoRun
O33 - MountPoints2\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\Shell\AutoRun\command - "" = H:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: wuauserv - C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.aacacm - C:\Windows\SysWow64\AACACM.acm (fccHandler)
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.avis - C:\Windows\SysWow64\ff_acm.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3pacm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (http://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.08.14 22:20:35 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\Sator\Desktop\OTL.exe
[2012.08.14 22:17:58 | 000,000,000 | ---D | C] -- C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.08.14 21:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.14 21:24:20 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.10 19:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\KaM - The Peasants Rebellion
[2012.08.10 19:46:18 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msvbvm50.dll
[2012.08.10 19:46:04 | 001,347,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Msvbvm50.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.08.14 22:24:22 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.14 22:20:35 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Sator\Desktop\OTL.exe
[2012.08.14 22:19:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job
[2012.08.14 22:17:58 | 000,000,723 | ---- | M] () -- C:\Users\Sator\Desktop\Revo Uninstaller.lnk
[2012.08.14 21:15:03 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 21:15:03 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.14 21:07:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.14 21:07:21 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.14 17:19:02 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job
[2012.08.14 09:20:45 | 000,002,453 | ---- | M] () -- C:\Users\Sator\Desktop\Google Chrome.lnk
[2012.08.13 16:23:11 | 000,001,056 | ---- | M] () -- C:\Users\Sator\AppData\Local\SRDownloader.nast
[2012.08.13 16:01:53 | 000,340,512 | ---- | M] () -- C:\Users\Sator\AppData\Local\SRDownloader.err
[2012.08.13 10:59:51 | 001,577,410 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.13 10:59:51 | 000,666,406 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.13 10:59:51 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.13 10:59:51 | 000,140,102 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.13 10:59:51 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.14 22:24:22 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.14 22:17:42 | 000,000,723 | ---- | C] () -- C:\Users\Sator\Desktop\Revo Uninstaller.lnk
[2012.05.06 16:30:22 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.05.06 16:30:14 | 000,001,024 | ---- | C] () -- C:\Users\Sator\.rnd
[2012.04.23 23:15:28 | 000,000,182 | ---- | C] () -- C:\Windows\AlienNations_usa.ini
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.12.16 16:47:40 | 000,000,341 | ---- | C] () -- C:\Windows\WINCMD.INI
[2011.12.09 21:08:23 | 000,006,656 | ---- | C] () -- C:\Users\Sator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.12.07 08:53:24 | 004,770,816 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.11.27 13:52:15 | 001,555,696 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.18 17:52:24 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 11:22:44 | 000,001,166 | ---- | C] () -- C:\Windows\level.ini
[2011.09.13 11:22:44 | 000,001,023 | ---- | C] () -- C:\Windows\tmp2Level.ini
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.28 21:04:59 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.08.27 17:45:30 | 000,000,093 | ---- | C] () -- C:\Users\Sator\AppData\Local\fusioncache.dat
[2011.08.27 17:16:52 | 000,340,512 | ---- | C] () -- C:\Users\Sator\AppData\Local\SRDownloader.err
[2011.08.27 17:11:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.27 17:09:22 | 000,001,056 | ---- | C] () -- C:\Users\Sator\AppData\Local\SRDownloader.nast
[2011.07.12 16:56:50 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.01.04 14:28:18 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

========== LOP Check ==========

[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\.minecraft
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Aegisub
[2012.08.14 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\AIMP3
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Anim
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Bioshock2
[2012.04.21 21:12:07 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\BSplayer
[2012.04.09 13:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\BSplayer Pro
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2012.02.18 23:57:34 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Command and Conquer 4
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\DAEMON Tools Lite
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Dark Sector
[2011.08.07 19:25:14 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\DisneyInteractiveStudios
[2010.09.27 23:02:29 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\fltk.org
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Games
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\GetRightToGo
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Haihaisoft
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Haihaisoft Universal Player
[2012.08.14 21:07:54 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\ICQ
[2011.08.27 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Leadertech
[2012.03.12 14:57:47 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Leawo
[2011.09.30 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\LG Electronics
[2011.08.27 17:47:56 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\LimeWire
[2011.08.27 17:47:56 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Lionhead Studios
[2011.08.27 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Moyea
[2011.08.27 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\OpenOffice.org
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Orneon
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\RenPy
[2012.03.23 14:43:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Rovio
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\runic games
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Thinstall
[2012.03.12 14:58:14 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\tiger-k
[2011.08.27 17:48:18 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Ubisoft
[2012.08.14 21:08:11 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\uTorrent
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\VampireSaga
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\vghd
[2012.05.13 20:32:35 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\VitySoft
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Vso
[2012.01.17 17:21:26 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Win7codecs
[2011.10.30 10:29:59 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\ZombieDriver
[2011.09.30 20:36:48 | 000,000,000 | -H-D | M] -- C:\Users\Sator\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\‚ ‚·‚Ć‚ë‚ń
[2012.06.13 08:40:27 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\AppPatch\*.tmp files -> C:\Windows\AppPatch\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[92 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\.minecraft
[2011.12.20 12:24:43 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Adobe
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Aegisub
[2012.05.06 15:37:15 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Ahead
[2012.08.14 13:04:09 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\AIMP3
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Anim
[2011.12.26 20:07:23 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Apple Computer
[2011.08.27 17:10:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\ATI
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Bioshock2
[2012.04.21 21:12:07 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\BSplayer
[2012.04.09 13:53:33 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\BSplayer Pro
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1
[2012.02.18 23:57:34 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Command and Conquer 4
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\CyberLink
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\DAEMON Tools Lite
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Dark Sector
[2011.08.07 19:25:14 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\DisneyInteractiveStudios
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\DivX
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\dvdcss
[2010.09.27 23:02:29 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\fltk.org
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Games
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\GetRightToGo
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Haihaisoft
[2011.08.27 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Haihaisoft Universal Player
[2012.08.14 21:07:54 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\ICQ
[2011.08.27 16:36:09 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Identities
[2012.03.22 21:17:00 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\InstallShield
[2011.08.27 17:47:53 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Leadertech
[2012.03.12 14:57:47 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Leawo
[2011.09.30 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\LG Electronics
[2011.08.27 17:47:56 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\LimeWire
[2011.08.27 17:47:56 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Lionhead Studios
[2011.08.27 17:47:56 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Macromedia
[2011.08.27 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Malwarebytes
[2010.11.21 11:38:07 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Media Center Programs
[2012.02.04 12:53:48 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Media Player Classic
[2012.06.28 18:29:22 | 000,000,000 | --SD | M] -- C:\Users\Sator\AppData\Roaming\Microsoft
[2011.08.27 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Microsoft Games
[2011.08.27 17:48:02 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Moyea
[2011.08.27 16:59:40 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Mozilla
[2011.08.28 21:04:34 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Nero
[2011.08.27 17:48:12 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\OpenOffice.org
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Orneon
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\RenPy
[2012.03.23 14:43:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Rovio
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\runic games
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\SecuROM
[2012.02.23 00:04:40 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Sony Corporation
[2011.08.27 17:48:13 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Thinstall
[2012.03.12 14:58:14 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\tiger-k
[2011.08.27 17:48:18 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Ubisoft
[2012.08.14 21:08:11 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\uTorrent
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\VampireSaga
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Ventrilo
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\vghd
[2012.05.13 20:32:35 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\VitySoft
[2011.10.30 18:51:09 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\vlc
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Vso
[2012.01.17 17:21:26 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Win7codecs
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\Winamp
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\WinRAR
[2011.10.30 10:29:59 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\ZombieDriver
[2011.09.30 20:36:48 | 000,000,000 | -H-D | M] -- C:\Users\Sator\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\‚ ‚·‚Ć‚ë‚ń

