Kontrola logu; výrazné zpomalení ntb; infekce

Zpráva

Xantus · #1 Příspěvek od **Xantus** » 26 bře 2010 23:56

Dobrý večer,

chtěl bych Vás požádat o kontrolu RSIT logu. Zdá se, že ntb nestále pracuje, wifi dioda připojení neustále bliká (odesílá/přijímá) více než by měla a vůbec celkové zpomalení ntb.

Děkuji Vám.

RSIT log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Andrew at 2010-03-26 23:19:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 63 GB (43%) free of 146 GB
Total RAM: 3036 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:35:19, on 26.3.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Genius\ioCentre\gTaskBar.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Andrew\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Genius\ioCentre\gMouseTask.exe
C:\Genius\ioCentre\gKbdTask.exe
C:\Genius\ioCentre\gAutoPan.exe
C:\Genius\ioCentre\gAutoScroll.exe
C:\Genius\ioCentre\gZoom.exe
C:\Genius\ioCentre\gMGlass.exe
C:\Genius\ioCentre\gIMMgm.exe
C:\Genius\ioCentre\gDeskMgm.exe
C:\Genius\ioCentre\gTaskSwitch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\conime.exe
C:\Users\Andrew\Downloads\RSIT.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\trend micro\Andrew.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 222.89.92.106:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Andrew\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: My_AutoWarkey_Script.lnk = C:\Andrew\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca9146d78788d9) (gupdate1ca9146d78788d9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 15219 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-03 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-12 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-12 256112]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-18 6294048]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-12 30192]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-11-28 417792]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-09-11 544768]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"PLFSetI"=C:\Windows\PLFSetI.exe [2007-10-23 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-06-04 817672]
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-10-08 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-10-08 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-10-17 167936]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2006-12-08 241664]
"Skytel"=C:\Windows\Skytel.exe [2008-09-18 1833504]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]
"Steam"=C:\Andrew\Steam\Steam.exe [2010-02-20 1217872]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-05 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883840]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-10 133368]
"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2010-03-23 2937528]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-03-09 26100520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
My_AutoWarkey_Script.lnk - C:\Andrew\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
OpenOffice.org 3.0.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}]
shell\AutoRun\command - F:\aoesetup.exe
shell\dxsetup\command - F:\directx\dxsetup.exe
shell\ie30\command - F:\goodies\ie30295.exe
shell\ie30nt\command - F:\goodies\ie302nt.exe
shell\msinfo\command - F:\goodies\msinfo\msinfo32.exe
shell\setup\command - F:\aoesetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63f18b05-51e5-11de-8793-00238b8f6cab}]
shell\AutoRun\command - E:\AutoRun.exe

======List of files/folders created in the last 1 months======

2010-03-26 23:19:41 ----D---- C:\Program Files\trend micro
2010-03-26 23:19:40 ----D---- C:\rsit
2010-03-26 23:14:29 ----D---- C:\CCleaner
2010-03-26 22:34:14 ----D---- C:\Program Files\Common Files\Akamai
2010-03-26 22:12:16 ----D---- C:\Rappelz
2010-03-26 16:56:56 ----D---- C:\Program Files\Common Files\Skype
2010-03-23 20:15:56 ----D---- C:\Program Files\Common Files\INCA Shared
2010-03-23 18:00:00 ----D---- C:\Mount&Blade
2010-03-23 15:49:46 ----D---- C:\Program Files\WEBZEN
2010-03-23 15:49:46 ----A---- C:\Windows\system32\CMStarterCore.exe
2010-03-23 15:49:46 ----A---- C:\Windows\system32\CMStarter_Kor.dll
2010-03-23 15:49:46 ----A---- C:\Windows\system32\CMStarter_Eng.dll
2010-03-23 15:32:48 ----D---- C:\ProgramData\PMB Files
2010-03-23 15:32:38 ----D---- C:\Program Files\Pando Networks
2010-03-22 21:02:26 ----D---- C:\ProgramData\TmForever
2010-03-22 21:01:32 ----A---- C:\Windows\system32\xinput1_1.dll
2010-03-22 21:01:32 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-03-22 21:01:31 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-03-22 21:01:10 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-03-22 21:01:10 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-03-22 21:01:09 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-03-22 21:01:08 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-03-22 21:01:07 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-03-22 21:01:06 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-03-22 21:01:02 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-03-21 20:46:35 ----D---- C:\Program Files\Combined Community Codec Pack
2010-03-20 09:13:40 ----A---- C:\Windows\system32\browserchoice.exe
2010-03-14 11:52:40 ----D---- C:\Users\Andrew\AppData\Roaming\TS3Client
2010-03-13 17:34:26 ----D---- C:\Program Files\ICQ7.0
2010-03-11 11:09:38 ----A---- C:\Windows\system32\javaws.exe
2010-03-11 11:09:38 ----A---- C:\Windows\system32\javaw.exe
2010-03-11 11:09:38 ----A---- C:\Windows\system32\java.exe
2010-03-11 03:02:05 ----A---- C:\Windows\system32\nshhttp.dll
2010-03-11 03:01:52 ----A---- C:\Windows\system32\httpapi.dll
2010-03-10 22:05:48 ----D---- C:\Users\Andrew\AppData\Roaming\Mount&Blade Warband
2010-03-10 21:50:05 ----D---- C:\Program Files\QS
2010-03-10 21:35:56 ----D---- C:\Users\Andrew\AppData\Roaming\TeamViewer
2010-03-10 21:22:05 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-03-10 21:22:02 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-03-09 21:17:08 ----D---- C:\Users\Andrew\AppData\Roaming\teamspeak2
2010-03-05 20:52:36 ----D---- C:\Program Files\KaM - The Peasants Rebellion
2010-03-03 21:21:24 ----D---- C:\Users\Andrew\AppData\Roaming\DivX
2010-03-03 20:01:17 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-03-03 20:01:12 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-02-28 16:31:30 ----D---- C:\Users\Andrew\AppData\Roaming\Mount&Blade

