Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Prosim o kontrolu logu

#1 Příspěvek od fannis »

Ahoj, chtel bych pozadat zda by bylo mozno zkontrolovat muj log. Zda se mi ze NTB se nejak pomalu spousti. Predem dekuji.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Vibrasphare at 2010-04-19 13:05:12
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 72 GB (47%) free of 153 GB
Total RAM: 3070 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:53, on 19.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\programy\Ati\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
D:\programy\Ati\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
D:\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
C:\Users\Vibrasphare\Desktop\RSIT.exe
C:\Program Files\trend micro\Vibrasphare.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\Překladač\WEBIE.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Překladač\WEBIE.DLL
O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "D:\programy\Ati\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\Překladač\WEBIE.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Překladač\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Překladač\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Překladač\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Překladač\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Překladač\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Překladač\WEBIE.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Icq\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Icq\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\APSHook.dll
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe

--
End of file - 9215 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Driver Robot.job
C:\Windows\tasks\User_Feed_Synchronization-{6B6034DF-EF87-44B2-AB64-49D0524C683B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - D:\Překladač\WEBIE.DLL [2009-03-27 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
ASUS Security Protect Manager - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll [2006-11-21 70928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - BS.Player ControlBar - C:\Program Files\BS.Player ControlBar\BSToolbar.dll [2008-08-13 757192]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - D:\Překladač\WEBIE.DLL [2009-03-27 360448]
{3041d03e-fd4b-44e0-b742-2d9b88305f98}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-04-16 178712]
"IaNvSrv"=C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [2008-05-03 33304]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-01 6025216]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-07 1029416]
"CognizanceTS"=C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll [2003-12-22 17920]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2008-02-01 61440]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"StartCCC"=D:\programy\Ati\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\VistaCodecPack\QT\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2008-01-25 1208320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
D:\A4Tech\Mouse\Amoumain.exe [2007-05-15 204800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2008-04-10 752168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\Windows\System32\APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce17f305-78bb-11dd-8080-0015affe2315}]
shell\AutoRun\command - F:\autorun.exe -auto


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-04-14 15:53:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 15:53:00 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 15:52:58 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 15:52:41 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 15:50:49 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 15:50:43 ----A---- C:\Windows\system32\cabview.dll
2010-04-05 13:09:30 ----D---- C:\ProgramData\BioWare
2010-04-05 12:21:51 ----D---- C:\Windows\system32\AGEIA
2010-04-05 12:21:51 ----D---- C:\Program Files\AGEIA Technologies
2010-04-05 12:21:27 ----D---- C:\ProgramData\Media Center Programs
2010-04-05 12:04:02 ----D---- C:\Program Files\Common Files\BioWare
2010-04-01 20:03:09 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-01 19:31:03 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-01 19:30:23 ----D---- C:\Program Files\Microsoft Visual Studio
2010-03-30 22:15:27 ----D---- C:\ProgramData\McAfee
2010-03-30 19:16:41 ----A---- C:\Windows\system32\mshtml.dll
2010-03-30 19:16:37 ----A---- C:\Windows\system32\ieframe.dll
2010-03-30 19:16:34 ----A---- C:\Windows\system32\iertutil.dll
2010-03-30 19:16:33 ----A---- C:\Windows\system32\urlmon.dll
2010-03-30 19:16:32 ----A---- C:\Windows\system32\wininet.dll
2010-03-30 19:16:32 ----A---- C:\Windows\system32\msfeeds.dll
2010-03-30 19:16:31 ----A---- C:\Windows\system32\occache.dll
2010-03-30 19:16:31 ----A---- C:\Windows\system32\mstime.dll
2010-03-30 19:16:31 ----A---- C:\Windows\system32\iedkcs32.dll
2010-03-30 19:16:29 ----A---- C:\Windows\system32\ieui.dll
2010-03-30 19:16:28 ----A---- C:\Windows\system32\iepeers.dll
2010-03-30 19:16:27 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-03-30 19:16:27 ----A---- C:\Windows\system32\ieUnatt.exe
2010-03-30 19:16:26 ----A---- C:\Windows\system32\jsproxy.dll
2010-03-30 19:16:26 ----A---- C:\Windows\system32\iesysprep.dll
2010-03-30 19:16:25 ----A---- C:\Windows\system32\msfeedssync.exe
2010-03-30 19:16:25 ----A---- C:\Windows\system32\iesetup.dll
2010-03-30 19:16:25 ----A---- C:\Windows\system32\ie4uinit.exe
2010-03-30 19:16:24 ----A---- C:\Windows\system32\iernonce.dll
2010-03-28 21:57:15 ----D---- C:\ProgramData\Solidshield
2010-03-28 21:54:59 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-03-28 21:54:58 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-03-28 21:54:58 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-03-28 21:54:58 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-03-28 21:54:58 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-03-28 21:54:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-03-28 21:54:56 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-03-28 21:54:55 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-03-28 21:54:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-03-28 21:54:55 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-03-28 21:54:55 ----A---- C:\Windows\system32\D3DCompiler_39.dll