< %APPDATA%\*.exe /s >
[2010.10.21 10:38:50 | 000,032,768 | ---- | M] ((주)테크노니아) -- C:\Users\Sator\AppData\Roaming\LG Electronics\LG PC Suite III\UpdateHelper.exe
[2011.05.01 22:29:29 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2011.05.01 22:29:29 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.07.31 09:31:53 | 000,014,848 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2011.05.01 22:29:29 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2011.05.01 22:29:29 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.07.31 09:31:54 | 000,018,432 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.07.31 09:31:54 | 000,014,336 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2011.05.01 22:29:29 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2011.05.01 22:29:29 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2009.09.22 23:08:26 | 000,029,184 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2010.05.17 10:36:07 | 000,004,286 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{277D362A-45F2-4ABC-A9D1-F9CE4F949987}\ARPPRODUCTICON.exe
[2011.05.01 22:29:34 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{277D362A-45F2-4ABC-A9D1-F9CE4F949987}\NewShortcut11_1604814CED8F4E72A33133989CFEDD20.exe
[2011.05.01 22:29:34 | 000,045,056 | R--- | M] (Macrovision Corporation) -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{277D362A-45F2-4ABC-A9D1-F9CE4F949987}\NewShortcut1_1604814CED8F4E72A33133989CFEDD20.exe
[2010.05.17 10:36:07 | 000,008,854 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{277D362A-45F2-4ABC-A9D1-F9CE4F949987}\UNINST_Uninstall_L_1604814CED8F4E72A33133989CFEDD20.exe
[2012.06.24 22:33:30 | 000,029,926 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_18be6784.exe
[2012.06.24 22:33:30 | 000,029,422 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{394BE3D9-7F57-4638-A8D1-1D88671913B7}\_294823.exe
[2010.10.24 16:53:45 | 000,010,134 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.06.03 12:43:58 | 000,010,134 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2011.05.01 22:29:34 | 005,185,536 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D1E1F028-1953-43A3-BFD8-D2A00EC06E36}\RapeLay.exe
[2009.05.28 13:43:22 | 000,028,672 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D1E1F028-1953-43A3-BFD8-D2A00EC06E36}\_EB52FE80E75B_486E_9850_195DAB8E8D59.exe
[2011.02.16 23:12:54 | 000,410,598 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D3C9C0E7-7F77-4646-997F-99B912DD0300}\_0001C6EA54E6228968AE2E.exe
[2011.02.16 23:12:54 | 000,410,598 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D3C9C0E7-7F77-4646-997F-99B912DD0300}\_540B203E148A3152C3CD2F.exe
[2011.02.16 23:12:54 | 000,410,598 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D3C9C0E7-7F77-4646-997F-99B912DD0300}\_6FEFF9B68218417F98F549.exe
[2011.02.16 23:12:54 | 000,410,598 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D3C9C0E7-7F77-4646-997F-99B912DD0300}\_818CFAF572E89BFDFB2712.exe
[2011.02.16 23:12:54 | 000,410,598 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{D3C9C0E7-7F77-4646-997F-99B912DD0300}\_DB755F7B334E916A12D768.exe
[2011.03.24 19:37:44 | 000,010,134 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.06.11 20:22:51 | 000,002,238 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E4D02EF2-6F12-4BE9-9928-2F27DA01A915}\ARPPRODUCTICON.exe
[2011.06.11 20:22:51 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E4D02EF2-6F12-4BE9-9928-2F27DA01A915}\NewShortcut1_E4D02EF26F124BE999282F27DA01A915.exe
[2011.06.11 20:22:51 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E4D02EF2-6F12-4BE9-9928-2F27DA01A915}\NewShortcut2_E4D02EF26F124BE999282F27DA01A915.exe
[2011.06.11 16:00:00 | 000,009,062 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E51E4E3E-62B9-4A99-868D-B05B2DA3F4BF}\ARPPRODUCTICON.exe
[2011.06.11 16:00:00 | 000,049,152 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{E51E4E3E-62B9-4A99-868D-B05B2DA3F4BF}\NewShortcut1_E51E4E3E62B94A99868DB05B2DA3F4BF.exe
[2010.02.10 00:54:50 | 000,010,134 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Installer\{F022B56C-2B90-B9E1-332E-5C1277A47E7B}\ARPPRODUCTICON.exe
[2009.06.18 08:21:32 | 001,413,256 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Templates\H\USBAutoRun.exe
[2009.05.12 08:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Sator\AppData\Roaming\Microsoft\Windows\Templates\H\tools\LGSetCDROMAutoRun.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2012.08.14 17:19:02 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job
[2012.08.14 22:19:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "D:\Programky\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.08.02 09:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd)
"Google Update" = "C:\Users\Sator\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2012.04.27 18:09:20 | 000,116,648 | ---- | M] (Google Inc.)
"uTorrent" = "D:\Programky\uTorrent\uTorrent.exe" /MINIMIZED -- [2012.05.15 15:32:57 | 000,880,496 | ---- | M] (BitTorrent, Inc.)
"GNE_SwapScreen" = C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe -- [2011.04.13 09:57:12 | 000,167,936 | ---- | M] (GNE)