======List of files/folders modified in the last 1 months======

2010-03-26 23:35:07 ----D---- C:\Windows\Temp
2010-03-26 23:24:17 ----D---- C:\Users\Andrew\AppData\Roaming\Skype
2010-03-26 23:19:41 ----RD---- C:\Program Files
2010-03-26 23:18:07 ----D---- C:\Windows\Minidump
2010-03-26 23:18:07 ----D---- C:\Windows\Debug
2010-03-26 23:18:07 ----D---- C:\Windows
2010-03-26 23:08:05 ----SHD---- C:\System Volume Information
2010-03-26 23:07:58 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-26 23:07:22 ----D---- C:\Andrew
2010-03-26 22:41:25 ----SHD---- C:\Windows\Installer
2010-03-26 22:41:24 ----HD---- C:\Config.Msi
2010-03-26 22:37:02 ----D---- C:\Windows\Prefetch
2010-03-26 22:34:14 ----D---- C:\Program Files\Common Files
2010-03-26 16:57:06 ----RD---- C:\Program Files\Skype
2010-03-26 16:57:00 ----D---- C:\Windows\system32\Tasks
2010-03-26 16:56:55 ----D---- C:\ProgramData\Skype
2010-03-26 16:37:54 ----D---- C:\Users\Andrew\AppData\Roaming\skypePM
2010-03-26 06:33:10 ----D---- C:\Users\Andrew\AppData\Roaming\ICQ
2010-03-25 21:48:15 ----D---- C:\Windows\system32\drivers
2010-03-25 18:55:58 ----D---- C:\Windows\System32
2010-03-25 18:55:58 ----D---- C:\Windows\inf
2010-03-25 18:55:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-23 19:00:38 ----D---- C:\Program Files\Mozilla Firefox
2010-03-23 15:49:47 ----SD---- C:\Windows\Downloaded Program Files
2010-03-23 15:32:48 ----HD---- C:\ProgramData
2010-03-23 06:50:51 ----D---- C:\Windows\system32\catroot2
2010-03-22 21:01:31 ----RSD---- C:\Windows\assembly
2010-03-20 15:19:15 ----D---- C:\Genius
2010-03-20 15:19:14 ----D---- C:\DVD Shrink
2010-03-20 09:13:59 ----D---- C:\Windows\winsxs
2010-03-20 09:13:57 ----D---- C:\Windows\system32\catroot
2010-03-15 07:08:11 ----D---- C:\Advanced SystemCare 3
2010-03-15 07:08:08 ----D---- C:\Windows\Tasks
2010-03-14 09:12:50 ----D---- C:\Program Files\ICQ6Toolbar
2010-03-13 17:35:43 ----D---- C:\ProgramData\ICQ
2010-03-13 01:14:13 ----D---- C:\ProgramData\Microsoft Help
2010-03-11 11:09:35 ----D---- C:\Program Files\Java
2010-03-11 03:19:06 ----D---- C:\Program Files\Movie Maker
2010-03-11 03:19:05 ----D---- C:\Program Files\Windows Mail
2010-03-10 19:26:00 ----A---- C:\Windows\win.ini
2010-03-10 19:21:54 ----D---- C:\Windows\twain_32
2010-03-10 19:11:16 ----D---- C:\Windows\ShellNew
2010-03-04 20:38:22 ----D---- C:\Program Files\Microsoft Games
2010-03-04 20:34:15 ----RSD---- C:\Windows\Fonts
2010-03-03 19:51:32 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-03 13:26:27 ----D---- C:\Program Files\Common Files\Steam
2010-03-02 06:30:12 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2008-07-30 277736]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-10-01 12832]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-10 4172288]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
R3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys [2006-07-14 9984]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-18 2169944]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-05-19 47104]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-26 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S3 A310;AVerMedia A310 DVB-T; C:\Windows\system32\DRIVERS\AVerA310USB.sys [2008-07-03 26752]
S3 as2568ne;as2568ne; C:\Windows\system32\drivers\as2568ne.sys []
S3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device; C:\Windows\system32\drivers\AVerA310Cap.sys [2008-07-03 47104]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw5v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-10 724992]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-11-28 24576]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S2 gupdate1ca9146d78788d9;Služba Google Update (gupdate1ca9146d78788d9); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-09 133104]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-12 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-05 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-02-09 3387256]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-03-03 332720]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 27 bře 2010 10:43

Zdravím

Na logu se pracuje, prosím o strpení.

#3 Příspěvek od **Caroprd111** » 27 bře 2010 10:50

Napište, které z těchto toolbarů (lišt) můžeme smazat.

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

Obrázek

Napište, které z programů spuštěných po startu (řádky O4 v HJT logu) můžeme deaktivovat (budete si je spouštět ručně).

Obrázek

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Run Scan
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Xantus · #4 Příspěvek od **Xantus** » 27 bře 2010 15:01

Dobré odpoledne

1) Toolbary se mohou odstranit všechny.

2) O4 řádky - to bude nejspíš ICQ, Skype a Steam ... jiné (asi polovina) ani nevím co je =)

#5 Příspěvek od **Caroprd111** » 27 bře 2010 15:03

OK, takže zbytečné deaktivuji.

Ještě ten log z OTL.

Xantus · #6 Příspěvek od **Xantus** » 27 bře 2010 15:03

3a)