======List of files/folders modified in the last 1 months======

2010-04-19 13:05:30 ----D---- C:\Windows\Prefetch
2010-04-19 13:05:28 ----D---- C:\Program Files\trend micro
2010-04-19 13:05:22 ----D---- C:\Windows\temp
2010-04-19 12:54:36 ----D---- C:\Windows\system32\catroot2
2010-04-18 23:10:40 ----D---- C:\Windows\inf
2010-04-18 23:00:16 ----SHD---- C:\Windows\Installer
2010-04-18 22:59:54 ----SHD---- C:\System Volume Information
2010-04-18 22:27:22 ----A---- C:\Windows\system32\acovcnt.exe
2010-04-18 00:07:45 ----D---- C:\Users\Vibrasphare\AppData\Roaming\Skype
2010-04-15 22:16:12 ----D---- C:\Users\Vibrasphare\AppData\Roaming\skypePM
2010-04-14 21:36:42 ----D---- C:\Windows\winsxs
2010-04-14 21:26:30 ----D---- C:\Windows\system32\catroot
2010-04-14 21:22:52 ----D---- C:\Windows\system32\drivers
2010-04-14 21:22:52 ----D---- C:\Windows\System32
2010-04-14 21:22:51 ----D---- C:\Program Files\Windows Mail
2010-04-14 21:22:47 ----D---- C:\Windows
2010-04-14 17:45:17 ----D---- C:\ProgramData\Microsoft Help
2010-04-14 17:42:25 ----D---- C:\Windows\Debug
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-06 12:12:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-05 13:09:30 ----HD---- C:\ProgramData
2010-04-05 12:21:51 ----RD---- C:\Program Files
2010-04-05 12:21:32 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-04-05 12:04:02 ----D---- C:\Program Files\Common Files
2010-04-05 11:57:43 ----D---- C:\Users\Vibrasphare\AppData\Roaming\Vso
2010-04-04 12:38:23 ----RSD---- C:\Windows\assembly
2010-04-03 10:25:13 ----A---- C:\Windows\win.ini
2010-04-01 20:07:15 ----D---- C:\Program Files\Common Files\microsoft shared
2010-04-01 20:07:14 ----D---- C:\Program Files\MSBuild
2010-04-01 20:06:27 ----SD---- C:\ProgramData\Microsoft
2010-04-01 20:02:55 ----D---- C:\Windows\ShellNew
2010-04-01 19:31:16 ----RSD---- C:\Windows\Fonts
2010-04-01 19:31:03 ----D---- C:\Program Files\Microsoft Works
2010-03-31 23:20:33 ----D---- C:\ProgramData\Apple Computer
2010-03-30 22:05:57 ----D---- C:\Windows\system32\migration
2010-03-30 22:05:57 ----D---- C:\Program Files\Internet Explorer
2010-03-30 21:29:12 ----AD---- C:\ProgramData\TEMP
2010-03-27 17:34:25 ----A---- C:\Windows\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-12-21 5632]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-09-30 271360]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 20936]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-09-30 18048]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-09 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-12-10 4235776]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2007-06-17 146824]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-03-17 81960]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-03-17 100392]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-03-17 17320]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 DCamUSBET;USB2.0 1.3M UVC WebCam; C:\Windows\system32\DRIVERS\etDevice.sys [2007-09-07 474624]
R3 FiltUSBET;ET USB Device Lower Filter; C:\Windows\system32\DRIVERS\etFilter.sys [2007-10-16 206336]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-01 2113624]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-25 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-15 7680]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2009-05-28 4233728]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 ScanUSBET;ET USB Still Image Capture Device; C:\Windows\system32\DRIVERS\etScan.sys [2007-09-07 6656]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2008-01-25 1090304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-07 196400]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 ax4jv03m;ax4jv03m; C:\Windows\system32\drivers\ax4jv03m.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\VIBRAS~1\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Pcouffin;Low level access layer for CD devices; C:\Windows\System32\Drivers\Pcouffin.sys [2008-11-24 47360]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-12-09 729088]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-04-10 518696]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 870672]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-04-16 354840]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-18 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-04-28 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-08-13 189104]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 473360]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TeamViewer;TeamViewer 3; C:\Program Files\TeamViewer3\TeamViewer_Host.exe [2008-06-20 181544]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-01-31 321320]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#2 Příspěvek od Caroprd111 »