Sulfaen · #6 Příspěvek od **Sulfaen** » 14 srp 2012 21:46

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2011.08.09 19:50:21 | 000,924,632 | ---- | M] (Mozilla Corporation) MD5=6C9CD3ECBA6732661C8BBE37A877A2BD -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2010.11.21 05:25:08 | 000,673,040 | ---- | M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.14 22:24:22 | 000,000,512 | ---- | M] () MD5=490110C379EC5781FEFDEE05445DA1E7 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.08.14 13:07:19 | 000,000,578 | ---- | M] () -- \Users\Sator\AppData\Roaming\Microsoft\Windows\Recent\sk-tasm-ru CRACK.rar.lnk
[2011.01.22 19:53:23 | 000,009,812 | ---- | M] () -- \Users\Sator\AppData\Roaming\uTorrent\(SC39) [Atelier Pinpoint (CRACK)] Blonde - Shinigami Onsen Death Gods' Sauna Bath (Bleach)[ENG].zip.torrent
[2007.04.23 14:36:24 | 000,068,260 | ---- | M] () -- \Users\Sator\Desktop\hry\Pocket Tanks Deluxe 1.3\weapdata\firecracker.wav
[2007.04.23 14:36:28 | 000,001,398 | ---- | M] () -- \Users\Sator\Desktop\hry\Pocket Tanks Deluxe 1.3\weapdata\ico_firecracker.bmp

< *keygen* /s >
[2009.12.14 10:47:10 | 000,165,888 | ---- | M] () -- \Users\Sator\Desktop\hry\Bridge Builder hry\Pontifex II & Bridge Construction 1.30 with Keygen and Extra Maps and Manual\2_keygen.exe

< *loader* /s >
[2012.04.17 17:55:48 | 001,753,632 | ---- | M] () -- \Program Files (x86)\1ClickDownload\1ClickDownloader.exe
[2008.06.24 12:45:14 | 000,111,912 | ---- | M] () -- \Program Files (x86)\Common Files\Nero\Shared\NSCLoader.dll
[2011.06.11 09:58:08 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.06.11 09:58:08 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.06.11 09:58:08 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.18 16:27:59 | 000,002,886 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2011.07.27 17:58:57 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.06.11 09:58:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2011.06.11 09:58:40 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2012.03.22 06:38:24 | 000,004,176 | ---- | M] () -- \Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\images\loader.gif
[2011.10.17 14:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011.10.17 13:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011.11.06 11:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011.11.10 15:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2012.01.26 20:38:50 | 000,270,288 | ---- | M] () -- \Program Files (x86)\Sony\Content Manager Assistant\CMADownloader.exe
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \Program Files (x86)\The KMPlayer\ImLoader.dll
[2011.03.02 12:39:58 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2008.02.04 11:32:50 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero8\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2010.03.26 16:25:02 | 000,002,287 | ---- | M] () -- \Users\Public\Documents\Blizzard Entertainment\World of Warcraft\Logs\Downloader.log
[2012.08.13 16:01:53 | 000,340,512 | ---- | M] () -- \Users\Sator\AppData\Local\SRDownloader.err
[2012.08.13 16:23:11 | 000,001,056 | ---- | M] () -- \Users\Sator\AppData\Local\SRDownloader.nast
[2012.08.04 12:05:25 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[10].exe
[2012.08.05 19:13:38 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[11].exe
[2012.07.16 22:42:18 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[1].exe
[2012.07.17 00:43:30 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[2].exe
[2012.07.17 10:12:58 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[3].exe
[2012.07.17 15:57:45 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[4].exe
[2012.07.17 16:20:46 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[5].exe
[2012.07.17 18:35:42 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[6].exe
[2012.07.18 14:20:10 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[7].exe
[2012.07.20 10:36:22 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[8].exe
[2012.07.20 14:26:23 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1ESXCT4\kmplayer_downloader[9].exe
[2012.08.03 09:38:02 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[10].exe
[2012.07.16 20:05:29 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[1].exe
[2012.07.16 20:05:42 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[2].exe
[2012.07.17 16:01:00 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[3].exe
[2012.07.17 16:15:47 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[4].exe
[2012.07.18 10:38:41 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[5].exe
[2012.07.18 17:06:31 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[6].exe
[2012.07.18 17:12:51 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[7].exe
[2012.07.19 10:24:26 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[8].exe
[2012.07.20 10:37:36 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZQWR5S7\kmplayer_downloader[9].exe
[2012.07.27 11:44:56 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloaderCAH6KK7U.exe
[2012.07.20 14:27:52 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloaderCAZK4FMD.exe
[2012.07.20 10:37:53 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[10].exe
[2012.07.20 11:59:23 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[11].exe
[2012.07.17 10:11:04 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[1].exe
[2012.07.17 15:56:36 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[2].exe
[2012.07.17 15:59:16 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[3].exe
[2012.07.17 16:17:03 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[4].exe
[2012.07.18 10:37:45 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[5].exe
[2012.07.18 10:39:50 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[6].exe
[2012.07.18 17:09:15 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[7].exe
[2012.07.19 10:25:19 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[8].exe
[2012.07.19 21:49:23 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L10CCA3U\kmplayer_downloader[9].exe
[2012.07.20 14:26:49 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloaderCA3POPGQ.exe
[2012.07.20 10:36:11 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloaderCA7YPRLN.exe
[2012.07.20 14:50:58 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloaderCAP7JGHK.exe
[2012.07.20 10:31:07 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[10].exe
[2012.07.20 10:35:57 | 000,320,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[11].exe
[2012.07.16 20:13:14 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[1].exe
[2012.07.16 20:45:03 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[2].exe
[2012.07.17 00:43:16 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[3].exe
[2012.07.17 11:55:37 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[4].exe
[2012.07.17 15:59:57 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[5].exe
[2012.07.17 16:22:31 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[6].exe
[2012.07.18 10:32:06 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[7].exe
[2012.07.18 11:59:45 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[8].exe
[2012.07.18 17:09:44 | 000,000,000 | ---- | M] () -- \Users\Sator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UT43M2MS\kmplayer_downloader[9].exe
[2012.02.07 13:39:46 | 024,729,216 | ---- | M] () -- \Users\Sator\AppData\Local\Temp\is1070216317\JDownloaderSetup_IC.exe
[2011.05.03 13:02:49 | 000,245,726 | ---- | M] () -- \Users\Sator\AppData\Roaming\com.gog.downloader.87F90EC6C28C7E479115BE2E026DB87A08BC420D.1\Local Store\gogDownloader.txt
[2009.07.31 09:31:53 | 000,002,713 | ---- | M] () -- \Users\Sator\AppData\Roaming\LimeWire\browser\xulrunner\components\uriloader.xpt
[2012.07.23 21:38:45 | 000,216,359 | ---- | M] () -- \Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\OneClickDownloader@OneClickDownloader.com.xpi
[2012.03.22 06:38:24 | 000,004,176 | ---- | M] () -- \Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}\chrome\content\widgets\net.vmn.www.Bizrate\images\loader.gif
[2010.09.21 15:12:00 | 000,001,044 | ---- | M] () -- \Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\ffxtlbr@Facemoods.com\content\Loader.js
[2012.05.12 22:36:46 | 000,000,943 | ---- | M] () -- \Users\Sator\Desktop\SRDownloader.exe – zástupce.lnk
[2007.09.17 13:06:14 | 000,004,408 | ---- | M] () -- \Users\Sator\Desktop\hry\Pocket Tanks Deluxe 1.3\loader.bbk
[2007.04.23 14:36:32 | 000,170,971 | ---- | M] () -- \Users\Sator\Desktop\hry\Pocket Tanks Deluxe 1.3\loader.dat
[2007.04.25 10:26:18 | 000,040,432 | ---- | M] () -- \Users\Sator\Desktop\hry\Pocket Tanks Deluxe 1.3\ptloader.exe
[2012.04.19 21:20:17 | 001,238,562 | ---- | M] () -- \Users\Sator\Documents\Witcher 2\Downloads\Downloader.exe
[2012.08.13 15:56:06 | 000,034,766 | ---- | M] () -- \Windows\Prefetch\SRDOWNLOADER.EXE-CAD8B099.pf
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2010.11.21 11:27:28 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 11:27:28 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2010.11.21 11:27:28 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2010.11.21 11:27:28 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2010.11.21 11:27:28 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2010.11.21 05:27:02 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2010.11.21 05:27:02 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.efi_75834aa0
[2010.11.21 05:27:02 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winload.exe_75835076
[2010.11.21 05:27:02 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.efi_85cd069f
[2010.11.21 05:27:02 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2010.11.21 11:26:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