Extras log:
OTL Extras logfile created on: 27.3.2010 11:38:17 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Andrew\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,04 Gb Total Space | 68,06 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive D: | 139,50 Gb Total Space | 139,41 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 230,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREW-PC
Current User Name: Andrew
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{47FF2FA4-8161-4BA2-A9BE-FAE668FEAE1F}" = lport=49168 | protocol=6 | dir=in | name=akamai netsession interface |
"{7F534BC7-D0C6-4BE2-AC9F-750539BDC2A6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C370717F-5735-402C-919F-78CF3E899D7A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DDA06971-5414-409E-8F0B-EA63355350EF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002A224E-06E5-4B36-B71F-95EC060F27D2}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{0779B796-B7BF-4B2A-AAE3-04EF7449E896}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{0FA4537E-1BBA-42A5-873D-17EE85014620}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{18B0F2D6-2F1F-49F6-8FDE-DEE47F69E4D4}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{190E6ECD-7127-4FC5-BDBD-F5C19479FB08}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{1AD33512-74D5-426E-82D7-E0E16F133C00}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{217E8B1D-2C00-4D24-9D0A-AA72E6F9B429}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{27073333-CE57-43E1-8053-D1861AB0E661}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2837B75C-A393-490E-BC62-CB316619BFB0}" = protocol=6 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{2C64D356-8003-4D9E-B246-7CF390D1F05F}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{47DBB8A3-C3B6-4F57-940B-14A47FC2EB72}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{4F777ED3-EB43-4B93-968E-7173D77AC99C}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{50843143-CE90-4F33-A004-F494E7632FE0}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{51ED2A01-C4EE-47A0-A10B-BBF8A3D1F7C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58252D65-5088-487D-A49D-CB316557C7E0}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{67228550-1667-4BF5-9B58-01BFA851AC1F}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6BBB19CD-2C77-4FB0-A153-26F1A0189873}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{790C5E62-213D-416B-BBF6-DCB34878E9E9}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{8262D20D-6CDC-489D-8320-09EC9E661D3A}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{8440656A-48F3-4C2F-A21A-C14AA4EA6B41}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9B12AA11-3AA4-429E-ABE6-B8BB587736D5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B5C1E0A0-00D8-486C-B207-C8FCA5D7A02E}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{B9FAB9C2-9A33-43D9-A9AA-BFB1709BDD94}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{BCC1407E-4F2F-4B3E-BED2-4E9E14D0734E}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C3DE321A-0F72-46FB-8191-D9C1CE00D593}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C7D7155B-92BC-4F60-A255-D4ACB5ED5CBE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CD92852B-ECEB-49CF-BF2A-5A4BA830B589}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D0028B39-5E10-47F7-93DD-1B9D7306BD74}" = protocol=17 | dir=in | app=c:\program files\icq7.0\icq.exe |
"{D7B0A064-7035-41DE-8301-46C4BC9BC423}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{D806D54E-B151-429E-9843-28E6BA814866}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DC58C017-F2BF-4301-9C75-4F6960038083}" = protocol=17 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{DEB4153C-2F07-41A5-94F4-3995E50A3F04}" = protocol=6 | dir=in | app=c:\program files\icq7.0\aolload.exe |
"{F4A88858-C911-484A-9F7E-8B64F4F95EBD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F4EEA3ED-FE5F-486D-A4DA-E4D14DA47C7B}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{FF414F58-6BF9-4193-8B81-0C6FB3291709}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"TCP Query User{3AEEFF54-817A-480C-9823-A1024D5E5D49}C:\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\icq6.5\icq.exe |
"TCP Query User{667C8BBF-5566-41E3-91BF-57AACAC6CF56}C:\users\andrew\desktop\aoe2\empires2.exe" = protocol=6 | dir=in | app=c:\users\andrew\desktop\aoe2\empires2.exe |
"TCP Query User{81C5E621-B2DE-4903-8F90-E00B0C7FFF2E}C:\users\andrew\desktop\aoe2\age2_x1.exe" = protocol=6 | dir=in | app=c:\users\andrew\desktop\aoe2\age2_x1.exe |
"TCP Query User{9490F501-4234-4325-9BBF-53DB6157B171}C:\users\andrew\temp\teamviewer\version5\teamviewer.exe" = protocol=6 | dir=in | app=c:\users\andrew\temp\teamviewer\version5\teamviewer.exe |
"TCP Query User{F9185235-BCD4-40BC-A36D-27822BBED38A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{FCE8601F-036E-40E7-BC1B-39438BDBC529}C:\andrew\age of empires\empires.exe" = protocol=6 | dir=in | app=c:\andrew\age of empires\empires.exe |
"UDP Query User{3B9158F2-C914-41BF-B9F2-6B4130A05D47}C:\andrew\age of empires\empires.exe" = protocol=17 | dir=in | app=c:\andrew\age of empires\empires.exe |
"UDP Query User{5C42E2F2-7EDD-4F20-9A6C-2E01BEFC7A05}C:\users\andrew\temp\teamviewer\version5\teamviewer.exe" = protocol=17 | dir=in | app=c:\users\andrew\temp\teamviewer\version5\teamviewer.exe |
"UDP Query User{7ECEA7E8-6052-4F87-8C24-75F5CD1C92C5}C:\users\andrew\desktop\aoe2\empires2.exe" = protocol=17 | dir=in | app=c:\users\andrew\desktop\aoe2\empires2.exe |
"UDP Query User{AAAAE6F1-CD7D-4191-B00A-D0DCE9CCB178}C:\users\andrew\desktop\aoe2\age2_x1.exe" = protocol=17 | dir=in | app=c:\users\andrew\desktop\aoe2\age2_x1.exe |
"UDP Query User{BBFE4869-10E4-4891-8F12-C1BFF146C142}C:\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\icq6.5\icq.exe |
"UDP Query User{C0E91DA5-CCE0-4317-9A30-09EDD69D89EE}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001E7FB6-BB6B-4ED0-BEDC-B5404ED96D4E}" = DocProc
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6400
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{060AAE5B-9455-4D30-E03C-41442C580A47}" = Catalyst Control Center Localization Polish
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E44E447-6ED1-B31B-E0C6-E0A8533762C9}" = CCC Help German
"{0E592AF6-6381-0BD5-1990-44366C40282A}" = CCC Help Danish
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{10F498FF-5392-4DF3-8F73-FE172A9F3800}" = Winbond CIR Device Drivers
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{222E0321-4496-CD3B-71BE-BBFCB4A09A3A}" = Catalyst Control Center Localization Chinese Standard
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 17
"{29D1E00F-2447-6D6A-C552-1E7F5A6449EA}" = Catalyst Control Center Graphics Full New
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2A66D903-1ED8-D5CF-6A13-4ADF3D7ECD05}" = Catalyst Control Center Localization Norwegian
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{31C09120-6DDC-787F-7255-967B81777C7E}" = CCC Help Polish
"{32FC88B4-52B5-86FA-3E61-5E3AD43855D2}" = CCC Help Chinese Traditional
"{3329E4B5-8A30-1A98-5E87-1811857AD34A}" = Catalyst Control Center Localization Chinese Traditional
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BDC4390-55D4-CC3E-7D4F-399F7D3D64F3}" = CCC Help Chinese Standard
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{425640DF-10DB-F749-5ACE-41F5E00D3155}" = CCC Help Portuguese
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E646581-8E6D-B265-8894-E4E569572655}" = CCC Help Czech
"{51B4EC5E-25AD-077B-CEAE-B882F23FB605}" = Catalyst Control Center Graphics Previews Vista
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{564D0000-547B-4ED8-8070-85286CC8C9BF}" = OpenOffice.org 3.0
"{56EEFA3A-9E17-9922-68C8-FD1BD151AE65}" = ccc-utility
"{57265292-228A-41FA-9AEC-4620CBCC2739}" = Acer eAudio Management
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{58E5844B-7CE2-413D-83D1-99294BF6C74F}" = Acer ePower Management
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5D37080C-C718-87B4-2BCE-E04D23402BF0}" = CCC Help Norwegian
"{5DE17717-8B56-25F2-FB34-9AF121FA8167}" = Catalyst Control Center Core Implementation
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{60DF23EB-65DC-6933-C0DE-87D7F305A933}" = CCC Help Russian
"{61BF161D-B3CF-B966-DFE2-D36A74FE2FD3}" = CCC Help Thai
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A85F81E-9285-0964-BC23-714FC45263D0}" = CCC Help Greek
"{6B58131B-E1C3-9FC8-160C-C1E01B200C94}" = ATI Catalyst Install Manager
"{6BD84F7F-660E-02B0-D324-A15456320EDA}" = Catalyst Control Center InstallProxy
"{6C309974-85FF-6875-0DA8-FD3C2B399DC4}" = Catalyst Control Center Localization Spanish
"{6E257F26-57FA-4BC9-AE3B-D50AF937DA7F}" = Windows Live Toolbar
"{6E3970FD-8A5E-A3A1-4E7E-71F8C49DFF63}" = Catalyst Control Center Localization Portuguese
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{72291519-2DCA-BA30-798F-48C4E64E2313}" = Catalyst Control Center Localization Czech
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72BFF3AC-28AC-27EA-6FBD-5B2D14FEFCC7}" = Catalyst Control Center Localization French
"{734DCD79-13DA-855A-0EFB-83CE364C3452}" = CCC Help Dutch
"{751AB006-C405-3CB4-7827-86882BF1BA51}" = Catalyst Control Center Localization Korean
"{75CFDE75-80CA-E0AF-7A29-98E57C0C81EF}" = Skins
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{79BFBCBB-2085-5908-FF53-7BB34CE952B7}" = CCC Help Swedish
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B260281-BD06-400C-F51A-3FEB65108CB8}" = CCC Help Hungarian
"{7B268071-3D05-DBBF-3B44-59B7857D408F}" = Catalyst Control Center Localization Turkish
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110422467}" = Tiks Texas Hold em
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111940693}" = Bookworm Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112028410}" = Putt Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112548397}" = The Rise of Atlantis
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113848220}" = Agatha Christie Peril at End House
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113919217}" = Mythic Mahjong
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}" = Magic Match Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114086870}" = Womens Murder Club
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}" = Magic Farm
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{83D87171-666D-3D0C-8346-6D7AE6EACDF8}" = Catalyst Control Center Localization Hungarian
"{85EB55AA-7CB2-5BF1-14E3-07CA055D2020}" = CCC Help Italian
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8875D8E2-F967-AD9C-5738-7BBC8EF482D7}" = Catalyst Control Center Localization Thai
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{89E26372-ED92-510E-7911-161F8F55E677}" = CCC Help English
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{94EED5A2-2464-3468-1674-DE5948D933B4}" = Catalyst Control Center Localization Danish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95156C6A-B0D1-4AA7-0513-D733BEEBBC18}" = CCC Help Japanese
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A036E231-5A03-4d63-94F6-7864CC77EC48}" = PS_AIO_ProductContext
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A511966D-B370-4AD8-597A-9CF792F943C9}" = CCC Help Finnish
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam 2.0.8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1029-7B44-A90000000001}" = Adobe Reader 9 - Czech
"{AE9EF716-D8C6-3854-9221-546B03005611}" = ccc-core-static
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B00A7D65-6C5C-7A14-A22F-D52DD7798AB3}" = Catalyst Control Center Localization Japanese
"{B040FEFE-B45F-4e30-B3C6-035F53F544A9}" = c4200_Help
"{B0490CEE-D5ED-431A-88EB-772D9DB70C0C}" = Windows Live Movie Maker
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B1541910-5E93-0610-A8E5-FC9170D1A4F8}" = CCC Help Spanish
"{B1CE6512-B757-0283-6C06-5A58B295A0E7}" = CCC Help Turkish
"{B22C19AE-6A67-4f28-B541-5AE72FB17A25}" = HP Photosmart All-In-One Software 9.0
"{B24C006F-470C-91A5-1AFA-F16EEFE0CD7A}" = Catalyst Control Center Localization Italian
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B9F3A6E6-9C77-4535-9ED9-B16C1EBDFEC2}" = C4200
"{BC1280C0-7FA5-2434-5820-26352484E790}" = Catalyst Control Center Graphics Light
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}" = Asistent pro přihlášení ke službě Windows Live
"{C05EEF5D-DBA7-46E3-546F-4DEB8C26B261}" = CCC Help Korean
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{C7D35D4A-18A4-1853-2E43-6AC00FCDEE3A}" = Catalyst Control Center Localization Russian
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D704735D-9558-C09C-07BC-DD6259D3ED83}" = Catalyst Control Center Localization Dutch
"{D719E8F1-6931-40b4-AC0B-5FE2C097F995}" = C4200_doccd
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCA87C0C-DC10-C275-384E-B7C85A0145AC}" = CCC Help French
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DE12C2CE-11A1-789A-9BF6-8A7212FBA668}" = Catalyst Control Center Localization Greek
"{E08F6426-8A5F-115D-744F-E38B9426E3EE}" = Catalyst Control Center Localization Swedish
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E39A3770-3DDE-404c-B91F-3522947874A3}" = PS_AIO_Software_min
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E4C774A3-D902-4A42-D5A8-09B07D5568C1}" = Catalyst Control Center Graphics Full Existing
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F65931E9-22ED-98E3-D540-C78FBC36144F}" = Catalyst Control Center Localization Finnish
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA4FA322-5C90-4d2b-A019-9E588273DED5}" = PS_AIO_Software
"{FD2F10F2-BC65-0CAB-A26A-51AFFED6012A}" = Catalyst Control Center Localization German
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Empires" = Microsoft Age of Empires
"avast!" = avast! Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"Eurobattle.net2.0" = Eurobattle.net
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Google Desktop" = Google Desktop
"Google Chrome" = Google Chrome
"GridVista" = Acer GridVista
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"HPOCR" = HP OCR Software 9.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"LManager" = Launch Manager
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mount&Blade Warband" = Mount&Blade Warband
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PSPad editor_is1" = PSPad editor
"Serious Samurize" = Serious Samurize
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Turf Battles" = Turf Battles
"VLC media player" = VLC media player 0.9.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"Workshop 21" = Workshop 21

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 19.2.2010 2:14:16 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Roaming\skypePM\2010-02-19-0 begin_of_the_skype_highlighting 2010-02-19-0 end_of_the_skype_highlighting.ezlog failed, 00000005.

Error - 28.2.2010 5:55:22 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

Error - 1.3.2010 2:09:19 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SNXD2R6L\ukazka_sw12b_lq[1].dat
failed, 00000005.

Error - 2.3.2010 2:28:50 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Roaming\skypePM\2010-03-02-0.ezlog failed, 00000005.

Error - 9.3.2010 20:55:19 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50Q2D5TH\ukazka_la4b_v[1].dat
failed, 00000005.

Error - 10.3.2010 20:45:22 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CC4L6CVW\marketa[1].dat
failed, 00000005.

Error - 17.3.2010 18:53:54 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Roaming\skypePM\2010-03-17-2.ezlog failed, 00000005.

Error - 19.3.2010 2:13:27 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Roaming\skypePM\2010-03-19-0.ezlog failed, 00000005.

Error - 23.3.2010 2:15:05 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Users\Andrew\AppData\Roaming\skypePM\2010-03-23-0.ezlog failed, 00000005.

Error - 23.3.2010 17:21:54 | Computer Name = Andrew-PC | Source = avast! | ID = 33554522
Description = AAVM - chyba při testování: x_AavmCheckFileDirectEx: avfilesScanReal
of C:\Windows\System32\conime.exe failed, 00000005.

[ Application Events ]
Error - 19.3.2010 17:11:59 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x13c8, čas spuštění aplikace
0x01cac7a8cf194f40.

Error - 19.3.2010 17:12:02 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0xb04, čas spuštění aplikace
0x01cac7a8d143efa0.

Error - 19.3.2010 18:39:40 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x1584, čas spuštění aplikace
0x01cac7b50f9670f0.

Error - 19.3.2010 18:39:48 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0xe90, čas spuštění aplikace
0x01cac7b514011e10.

Error - 19.3.2010 18:40:01 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x1320, čas spuštění aplikace
0x01cac7b51c349ad0.

Error - 19.3.2010 18:40:06 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x4a8, čas spuštění aplikace
0x01cac7b51eca5910.

Error - 19.3.2010 18:40:08 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 11.0.6002.18111, časové razítko
0x4aa91411, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x824, čas spuštění aplikace
0x01cac7b51e535450.

Error - 19.3.2010 18:40:11 | Computer Name = Andrew-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace DllHost.exe, verze 6.0.6000.16386, časové razítko
0x4549b14e, chybující modul xvid.ax, verze 0.0.0.0, časové razítko 0x3e86de1e,
kód výjimky 0xc0000094, posun chyby 0x0003dd11, ID procesu 0x1598, čas spuštění aplikace
0x01cac7b521c5af20.