Ještě přikládám extras

OTL Extras logfile created on: 14.8.2012 22:22:31 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Sator\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 64,16% Memory free
8,00 Gb Paging File | 6,48 Gb Available in Paging File | 81,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 78,12 Gb Total Space | 28,63 Gb Free Space | 36,64% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 67,74 Gb Free Space | 11,36% Space Free | Partition Type: NTFS
Drive E: | 4,09 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 931,51 Gb Total Space | 189,54 Gb Free Space | 20,35% Space Free | Partition Type: NTFS
Drive W: | 518,04 Gb Total Space | 60,88 Gb Free Space | 11,75% Space Free | Partition Type: NTFS

Computer Name: SATOR-PC | User Name: Sator | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- Reg Error: Value error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08B0ABE4-A23B-4D02-8843-2850DA13BA4E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0A740AC0-608A-4602-9362-BE38790C54FD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D7F6FD3-722D-4CD0-8F06-5EDA0F9066D0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{42327E1F-C05A-4B5A-AD53-5D5D168F7A17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{479FFDEE-D7B1-49E7-AD4D-65CF34B450CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{79DBBA45-168E-4202-A884-C7EAB3451C0B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{92B6A077-279A-42DB-858F-346BDB7E2540}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9B44159F-5B5C-409B-9886-1DC84215583D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9E965133-FD82-4F40-B865-217E7620E29D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AE9600-D563-4B8D-8FDD-3093A6FC3575}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{08B31B59-274A-4B5B-8825-463B78181192}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{09083671-12EC-4F7E-912E-96C28A5D1CC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C44BBF7-46B1-437C-A052-89AAB2D3B292}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{157C26A0-AD52-43D4-84C4-535AE5D2F5C9}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\solar 2\solar2.exe |
"{166D51DF-B29B-46D6-913B-008FE9FBAFD8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chantelise\chantelise.exe |
"{167EF834-EEE2-470A-BE9B-CB8B1AA34C25}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{1B253EAE-AD53-443D-BD04-27B6DC79ADAE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1D9B9913-5868-4FE3-A7E3-D69D391682D3}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\machinarium\machinarium.exe |
"{219C87AE-885A-4897-8A88-61C524682AD0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24E2D6CD-E4AE-4628-80AC-CA765084F046}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\command and conquer 3 tiberium wars\cnc3.exe |
"{2594A3C4-AEBE-4673-98A5-2FE326D873C1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\command and conquer 3 tiberium wars\cnc3.exe |
"{27B34C7F-4A42-424A-84AA-5309F6F47734}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{2B23D0A0-5B7A-4AE1-8AB0-18D471F7CFC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3485C79E-46E2-4F19-8A63-083117663595}" = protocol=17 | dir=in | app=d:\programky\utorrent\utorrent.exe |
"{35FA0742-11A6-4217-992E-D076CDE92575}" = protocol=17 | dir=in | app=d:\hry\bioware\star wars-the old republic\launcher.exe |
"{3716C839-1B6E-4835-8AFE-8A926FB9A053}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3FB6CEE9-5FC1-465A-B259-12C7238F24DA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5126E307-2B84-4364-81C2-7FAEC50EE221}" = protocol=6 | dir=in | app=d:\hry\bioware\star wars-the old republic\swtor\retailclient\swtor.exe |
"{561D9EAD-3BC7-40F1-A23F-E7BBB345FC9D}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\command and conquer 3 tiberium wars\support\ea help\electronic_arts_technical_support.htm |
"{61508BD1-660B-48F2-85FC-67A3F082B723}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{627A42DA-72F1-4D93-9FCB-9420FB4025DE}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{6409FD6D-E9D1-4B73-B895-31399E39AF41}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{69639993-BC1F-4755-BF48-36767B01CD9B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\chantelise\custom.exe |
"{6BC3BA14-D188-44EC-A947-A5E1EEB85414}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F55765F-8593-4D44-8C1D-09CA1A7F0579}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chantelise\chantelise.exe |
"{77E2E6B9-BDC7-496F-961F-5EDC3655B43F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{79CC424C-200B-49C6-94DA-C56E382955DE}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{8A3F7F7B-242F-40B2-BDCA-1CF768F95545}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\solar 2\solar2.exe |
"{8CA29D4F-F539-4B8C-8C3F-EF58FDFA8801}" = protocol=6 | dir=in | app=d:\hry\bioware\star wars-the old republic\launcher.exe |
"{8ED9C311-33BF-4609-B132-5A6078FA1F81}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{90012D72-E001-4128-B3D6-8CEB1FD81336}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\solar 2\solar2.exe |
"{9236468A-1CD4-4282-BFB4-526E9FD1FCB6}" = protocol=6 | dir=out | app=system |
"{989CF530-8A5C-48C4-B44D-DF279256616D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A3DD1374-97CE-484A-906F-95F6E39461CE}" = protocol=6 | dir=in | app=d:\hry\bioware\star wars-the old republic\swtor\retailclient\swtor.exe |
"{A5C4DE43-912D-45C8-981F-858AADAF7F84}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2.exe |
"{AC7E69DD-538E-4BC1-AC6E-F9911900D284}" = protocol=17 | dir=in | app=d:\hry\bioware\star wars-the old republic\swtor\retailclient\swtor.exe |
"{ACDBE428-C194-441D-8415-A728599FC54C}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{AD0EEE95-334B-4933-898A-F29195CB4DA3}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{ADFB6846-C2FB-4708-85A2-CC8E85CA371D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{B3FBC03A-D98F-43B4-BBD5-F41DDAA56235}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\machinarium\machinarium.exe |
"{B4F3AE64-17FA-4821-9A7A-91B3D6A38A04}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\solar 2\solar2.exe |