Error - 20.3.2010 4:10:01 | Computer Name = Andrew-PC | Source = WinMgmt | ID = 10
Description =

Error - 20.3.2010 4:47:39 | Computer Name = Andrew-PC | Source = Google Update | ID = 20
Description =

[ System Events ]
Error - 24.3.2010 12:53:54 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 25.3.2010 1:39:07 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 25.3.2010 11:48:25 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 25.3.2010 16:27:08 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 25.3.2010 17:23:36 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 26.3.2010 11:34:15 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 26.3.2010 17:36:51 | Computer Name = Andrew-PC | Source = Service Control Manager | ID = 7030
Description =

Error - 26.3.2010 19:37:04 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 27.3.2010 4:24:27 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

Error - 27.3.2010 5:41:54 | Computer Name = Andrew-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description =

< End of report >

Xantus · #7 Příspěvek od **Xantus** » 27 bře 2010 15:04

3b)

OTL log:

OTL logfile created on: 27.3.2010 11:38:17 - Run 1
OTL by OldTimer - Version 3.1.37.3 Folder = C:\Users\Andrew\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 56,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,04 Gb Total Space | 68,06 Gb Free Space | 47,58% Space Free | Partition Type: NTFS
Drive D: | 139,50 Gb Total Space | 139,41 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 230,29 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ANDREW-PC
Current User Name: Andrew
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.27 11:37:56 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew\Downloads\OTL.exe
PRC - [2010.03.23 19:00:36 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.02.10 17:38:29 | 000,133,368 | ---- | M] (ICQ, Inc.) -- C:\Program Files\ICQ7.0\ICQ.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.12.12 11:13:35 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009.11.25 00:51:40 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009.09.12 08:20:21 | 000,277,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.06.05 12:41:28 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Andrew\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009.06.05 12:39:00 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.04.23 14:51:38 | 000,691,656 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\daemon.exe
PRC - [2009.04.11 07:27:39 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
PRC - [2009.02.06 17:07:48 | 000,027,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2009.01.15 17:42:46 | 007,430,144 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2009.01.15 17:42:44 | 007,434,240 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008.11.28 10:08:46 | 000,417,792 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008.10.17 13:54:38 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008.10.08 20:49:20 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008.10.08 20:49:12 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008.10.04 03:09:02 | 000,069,632 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008.09.23 14:11:34 | 000,144,632 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008.09.18 12:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.09.11 22:46:38 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.07.29 17:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008.07.20 10:45:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.07.20 10:45:06 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.06.04 13:03:36 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008.04.23 10:22:38 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2007.10.23 09:56:18 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2006.12.15 09:15:36 | 000,417,792 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2006.12.14 12:43:30 | 000,331,776 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe
PRC - [2006.12.08 20:09:56 | 000,241,664 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2006.12.04 18:36:24 | 000,630,784 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2006.12.04 17:24:56 | 000,409,600 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gDeskMgm.exe
PRC - [2006.11.10 09:40:24 | 000,491,520 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gZoom.exe
PRC - [2006.11.10 09:06:18 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gTaskSwitch.exe
PRC - [2006.11.09 17:29:26 | 000,229,376 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gMGlass.exe
PRC - [2006.11.09 16:56:38 | 000,315,392 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gIMMgm.exe
PRC - [2006.11.09 16:12:42 | 000,487,424 | ---- | M] (TODO: <Company name>) -- C:\Genius\ioCentre\gAutoPan.exe

========== Modules (SafeList) ==========

MOD - [2010.03.27 11:37:56 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Andrew\Downloads\OTL.exe
MOD - [2009.04.11 07:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010.03.26 22:36:02 | 002,462,256 | ---- | M] () [Auto | Running] -- C:/Program Files/Common Files/Akamai/rswin_3648.dll -- (Akamai)
SRV - [2010.03.03 07:47:10 | 000,332,720 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.02.09 17:59:00 | 003,387,256 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.12.12 11:13:35 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009.11.25 00:51:35 | 000,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009.11.25 00:51:21 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009.11.25 00:48:48 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009.11.25 00:43:56 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.02.18 19:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.11.28 10:56:06 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.10.04 03:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008.09.23 14:11:34 | 000,144,632 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008.09.23 14:11:32 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.07.20 10:45:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.06 16:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)

========== Driver Services (SafeList) ==========

DRV - [2009.11.25 00:50:12 | 000,114,768 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2009.11.25 00:50:00 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.11.25 00:49:48 | 000,053,328 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2009.11.25 00:49:07 | 000,048,560 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2009.11.25 00:48:57 | 000,023,120 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2009.06.05 16:26:15 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.12.10 11:30:58 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.10.01 10:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008.09.18 11:49:28 | 002,169,944 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.07.30 06:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2008.07.29 17:53:12 | 000,060,464 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDVdisk.sys -- (psdvdisk)
DRV - [2008.07.29 17:53:10 | 000,018,992 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV - [2008.07.29 17:53:10 | 000,016,944 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSDNServ.sys -- (PSDNServ)
DRV - [2008.07.20 17:44:44 | 000,324,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.07.03 04:24:46 | 000,026,752 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerA310USB.sys -- (A310)
DRV - [2008.07.03 04:24:42 | 000,047,104 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerA310Cap.sys -- (BDASwCap)
DRV - [2008.05.19 17:23:00 | 000,047,104 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008.05.19 12:42:56 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.05.05 02:05:00 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Ovladač adaptéru Intel(R)
DRV - [2008.04.28 12:56:16 | 000,050,576 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tcusb.sys -- (TcUsb)
DRV - [2008.04.25 03:08:42 | 000,199,472 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008.03.26 10:59:12 | 000,061,440 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008.03.25 23:41:30 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2008.03.25 23:39:20 | 000,207,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2008.03.25 23:38:32 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008.02.14 02:17:10 | 000,080,424 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.01.30 10:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VSTAZL3.SYS -- (HSFHWAZL)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.10.18 23:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.07.16 01:20:26 | 000,016,168 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2007.07.16 01:20:24 | 000,080,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2007.03.28 07:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
DRV - [2006.11.02 14:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.07.14 06:33:58 | 000,009,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb.sys -- (gMouUsb)
DRV - [2006.07.14 06:30:52 | 000,014,848 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... ire_6930zg
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/skinit/icq/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 222.89.92.106:3128

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_result ... id=afex&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.03.23 19:00:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.03.23 19:00:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2009.06.05 14:12:16 | 000,000,000 | ---D | M] -- C:\Users\Andrew\AppData\Roaming\Mozilla\Extensions
[2010.03.27 08:15:27 | 000,000,000 | ---D | M] -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions
[2009.06.25 07:37:03 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.02.04 07:43:29 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010.03.13 17:35:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.27 08:15:22 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2009.06.05 17:04:03 | 000,000,000 | ---D | M] -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\extensions\DTToolbar@toolbarnet.com
[2009.06.05 17:03:58 | 000,002,399 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\daemon-search.xml
[2010.03.27 11:15:39 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-1.xml
[2009.07.23 09:23:42 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-2.xml
[2009.08.04 23:44:31 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-3.xml
[2009.09.11 06:05:32 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-4.xml
[2009.10.29 21:32:39 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-5.xml
[2010.01.07 16:28:33 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-6.xml
[2010.02.23 17:37:00 | 000,000,961 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-7.xml
[2010.03.12 12:31:53 | 000,000,950 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin-8.xml
[2010.02.03 14:38:36 | 000,000,947 | ---- | M] () -- C:\Users\Andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nwoe7qkh.default\searchplugins\icqplugin.xml
[2010.03.26 16:57:06 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.24 14:22:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.03.26 16:57:06 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2009.06.05 14:11:39 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\stahuj@centrum.cz
[2010.03.23 15:32:44 | 000,238,776 | ---- | M] (Pando Networks) -- C:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
[2010.03.12 12:31:32 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.03.12 12:31:32 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.03.12 12:31:32 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.03.12 12:31:32 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.03.12 12:31:32 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe (TODO: <Company name>)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Andrew\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My_AutoWarkey_Script.lnk = C:\Andrew\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe ()
O4 - Startup: C:\Users\Andrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in )
O15 - HKCU\..Trusted Ranges: GD ([http] in )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.27.192.33 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer03.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1997.09.17 05:18:00 | 000,000,488 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AOESETUP.EXE -- [1997.09.17 05:18:00 | 000,271,360 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\dxsetup\command - "" = F:\DIRECTX\DXSETUP.EXE -- [1997.07.14 17:00:00 | 000,088,576 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\ie30\command - "" = F:\GOODIES\IE30295.EXE -- [1997.08.15 12:24:14 | 011,101,184 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\ie30nt\command - "" = F:\GOODIES\IE302NT.EXE -- [1997.08.15 12:27:00 | 009,089,024 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\msinfo\command - "" = F:\GOODIES\MSINFO\MSINFO32.EXE -- [1996.08.08 10:40:06 | 000,452,096 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\Shell\setup\command - "" = F:\AOESETUP.EXE -- [1997.09.17 05:18:00 | 000,271,360 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{63f18b05-51e5-11de-8793-00238b8f6cab}\Shell - "" = AutoRun
O33 - MountPoints2\{63f18b05-51e5-11de-8793-00238b8f6cab}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.03.27 09:40:51 | 000,000,000 | ---D | C] -- C:\AMD
[2010.03.27 08:50:54 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010.03.27 08:36:47 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2010.03.26 23:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.03.26 23:14:29 | 000,000,000 | ---D | C] -- C:\CCleaner
[2010.03.26 22:34:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Akamai
[2010.03.26 16:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.03.25 20:21:47 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Documents\Mount&Blade Savegames
[2010.03.24 18:27:18 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Documents\Mount&Blade Warband Savegames
[2010.03.23 23:12:41 | 003,387,256 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010.03.23 23:10:26 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Desktop\GameGuard
[2010.03.23 20:16:16 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010.03.23 20:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010.03.23 18:23:31 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Desktop\Nová složka
[2010.03.23 15:49:46 | 000,364,912 | ---- | C] (WEBZEN) -- C:\Windows\System32\CMStarterCore.exe
[2010.03.23 15:49:46 | 000,053,616 | ---- | C] (WEBZEN) -- C:\Windows\System32\CMStarter_Kor.dll
[2010.03.23 15:49:46 | 000,053,616 | ---- | C] (WEBZEN) -- C:\Windows\System32\CMStarter_Eng.dll
[2010.03.23 15:49:46 | 000,000,000 | ---D | C] -- C:\Program Files\WEBZEN
[2010.03.23 15:32:50 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\PMB Files
[2010.03.23 15:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2010.03.23 15:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2010.03.22 21:02:26 | 000,000,000 | ---D | C] -- C:\Users\Andrew\Documents\TmForever
[2010.03.22 21:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TmForever
[2010.03.22 21:01:32 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.03.22 21:01:32 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.03.22 21:01:31 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.03.22 21:01:10 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.03.22 21:01:10 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.03.22 21:01:09 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.03.22 21:01:08 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.03.22 21:01:07 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.03.22 21:01:06 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.03.22 21:01:02 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.03.21 20:46:35 | 000,000,000 | ---D | C] -- C:\Program Files\Combined Community Codec Pack
[2010.03.20 09:13:40 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.03.14 11:52:40 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\TS3Client
[2010.03.14 11:50:41 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\TeamSpeak 3 Client
[2010.03.13 17:34:47 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\AOL
[2010.03.13 17:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.0
[2010.03.11 11:09:38 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.03.11 11:09:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.03.11 11:09:38 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.03.11 03:02:05 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2010.03.11 03:01:52 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2010.03.10 22:05:48 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\Mount&Blade Warband
[2010.03.10 21:50:05 | 000,000,000 | ---D | C] -- C:\Program Files\QS
[2010.03.10 21:49:57 | 000,000,000 | ---D | C] -- C:\Users\Andrew\temp
[2010.03.10 21:35:56 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\TeamViewer
[2010.03.10 21:22:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.03.10 21:22:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.03.10 19:11:00 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Local\Microsoft Help
[2010.03.09 21:17:08 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\teamspeak2
[2010.03.05 20:52:36 | 000,000,000 | ---D | C] -- C:\Program Files\KaM - The Peasants Rebellion
[2010.03.03 21:21:24 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\DivX
[2010.03.03 20:01:17 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.03.03 20:01:12 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.02.28 16:31:30 | 000,000,000 | ---D | C] -- C:\Users\Andrew\AppData\Roaming\Mount&Blade
[2009.01.23 10:08:50 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.03.27 11:41:07 | 003,145,728 | -HS- | M] () -- C:\Users\Andrew\NTUSER.DAT
[2010.03.27 10:42:26 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2010.03.27 10:42:24 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.27 10:42:04 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.27 10:41:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 10:41:59 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.03.27 10:41:59 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.03.27 10:41:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.03.27 10:41:47 | 3184,386,048 | -HS- | M] () -- C:\hiberfil.sys
[2010.03.27 10:40:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.03.27 10:40:21 | 000,524,288 | -HS- | M] () -- C:\Users\Andrew\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.03.27 10:40:21 | 000,065,536 | -HS- | M] () -- C:\Users\Andrew\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.03.27 10:39:31 | 004,272,375 | -H-- | M] () -- C:\Users\Andrew\AppData\Local\IconCache.db