"{B5A1037E-0A1B-4684-BDC8-E38A0F8FC271}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B8DC8A70-23C9-45F0-9D64-3E9D169B332C}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\recettear\recettear.exe |
"{BD986CE7-B356-46F9-BB18-029202EFBCA1}" = protocol=6 | dir=in | app=d:\hry\bioware\star wars-the old republic\launcher.exe |
"{C8D783BC-588E-4758-9F72-FF2751BFFE51}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\bastion\bastion.exe |
"{D259D00A-FF79-42F9-BC22-078B579D24BF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\command and conquer 3 tiberium wars\support\ea help\electronic_arts_technical_support.htm |
"{D73BE867-1265-4353-A235-D8E5C1BE6801}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\recettear\custom.exe |
"{DA8CC056-2726-4E98-8DCE-0427A25315DD}" = protocol=17 | dir=in | app=d:\hry\bioware\star wars-the old republic\swtor\retailclient\swtor.exe |
"{DFFB3DF7-4A00-45EA-B05B-F8BE385A3284}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{E2B361AC-7839-47D9-B9F8-D5CC8EEFB194}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{E2F36224-1705-4EBD-8398-73D2BA068C4C}" = protocol=17 | dir=in | app=d:\hry\bioware\star wars-the old republic\launcher.exe |
"{EE95FF1E-907D-40AE-A035-E785FC16A1F9}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\chantelise\custom.exe |
"{F7F04538-DF6F-4101-8156-47D64C829C9C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F9C7134A-9A63-46EB-B20A-2771F578CB04}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\neverwinter nights 2\nwn2.exe |
"{FC0A1381-A078-4D90-8285-38B3BE448E06}" = protocol=6 | dir=in | app=d:\programky\utorrent\utorrent.exe |
"TCP Query User{086B432A-CDCF-4F30-8E79-7D4CBFBF3398}D:\hry\mass effect 2\binaries\masseffect2.exe" = protocol=6 | dir=in | app=d:\hry\mass effect 2\binaries\masseffect2.exe |
"TCP Query User{27BF1B4B-6CD8-4E72-BE32-483F4AD5406A}D:\hry\waves\binaries\win32\waves.exe" = protocol=6 | dir=in | app=d:\hry\waves\binaries\win32\waves.exe |
"UDP Query User{0ABA9719-227D-462B-9D76-FCA4470F0285}D:\hry\mass effect 2\binaries\masseffect2.exe" = protocol=17 | dir=in | app=d:\hry\mass effect 2\binaries\masseffect2.exe |
"UDP Query User{94157752-B82F-40A7-A563-CC76CC979026}D:\hry\waves\binaries\win32\waves.exe" = protocol=17 | dir=in | app=d:\hry\waves\binaries\win32\waves.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8D6D29ED-01AC-4A00-8F30-69E1246E4EC3}" = ESET NOD32 Antivirus
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{CD54A15F-4FBA-04DE-FE24-20AE11BE07AE}" = AMD AVIVO64 Codecs
"{D77162FE-B7B2-8E1E-D80D-89DE6217DF13}" = AMD Drag and Drop Transcoding
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"UDK-d815d237-da82-4b77-aac0-f652e43b0718" = My Game Long Name
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.00 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FCAA8F-59D3-4198-822E-135C61EE4F0B}" = NeroKwikMedia Help (CHM)
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{2F7D5734-056F-4A0A-A1C7-CA1AAE5BB1EB}" = Angry Birds
"{315F5FFC-1A5C-4A2A-B8E7-1C5B1174C198}_is1" = AML Free Registry Cleaner 4.24
"{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1" = Leawo Video Converter version 5.1.0.0
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}" = Angry Birds Space
"{461B11E8-BF34-4ACB-962A-1CBE905BD9EB}" = LG United Mobile Drivers
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{58CB9A9A-1EFB-4EA8-B50C-3097E754AC21}" = High-Definition Video Playback
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{6365F76B-1FBF-449A-9075-5A78B924DE17}" = Mass Effect
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AB25C7D6-B68B-DC97-5138-3A7E1E23683E}" = HydraVision
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{BE841724-78F0-44D6-B6C4-C3D53708293B}" = Content Manager Assistant for PlayStation(R)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Audio Pack 1
"{C9FFC925-E27E-436E-A2DF-652324D51029}" = Nero 8
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1" = Odinstalovat LG PC Suite III
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2 (CZ)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1ClickDownloader" = 1ClickDownloader
"4F6D5E84-5826-4394-9F40-3A9A19165651_is1" = Pandora Service
"7-Zip" = 7-Zip 9.21beta
"AIMP2at" = AIMP2: Audio Tools
"AIMP3" = AIMP3
"Alien Nations_is1" = Alien Nations
"Baldur's Gate II_is1" = Baldur's Gate II
"Capsule" = Capsule
"DAEMON Tools Lite" = DAEMON Tools Lite
"Diablo III" = Diablo III
"Fallout Tactics_is1" = Fallout Tactics
"Heroes of Might and Magic 3 Complete_is1" = Heroes of Might and Magic 3 Complete
"Icewind Dale Complete_is1" = Icewind Dale Complete
"Inversion_is1" = Inversion
"IWDCZ" = Icewind Dale(TM) - Čeština
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.9.0 (Basic)
"kmpmediatoolbar" = KMP Media Toolbar
"Legend of Grimrock_is1" = Legend of Grimrock
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OpenAL" = OpenAL
"Orcs Must Die 2_is1" = Orcs Must Die 2
"Orcs Must Die!_is1" = Orcs Must Die!
"Picasa 3" = Picasa 3
"Puzzle Quest: Challenge of the Warlords 1.01" = Puzzle Quest: Challenge of the Warlords 1.01
"Resonance_is1" = Resonance version 1.0
"Revo Uninstaller" = Revo Uninstaller 1.94
"Rollcage Stage II" = Rollcage Stage II
"Sanitarium_is1" = Sanitarium
"Steam App 107100" = Bastion
"Steam App 24790" = Command and Conquer 3: Tiberium Wars
"Steam App 2760" = Neverwinter Nights 2: Platinum
"Steam App 40700" = Machinarium
"Steam App 440" = Team Fortress 2
"Steam App 70400" = Recettear: An Item Shop's Tale
"Steam App 70420" = Chantelise
"Steam App 72850" = The Elder Scrolls V: Skyrim
"SubtitleWorkshop" = Subtitle Workshop 2.51
"The KMPlayer" = The KMPlayer (remove only)
"The Whispered World_is1" = The Whispered World
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"xvid" = XviD MPEG-4 Video Codec
"XviD4PSP" = XviD4PSP
"XviD4PSP60" = XviD4PSP 6.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"7f4182272b52fd8f" = CZShare Manager
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 13.8.2012 11:27:31 | Computer Name = Sator-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB
pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>.
Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného
souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti. .