[2010.03.27 10:30:49 | 000,001,475 | ---- | M] () -- C:\Users\Andrew\Desktop\Turf Battles.lnk
[2010.03.27 08:52:08 | 000,000,041 | ---- | M] () -- C:\Users\Andrew\jagex_runescape_preferences.dat
[2010.03.27 08:52:06 | 000,000,069 | ---- | M] () -- C:\Users\Andrew\jagex_runescape_preferences2.dat
[2010.03.27 08:52:05 | 000,000,000 | ---- | M] () -- C:\Users\Andrew\jagex__preferences3.dat
[2010.03.26 23:15:52 | 000,010,948 | ---- | M] () -- C:\Users\Andrew\Documents\cc_20100326_231544.reg
[2010.03.26 23:14:32 | 000,001,400 | ---- | M] () -- C:\Users\Andrew\Desktop\CCleaner.lnk
[2010.03.26 16:56:56 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.03.25 18:55:58 | 001,393,902 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.03.25 18:55:58 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.03.25 18:55:58 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.03.25 18:55:58 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.03.25 18:55:58 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.03.25 18:30:57 | 000,053,928 | ---- | M] () -- C:\Users\Andrew\Desktop\alg_servair.jpg
[2010.03.25 18:29:59 | 000,064,673 | ---- | M] () -- C:\Users\Andrew\Desktop\PICT0014.jpg
[2010.03.25 18:20:56 | 000,105,476 | ---- | M] () -- C:\Users\Andrew\Desktop\3284142025_4be884728e_o.jpg
[2010.03.25 18:20:52 | 000,185,458 | ---- | M] () -- C:\Users\Andrew\Desktop\n767mw_catering.jpg
[2010.03.24 20:56:21 | 000,059,904 | ---- | M] () -- C:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.24 20:14:43 | 000,035,411 | ---- | M] () -- C:\Users\Andrew\Desktop\asdfg.jpg
[2010.03.24 20:00:31 | 000,034,942 | ---- | M] () -- C:\Users\Andrew\Desktop\asdf.jpg
[2010.03.24 18:23:01 | 000,000,760 | ---- | M] () -- C:\Users\Andrew\Desktop\Mount&Blade Warband.lnk
[2010.03.23 19:26:16 | 000,048,958 | ---- | M] () -- C:\Users\Andrew\Desktop\love_bear.gif
[2010.03.23 19:26:08 | 000,042,043 | ---- | M] () -- C:\Users\Andrew\Desktop\card-bruin-bear-grizzly-love-me-to-you.jpg
[2010.03.23 18:00:41 | 000,000,598 | ---- | M] () -- C:\Users\Andrew\Desktop\Mount&Blade.lnk
[2010.03.23 14:10:50 | 000,899,294 | ---- | M] () -- C:\Users\Andrew\Desktop\DSC04580.JPG
[2010.03.21 15:35:53 | 000,049,298 | ---- | M] () -- C:\Users\Andrew\Desktop\12864_1165191045691_1105326236_30441776_7088156_n.jpg
[2010.03.20 16:05:05 | 002,657,406 | ---- | M] () -- C:\Users\Andrew\Documents\sg00.sav
[2010.03.18 19:26:36 | 000,032,249 | ---- | M] () -- C:\Users\Andrew\Desktop\Belgie.odt
[2010.03.15 12:15:47 | 000,198,404 | ---- | M] () -- C:\Users\Andrew\Desktop\Strong Man.jpg
[2010.03.15 11:38:34 | 000,046,695 | ---- | M] () -- C:\Users\Andrew\Desktop\11456_103830266303439_100000293987715_92818_7457544_n.jpg
[2010.03.15 09:50:34 | 000,369,378 | ---- | M] () -- C:\Users\Andrew\Desktop\Foto250.jpg
[2010.03.14 11:50:44 | 000,001,021 | ---- | M] () -- C:\Users\Andrew\Desktop\TeamSpeak 3 Client.lnk
[2010.03.14 11:47:21 | 000,043,859 | ---- | M] () -- C:\Users\Andrew\Desktop\Psíček.jpg
[2010.03.14 11:45:22 | 000,045,687 | ---- | M] () -- C:\Users\Andrew\Desktop\Raketky.jpg
[2010.03.14 11:43:24 | 000,060,878 | ---- | M] () -- C:\Users\Andrew\Desktop\Stanovani.jpg
[2010.03.14 11:41:44 | 000,060,755 | ---- | M] () -- C:\Users\Andrew\Desktop\Rasismus.jpg
[2010.03.14 11:40:23 | 000,032,952 | ---- | M] () -- C:\Users\Andrew\Desktop\Valentine's Heart.jpg
[2010.03.14 11:40:14 | 000,060,082 | ---- | M] () -- C:\Users\Andrew\Desktop\Super tričko.jpg
[2010.03.13 19:31:21 | 002,626,768 | ---- | M] () -- C:\Users\Andrew\Documents\last_savegame_backup.sav
[2010.03.13 17:36:13 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.lnk
[2010.03.13 16:18:36 | 000,000,020 | ---- | M] () -- C:\Users\Andrew\Documents\aionmemo_ 0179fab.dat
[2010.03.10 19:30:26 | 000,156,202 | ---- | M] () -- C:\Windows\hpoins15.dat
[2010.03.10 19:26:00 | 000,000,179 | ---- | M] () -- C:\Windows\win.ini
[2010.03.10 19:18:19 | 000,078,624 | ---- | M] () -- C:\Users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.10 19:17:43 | 000,322,136 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.03.08 14:23:26 | 000,000,634 | ---- | M] () -- C:\Users\Andrew\Documents\aionmemo_ 0 b5a40.dat
[2010.03.06 20:34:22 | 000,000,680 | ---- | M] () -- C:\Users\Andrew\AppData\Local\d3d9caps.dat
[2010.03.05 18:17:08 | 000,000,650 | ---- | M] () -- C:\Users\Andrew\Desktop\Age of Empires.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.27 10:30:49 | 000,001,475 | ---- | C] () -- C:\Users\Andrew\Desktop\Turf Battles.lnk
[2010.03.27 08:52:05 | 000,000,069 | ---- | C] () -- C:\Users\Andrew\jagex_runescape_preferences2.dat
[2010.03.27 08:52:05 | 000,000,000 | ---- | C] () -- C:\Users\Andrew\jagex__preferences3.dat
[2010.03.27 08:51:09 | 000,000,041 | ---- | C] () -- C:\Users\Andrew\jagex_runescape_preferences.dat
[2010.03.26 23:15:48 | 000,010,948 | ---- | C] () -- C:\Users\Andrew\Documents\cc_20100326_231544.reg
[2010.03.26 23:14:32 | 000,001,400 | ---- | C] () -- C:\Users\Andrew\Desktop\CCleaner.lnk
[2010.03.25 18:30:57 | 000,053,928 | ---- | C] () -- C:\Users\Andrew\Desktop\alg_servair.jpg
[2010.03.25 18:29:58 | 000,064,673 | ---- | C] () -- C:\Users\Andrew\Desktop\PICT0014.jpg
[2010.03.25 18:20:56 | 000,105,476 | ---- | C] () -- C:\Users\Andrew\Desktop\3284142025_4be884728e_o.jpg
[2010.03.25 18:20:51 | 000,185,458 | ---- | C] () -- C:\Users\Andrew\Desktop\n767mw_catering.jpg
[2010.03.24 20:14:43 | 000,035,411 | ---- | C] () -- C:\Users\Andrew\Desktop\asdfg.jpg
[2010.03.24 20:00:30 | 000,034,942 | ---- | C] () -- C:\Users\Andrew\Desktop\asdf.jpg
[2010.03.24 18:23:01 | 000,000,760 | ---- | C] () -- C:\Users\Andrew\Desktop\Mount&Blade Warband.lnk
[2010.03.23 20:16:15 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010.03.23 19:26:15 | 000,048,958 | ---- | C] () -- C:\Users\Andrew\Desktop\love_bear.gif
[2010.03.23 19:26:07 | 000,042,043 | ---- | C] () -- C:\Users\Andrew\Desktop\card-bruin-bear-grizzly-love-me-to-you.jpg
[2010.03.23 18:43:32 | 000,899,294 | ---- | C] () -- C:\Users\Andrew\Desktop\DSC04580.JPG
[2010.03.23 18:00:41 | 000,000,598 | ---- | C] () -- C:\Users\Andrew\Desktop\Mount&Blade.lnk
[2010.03.21 15:35:52 | 000,049,298 | ---- | C] () -- C:\Users\Andrew\Desktop\12864_1165191045691_1105326236_30441776_7088156_n.jpg
[2010.03.18 19:26:34 | 000,032,249 | ---- | C] () -- C:\Users\Andrew\Desktop\Belgie.odt
[2010.03.15 12:15:47 | 000,198,404 | ---- | C] () -- C:\Users\Andrew\Desktop\Strong Man.jpg
[2010.03.15 11:38:32 | 000,046,695 | ---- | C] () -- C:\Users\Andrew\Desktop\11456_103830266303439_100000293987715_92818_7457544_n.jpg
[2010.03.15 11:30:59 | 000,369,378 | ---- | C] () -- C:\Users\Andrew\Desktop\Foto250.jpg
[2010.03.14 11:50:44 | 000,001,021 | ---- | C] () -- C:\Users\Andrew\Desktop\TeamSpeak 3 Client.lnk
[2010.03.14 11:47:20 | 000,043,859 | ---- | C] () -- C:\Users\Andrew\Desktop\Psíček.jpg
[2010.03.14 11:45:22 | 000,045,687 | ---- | C] () -- C:\Users\Andrew\Desktop\Raketky.jpg
[2010.03.14 11:43:23 | 000,060,878 | ---- | C] () -- C:\Users\Andrew\Desktop\Stanovani.jpg
[2010.03.14 11:41:44 | 000,060,755 | ---- | C] () -- C:\Users\Andrew\Desktop\Rasismus.jpg
[2010.03.14 11:40:23 | 000,032,952 | ---- | C] () -- C:\Users\Andrew\Desktop\Valentine's Heart.jpg
[2010.03.14 11:40:12 | 000,060,082 | ---- | C] () -- C:\Users\Andrew\Desktop\Super tričko.jpg
[2010.03.13 17:36:13 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.lnk
[2010.03.13 16:12:54 | 000,000,020 | ---- | C] () -- C:\Users\Andrew\Documents\aionmemo_ 0179fab.dat
[2010.03.10 19:26:00 | 000,156,710 | ---- | C] () -- C:\Windows\hpoins15.dat.temp
[2010.03.10 19:26:00 | 000,001,039 | ---- | C] () -- C:\Windows\hpomdl15.dat.temp
[2010.03.10 10:59:20 | 002,657,406 | ---- | C] () -- C:\Users\Andrew\Documents\sg00.sav
[2010.03.10 10:59:20 | 002,626,768 | ---- | C] () -- C:\Users\Andrew\Documents\last_savegame_backup.sav
[2010.03.05 18:17:08 | 000,000,650 | ---- | C] () -- C:\Users\Andrew\Desktop\Age of Empires.lnk
[2009.12.22 00:23:08 | 000,126,464 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.11.30 17:13:58 | 000,001,746 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009.11.19 07:01:09 | 000,000,680 | ---- | C] () -- C:\Users\Andrew\AppData\Local\d3d9caps.dat
[2009.10.16 19:54:50 | 000,009,136 | R--- | C] () -- C:\Windows\System32\INETWH16.DLL
[2009.08.21 18:57:26 | 000,000,262 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2009.08.07 22:56:06 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.08 16:10:34 | 000,009,984 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb.sys
[2009.06.08 16:10:31 | 000,014,848 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2009.06.06 10:02:01 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.06.05 16:26:15 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2009.06.05 16:15:12 | 000,059,904 | ---- | C] () -- C:\Users\Andrew\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.05 13:23:43 | 000,006,105 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe2.log
[2009.06.05 12:44:35 | 000,626,688 | ---- | C] () -- C:\Windows\Image.dll
[2009.06.05 12:44:35 | 000,000,036 | ---- | C] () -- C:\Windows\PidList.ini
[2009.01.23 10:05:32 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.01.23 03:18:30 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2009.01.23 02:55:53 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2009.01.08 08:48:05 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2001.11.14 12:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1999.09.14 18:58:44 | 000,014,368 | R--- | C] () -- C:\Windows\System32\drivers\SECDRV.SYS
[1997.06.14 02:11:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996.04.03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:C99F6ECA
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45
< End of report >