Error - 10.8.2012 11:38:15 | Computer Name = Sator-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Game.exe, verze: 1.0.0.0, časové razítko:
0x5019428d Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x00000000 ID chybujícího procesu: 0xb38 Čas spuštění
chybující aplikace: 0x01cd770df06aaef1 Cesta k chybující aplikaci: D:\hry\The Amazing
Spider-Man\Game.exe Cesta k chybujícímu modulu: unknown ID zprávy: 66bc13c2-e301-11e1-b6eb-001a4d9f2d73

Error - 14.8.2012 2:29:29 | Computer Name = Sator-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.8.2012 14:21:27 | Computer Name = Sator-PC | Source = WinMgmt | ID = 10
Description =

Error - 14.8.2012 15:09:17 | Computer Name = Sator-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 30.3.2012 7:56:49 | Computer Name = Sator-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 31.3.2012 2:27:00 | Computer Name = Sator-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 1.4.2012 2:46:38 | Computer Name = Sator-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 1.4.2012 13:15:02 | Computer Name = Sator-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

Error - 1.4.2012 13:18:26 | Computer Name = Sator-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 1.4.2012 13:18:27 | Computer Name = Sator-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 1.4.2012 13:18:28 | Computer Name = Sator-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 1.4.2012 13:18:28 | Computer Name = Sator-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 1.4.2012 13:18:29 | Computer Name = Sator-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 2.4.2012 3:34:14 | Computer Name = Sator-PC | Source = Service Control Manager | ID = 7024
Description = Služba Naslouchací proces domácí skupiny ukončena s chybou %%-2147023143,
specifickou pro službu.

< End of report >

#7 Příspěvek od **vyosek** » 14 srp 2012 22:21

Pres to revo sel ten kram Yontoo do pryc

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{00FE2CD1-4F02-4569-98E4-0115280FB16A}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=C74AA808-C733-4A62-8D85-C5369D1D5D7C&apn_sauid=B87109DE-DC93-4A1E-A723-0FBAF767AFDB
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9F6FDA7A-5850-4D33-837B-221E95CECC1E}&mid=657154efae4947d0944bd1530b7bc480-9839e4b5e38c711dccd958b255c6b8f9233be360&lang=en&ds=AVG&pr=pr&d=&v=&sap=dsp&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="
[2012.07.25 23:16:24 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.24 08:42:59 | 000,000,000 | ---D | M] (KMP Media Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}
[2011.08.27 17:48:11 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2012.06.21 13:37:10 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\djziggy@gmail.com
[2011.08.27 17:48:04 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\DTToolbar@toolbarnet.com
[2011.08.27 17:48:08 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\ffxtlbr@Facemoods.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\plugin@yontoo.com
[2012.06.21 13:37:22 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\zigboom@ymail.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions\plugin@yontoo.com
[2011.07.26 18:19:58 | 000,002,333 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\askcom.xml
[2009.02.26 14:22:28 | 000,000,880 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\conduit.xml
[2010.10.30 22:54:38 | 000,002,059 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\daemon-search.xml
[2012.08.07 22:01:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-1.xml
[2010.12.11 10:42:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-10.xml
[2011.03.05 13:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-11.xml
[2011.03.06 14:53:11 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-12.xml
[2011.04.09 12:30:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-13.xml
[2011.04.11 15:46:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-14.xml
[2011.05.01 00:17:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-15.xml
[2011.06.20 23:16:13 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-16.xml
[2011.06.23 19:37:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-17.xml
[2011.06.23 21:43:29 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-18.xml
[2011.06.24 08:31:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-19.xml
[2010.06.28 09:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-2.xml
[2011.06.25 20:45:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-20.xml
[2011.06.26 10:15:56 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-21.xml
[2011.07.01 09:26:25 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-22.xml
[2011.07.01 13:43:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-23.xml
[2011.07.01 14:21:30 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-24.xml
[2011.07.02 11:53:48 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-25.xml
[2011.07.06 16:21:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-26.xml
[2011.07.07 16:13:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-27.xml
[2011.07.09 20:39:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-28.xml
[2011.07.10 22:34:33 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-29.xml
[2010.07.21 13:09:14 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-3.xml
[2011.07.14 20:18:17 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-30.xml
[2011.07.14 20:19:52 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-31.xml
[2011.07.20 21:46:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-32.xml
[2011.07.21 19:55:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-33.xml
[2011.07.21 21:00:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-34.xml
[2011.07.21 21:49:59 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-35.xml
[2011.07.21 22:38:12 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-36.xml
[2011.07.24 19:30:24 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-37.xml
[2011.08.02 15:22:23 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-38.xml
[2011.08.02 17:30:09 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-39.xml
[2010.07.24 12:53:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-4.xml
[2011.08.09 19:50:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-40.xml
[2011.08.09 22:19:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-41.xml
[2011.08.16 15:20:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-42.xml
[2011.08.18 23:28:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-43.xml
[2011.08.20 00:22:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-44.xml
[2011.08.27 19:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-45.xml
[2011.08.28 22:44:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-46.xml
[2011.09.01 13:53:57 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-47.xml
[2011.09.07 21:46:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-48.xml
[2011.09.30 18:00:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-49.xml
[2010.08.30 22:20:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-5.xml
[2011.10.07 23:01:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-50.xml
[2011.11.07 16:38:08 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-51.xml
[2012.01.02 18:31:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-52.xml
[2012.02.04 23:27:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-53.xml
[2012.02.11 18:19:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-54.xml
[2012.02.17 20:00:21 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-55.xml
[2012.03.18 23:40:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-56.xml
[2012.03.27 21:16:04 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-57.xml
[2012.04.28 07:46:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-58.xml
[2012.06.06 11:59:46 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-59.xml
[2010.09.16 21:59:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-6.xml
[2012.06.16 15:04:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-60.xml
[2012.07.18 00:04:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-61.xml
[2012.07.22 15:11:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-62.xml
[2010.10.16 00:47:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-7.xml
[2010.10.21 09:43:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-8.xml
[2010.10.29 12:54:53 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-9.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.xml
CHR - Extension: Yontoo = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
O2 - BHO: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O3 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\Shell - "" = AutoRun
[2011.09.30 20:36:48 | 000,000,000 | -H-D | M] -- C:\Users\Sator\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\‚ ‚·‚Ć‚ë‚ń
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\AppPatch\*.tmp files -> C:\Windows\AppPatch\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2012.08.14 17:19:02 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job
[2012.08.14 22:19:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:services
NAUpdate
Nero BackItUp Scheduler 3

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=D:\Programky\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Google Update"=C:\Users\Sator\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-27 116648]
"uTorrent"=D:\Programky\uTorrent\uTorrent.exe [2012-05-15 880496]
"GNE_SwapScreen"=C:\Users\Sator\Desktop\Plocha bordel\SwapScreen.exe [2011-04-13 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2009-03-25 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
D:\Programky\uTorrent\uTorrent.exe [2012-05-15 880496]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe ARM"=-
"QuickTime Task"=-
"NBKeyScan"=-
"AML Registry Cleaner"=-
"SunJavaUpdateSched"=-

:files
C:\Program Files (x86)\Yontoo
C:\Program Files (x86)\kmpmediatoolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Sulfaen · #8 Příspěvek od **Sulfaen** » 14 srp 2012 22:39

OTL se pár vteřin po spuštění opravy zasekne a neodpovídá.

Revo tam ten program nezobrazuje.

#9 Příspěvek od **vyosek** » 14 srp 2012 22:52

Chyba na me strane

Pouzijte tento (opraveny) skript

Kód: Vybrat vše

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{00FE2CD1-4F02-4569-98E4-0115280FB16A}: "URL" = http://websearch.ask.com/redirect?clien ... src=crm&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=C74AA808-C733-4A62-8D85-C5369D1D5D7C&apn_sauid=B87109DE-DC93-4A1E-A723-0FBAF767AFDB
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9F6FDA7A-5850-4D33-837B-221E95CECC1E}&mid=657154efae4947d0944bd1530b7bc480-9839e4b5e38c711dccd958b255c6b8f9233be360&lang=en&ds=AVG&pr=pr&d=&v=&sap=dsp&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BS_Player Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.8.0552
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="
[2012.07.25 23:16:24 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.04.24 08:42:59 | 000,000,000 | ---D | M] (KMP Media Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}
[2011.08.27 17:48:11 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
[2012.06.21 13:37:10 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\djziggy@gmail.com
[2011.08.27 17:48:04 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\DTToolbar@toolbarnet.com
[2011.08.27 17:48:08 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\ffxtlbr@Facemoods.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\plugin@yontoo.com
[2012.06.21 13:37:22 | 000,000,000 | ---D | M] (LavaFox V2-Green) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\zigboom@ymail.com
[2012.04.28 23:53:12 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions\plugin@yontoo.com
[2011.07.26 18:19:58 | 000,002,333 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\askcom.xml
[2009.02.26 14:22:28 | 000,000,880 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\conduit.xml
[2010.10.30 22:54:38 | 000,002,059 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\daemon-search.xml
[2012.08.07 22:01:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-1.xml
[2010.12.11 10:42:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-10.xml
[2011.03.05 13:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-11.xml
[2011.03.06 14:53:11 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-12.xml
[2011.04.09 12:30:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-13.xml
[2011.04.11 15:46:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-14.xml
[2011.05.01 00:17:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-15.xml
[2011.06.20 23:16:13 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-16.xml
[2011.06.23 19:37:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-17.xml
[2011.06.23 21:43:29 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-18.xml
[2011.06.24 08:31:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-19.xml
[2010.06.28 09:06:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-2.xml
[2011.06.25 20:45:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-20.xml
[2011.06.26 10:15:56 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-21.xml
[2011.07.01 09:26:25 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-22.xml
[2011.07.01 13:43:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-23.xml
[2011.07.01 14:21:30 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-24.xml
[2011.07.02 11:53:48 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-25.xml
[2011.07.06 16:21:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-26.xml
[2011.07.07 16:13:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-27.xml
[2011.07.09 20:39:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-28.xml
[2011.07.10 22:34:33 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-29.xml
[2010.07.21 13:09:14 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-3.xml
[2011.07.14 20:18:17 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-30.xml
[2011.07.14 20:19:52 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-31.xml
[2011.07.20 21:46:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-32.xml
[2011.07.21 19:55:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-33.xml
[2011.07.21 21:00:05 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-34.xml
[2011.07.21 21:49:59 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-35.xml
[2011.07.21 22:38:12 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-36.xml
[2011.07.24 19:30:24 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-37.xml
[2011.08.02 15:22:23 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-38.xml
[2011.08.02 17:30:09 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-39.xml
[2010.07.24 12:53:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-4.xml
[2011.08.09 19:50:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-40.xml
[2011.08.09 22:19:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-41.xml
[2011.08.16 15:20:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-42.xml
[2011.08.18 23:28:55 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-43.xml
[2011.08.20 00:22:07 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-44.xml
[2011.08.27 19:03:02 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-45.xml
[2011.08.28 22:44:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-46.xml
[2011.09.01 13:53:57 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-47.xml
[2011.09.07 21:46:00 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-48.xml
[2011.09.30 18:00:39 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-49.xml
[2010.08.30 22:20:41 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-5.xml
[2011.10.07 23:01:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-50.xml
[2011.11.07 16:38:08 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-51.xml
[2012.01.02 18:31:32 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-52.xml
[2012.02.04 23:27:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-53.xml
[2012.02.11 18:19:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-54.xml
[2012.02.17 20:00:21 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-55.xml
[2012.03.18 23:40:15 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-56.xml
[2012.03.27 21:16:04 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-57.xml
[2012.04.28 07:46:03 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-58.xml
[2012.06.06 11:59:46 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-59.xml
[2010.09.16 21:59:58 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-6.xml
[2012.06.16 15:04:42 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-60.xml
[2012.07.18 00:04:38 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-61.xml
[2012.07.22 15:11:22 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-62.xml
[2010.10.16 00:47:06 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-7.xml
[2010.10.21 09:43:50 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-8.xml
[2010.10.29 12:54:53 | 000,000,950 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-9.xml
[2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.gif
[2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.src
[2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.xml
CHR - Extension: Yontoo = C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0\
O2 - BHO: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (KMP Media Toolbar) - {daf5b34c-1aa3-4c33-ae24-766a370635d2} - C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll (Ask.com)
O3 - HKU\S-1-5-21-1852592248-3392708036-3997794346-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\Shell - "" = AutoRun
[2011.09.30 20:36:48 | 000,000,000 | -H-D | M] -- C:\Users\Sator\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.08.27 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Sator\AppData\Roaming\‚ ‚·‚Ć‚ë‚ń
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\AppPatch\*.tmp files -> C:\Windows\AppPatch\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2012.08.14 17:19:02 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job
[2012.08.14 22:19:00 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:services
NAUpdate
Nero BackItUp Scheduler 3