Děkuji =o)

#8 Příspěvek od **Caroprd111** » 27 bře 2010 15:28

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.09.12 08:20:21 | 000,277,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.02.06 18:21:00 | 000,224,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Toolbar\wltuser.exe
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
@Alternate Data Stream - 98 bytes -> C:\ProgramData\Temp:05113FB9
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:C99F6ECA
@Alternate Data Stream - 107 bytes -> C:\ProgramData\Temp:F3176E45

:Files
C:\Program Files\ICQ6Toolbar
C:\Program Files\Google\Google Toolbar
C:\Program Files\Windows Live\Toolbar
C:\Program Files\DAEMON Tools Toolbar
C:\Windows\*.tmp

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"=-
"Adobe Reader Speed Launcher"=-
"StartCCC"=-
"Skytel"=-
"QuickTime Task"=-
"iTunesHelper"=-
"HP Software Update"=-
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Steam"=-
"swg"=-
"msnmsgr"=-
"ICQ"=-
"Skype"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63f18b05-51e5-11de-8793-00238b8f6cab}]

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT]

Poté klikněte na Run fix, PC se restartuje, log vložte sem.

Xantus · #9 Příspěvek od **Xantus** » 27 bře 2010 15:55

tento? =o)

All processes killed
========== OTL ==========
Process ICQ Service.exe killed successfully!
No active process named GoogleToolbarUser_32.exe was found!
No active process named wltuser.exe was found!
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
C:\Program Files\ICQ6Toolbar\ICQ Service.exe moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}\ deleted successfully.
C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}\ deleted successfully.
C:\Program Files\Windows Live\Toolbar\wltcore.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ deleted successfully.
File C:\Program Files\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
File C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
File C:\Program Files\Windows Live\Toolbar\wltcore.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
File C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
File C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll not found.
ADS C:\ProgramData\Temp:05113FB9 deleted successfully.
ADS C:\ProgramData\Temp:C99F6ECA deleted successfully.
ADS C:\ProgramData\Temp:F3176E45 deleted successfully.
========== FILES ==========
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Program Files\Google\Google Toolbar\Component folder moved successfully.
C:\Program Files\Google\Google Toolbar folder moved successfully.
C:\Program Files\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.translator.btn folder moved successfully.
C:\Program Files\Windows Live\Toolbar\Custom Buttons\microsoft.windowslive.news.btn folder moved successfully.
C:\Program Files\Windows Live\Toolbar\Custom Buttons folder moved successfully.
C:\Program Files\Windows Live\Toolbar\cs-cz folder moved successfully.
C:\Program Files\Windows Live\Toolbar\cs folder moved successfully.
C:\Program Files\Windows Live\Toolbar folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Windows\msdownld.tmp folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Google Desktop Search deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Skytel deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Steam deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0cbae769-51fe-11de-806f-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0cbae769-51fe-11de-806f-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{63f18b05-51e5-11de-8793-00238b8f6cab}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{63f18b05-51e5-11de-8793-00238b8f6cab}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Andrew
->Temp folder emptied: 53850629 bytes
->Temporary Internet Files folder emptied: 26929574 bytes
->Java cache emptied: 54775645 bytes
->FireFox cache emptied: 84319607 bytes
->Google Chrome cache emptied: 11912631 bytes
->Flash cache emptied: 5348 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 655109844 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 846,00 mb

[EMPTYFLASH]

User: All Users

User: Andrew
->Flash cache emptied: 0 bytes

User: Default

User: Default User

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.1.37.3 log created on 03272010_154758

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#10 Příspěvek od **Caroprd111** » 27 bře 2010 15:58

Ano. Jak to vypadá s PC

Xantus · #11 Příspěvek od **Xantus** » 27 bře 2010 16:00

Je zapnutý cca 5-6minut a ještě si neodpočinul...

#12 Příspěvek od **Caroprd111** » 27 bře 2010 17:32

Já jsem myslel chování.

Xantus · #13 Příspěvek od **Xantus** » 27 bře 2010 21:01

Chování? Zatím na 1... zapnul se

#14 Příspěvek od **Caroprd111** » 27 bře 2010 21:06

OK, otestujte to a napište.

Xantus · #15 Příspěvek od **Xantus** » 27 bře 2010 22:06

Ntb zatím funguje, ae jak pořád a pořád pracuje tak mi přijde pomalejší =p

VIRY.CZ

Kontrola logu; výrazné zpomalení ntb; infekce

Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce

Re: Kontrola logu; výrazné zpomalení ntb; infekce