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Google Update"=-
"uTorrent"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe ARM"=-
"QuickTime Task"=-
"NBKeyScan"=-
"AML Registry Cleaner"=-
"SunJavaUpdateSched"=-

:files
C:\Program Files (x86)\Yontoo
C:\Program Files (x86)\kmpmediatoolbar
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Sulfaen · #10 Příspěvek od **Sulfaen** » 14 srp 2012 22:59

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Internet Explorer\SearchScopes\{00FE2CD1-4F02-4569-98E4-0115280FB16A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00FE2CD1-4F02-4569-98E4-0115280FB16A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "BS_Player Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.2.9&q=" removed from browser.search.defaulturl
Prefs.js: "ICQ Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: DTToolbar@toolbarnet.com:1.0.8.0552 removed from extensions.enabledItems
Prefs.js: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.2 removed from extensions.enabledItems
Prefs.js: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 removed from extensions.enabledItems
Prefs.js: toolbar@ask.com:3.11.3.15590 removed from extensions.enabledItems
Prefs.js: ffxtlbr@Facemoods.com:1.2.0 removed from extensions.enabledItems
Prefs.js: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 removed from extensions.enabledItems
Prefs.js: "http://search.icq.com/search/afe_result ... r=1.5.3&q=" removed from keyword.URL
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{daf5b34c-1aa3-4c33-ae24-766a370635d2}\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\djziggy@gmail.com\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\DTToolbar@toolbarnet.com\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\ffxtlbr@Facemoods.com\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\plugin@yontoo.com\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\extensions\zigboom@ymail.com\ not found.
Folder C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\lu8i5y16.default\extensions\plugin@yontoo.com\ not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\askcom.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\conduit.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\daemon-search.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-1.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-10.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-11.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-12.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-13.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-14.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-15.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-16.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-17.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-18.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-19.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-2.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-20.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-21.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-22.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-23.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-24.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-25.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-26.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-27.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-28.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-29.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-3.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-30.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-31.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-32.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-33.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-34.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-35.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-36.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-37.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-38.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-39.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-4.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-40.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-41.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-42.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-43.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-44.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-45.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-46.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-47.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-48.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-49.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-5.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-50.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-51.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-52.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-53.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-54.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-55.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-56.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-57.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-58.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-59.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-6.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-60.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-61.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-62.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-7.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-8.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin-9.xml not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.gif not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.src not found.
File C:\Users\Sator\AppData\Roaming\Mozilla\Firefox\Profiles\818no063.default\searchplugins\icqplugin.xml not found.
File C:\Users\Sator\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0 not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{daf5b34c-1aa3-4c33-ae24-766a370635d2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{daf5b34c-1aa3-4c33-ae24-766a370635d2}\ not found.
File C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{daf5b34c-1aa3-4c33-ae24-766a370635d2} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{daf5b34c-1aa3-4c33-ae24-766a370635d2}\ not found.
File C:\Program Files (x86)\kmpmediatoolbar\searchresultsDx.dll not found.
Registry value HKEY_USERS\S-1-5-21-1852592248-3392708036-3997794346-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c8ddad6c-eb79-11e0-a89d-001a4d9f2d73}\ not found.
Folder C:\Users\Sator\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}\ not found.
Folder C:\Users\Sator\AppData\Roaming\‚ ‚·‚Ć‚ë‚ń\ not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\AppPatch\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp not found.
File C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000Core.job not found.
File C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1852592248-3392708036-3997794346-1000UA.job not found.
Unable to delete ADS C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT .
========== SERVICES/DRIVERS ==========
Error: No service named NAUpdate was found to stop!
Service\Driver key NAUpdate not found.
Error: No service named Nero BackItUp Scheduler 3 was found to stop!
Service\Driver key Nero BackItUp Scheduler 3 not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\NBKeyScan deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\AML Registry Cleaner deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
========== FILES ==========
File\Folder C:\Program Files (x86)\Yontoo not found.
C:\Program Files (x86)\kmpmediatoolbar\components folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib\debugbar folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\skin folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\locale\toolbar folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\locale\lib folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\locale folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\data\weather folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\data\search folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\data\rss folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\data\dynamicElements folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\data folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\scripts folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\skin folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\js folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.YouTube_v2 folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\skin\scripts folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\skin\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\skin\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\skin folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\js folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.WebTV folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.RadioBeta folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\scripts folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\skin folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\js folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.MyStartFacebook folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\skin\scripts folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\skin\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\skin\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\skin folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\js folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate\css folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets\net.vmn.www.Bizrate folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\newtab\images folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\newtab folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome\content folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar\chrome folder moved successfully.
C:\Program Files (x86)\kmpmediatoolbar folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Sator
->Temp folder emptied: 2799823042 bytes
->Temporary Internet Files folder emptied: 17265322 bytes
->Java cache emptied: 1394546 bytes
->FireFox cache emptied: 96062757 bytes
->Google Chrome cache emptied: 212855470 bytes
->Flash cache emptied: 72100 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 534563677 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53263 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3 492,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Sator
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Sator
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.57.0 log created on 08142012_235334

Files\Folders moved on Reboot...
C:\Users\Sator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...
File C:\Users\Sator\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!

Registry entries deleted on Reboot...

#11 Příspěvek od **vyosek** » 14 srp 2012 23:00

Tak co ESET, stale krici

Sulfaen · #12 Příspěvek od **Sulfaen** » 14 srp 2012 23:07

ESET už ni nezobrazuje,děkuji za pomoc.
Ale v Odinstalovat nebo změnit program mi to stále ukaje ten program.

#13 Příspěvek od **vyosek** » 14 srp 2012 23:09

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Zaznam v Odinstalovat nebo změnit program je uz jen neplatny zastupce, pokud tam stale bude i pres vycisteni CCleanerem, tak napiste

Sulfaen · #14 Příspěvek od **Sulfaen** » 14 srp 2012 23:25

Když otevřu Odinstalovat nebo změnit program tak tam pořád je,mam použít položku vymazat v ccleaner?

Omlouvám se že jsem to nenapsel nazačátku ale ještě než jem požádal o pomoc našel jsem v Program files složku yontoo a v ní souobor zakončený dll,složku jsem smazal.

#15 Příspěvek od **vyosek** » 14 srp 2012 23:28

Sulfaen píše:mam použít položku vymazat v ccleaner?

Ano, presne tak

VIRY.CZ

Yontoo 1.10.02 nejde smazat

Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat

Re: Yontoo 1.10.02 nejde smazat