Zdravím :)


Obrázek Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Obrázek Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
  • Spusťte program, poté klikněte na Prohledat
  • Po dokončení, sem vložte logy OTL.Txt a Extras.txt
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#3 Příspěvek od fannis »

OTL logfile created on: 19.4.2010 15:41:57 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Vibrasphare\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 70,58 Gb Free Space | 47,35% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 31,07 Gb Free Space | 22,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VIBRASPHARE-PC
Current User Name: Vibrasphare
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.19 15:40:59 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Vibrasphare\Desktop\OTL.exe
PRC - [2010.04.03 13:22:07 | 000,910,296 | ---- | M] (Mozilla Corporation) -- D:\Mozilla Firefox\firefox.exe
PRC - [2009.10.29 13:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.03.30 06:42:12 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
PRC - [2009.02.27 07:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2009.02.27 06:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe
PRC - [2008.09.02 11:48:12 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- D:\programy\Ati\ATI.ACE\Core-Static\MOM.exe
PRC - [2008.09.02 11:40:46 | 000,049,152 | ---- | M] (ATI Technologies Inc.) -- D:\programy\Ati\ATI.ACE\Core-Static\CCC.exe
PRC - [2008.07.09 18:14:06 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.20 13:14:44 | 000,181,544 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe
PRC - [2008.06.18 07:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.04 02:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.04.16 02:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.04.16 02:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.04.01 10:31:19 | 006,025,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.02.02 00:17:26 | 000,233,472 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2008.02.01 23:29:32 | 000,061,440 | ---- | M] () -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.01.24 00:34:42 | 007,766,016 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2008.01.23 19:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2008.01.12 07:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControlUser.exe
PRC - [2007.12.04 19:57:06 | 002,486,272 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.05 04:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 20:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 01:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.02.07 10:29:59 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
PRC - [2005.07.07 00:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (SafeList) ==========

MOD - [2010.04.19 15:40:59 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Vibrasphare\Desktop\OTL.exe
MOD - [2009.04.11 08:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.01.31 14:48:55 | 000,321,320 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009.10.29 13:27:54 | 001,074,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.09.25 03:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- D:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009.02.27 07:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2009.02.27 06:38:38 | 000,473,360 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2009.02.18 20:38:43 | 000,129,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.10.19 15:30:02 | 000,222,456 | ---- | M] () [Auto | Running] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008.06.20 13:14:44 | 000,181,544 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- (TeamViewer)
SRV - [2008.04.16 02:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.10.03 06:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 09:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 21:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.02.07 10:29:59 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006.06.22 03:13:59 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)


========== Driver Services (SafeList) ==========

DRV - [2009.09.23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.05.28 23:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2009.02.06 14:24:26 | 000,092,800 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamon.sys -- (eamon)
DRV - [2008.12.21 01:32:35 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008.12.10 02:18:12 | 004,235,776 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.09.30 17:52:20 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2008.09.30 17:52:11 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2008.09.02 08:52:13 | 000,716,272 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.05.07 11:40:01 | 000,317,976 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2008.05.02 22:59:39 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.04.24 07:09:40 | 000,226,328 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2008.04.01 12:07:01 | 002,113,624 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.03.17 02:42:21 | 000,081,960 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwaudio.sys -- (btwaudio)
DRV - [2008.03.17 02:42:19 | 000,100,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwavdt.sys -- (btwavdt)
DRV - [2008.03.17 02:42:15 | 000,017,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwrchid.sys -- (btwrchid)
DRV - [2008.01.29 04:46:57 | 000,029,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2008.01.25 01:39:23 | 001,090,304 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:26 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.12.07 03:12:47 | 000,196,400 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.10.16 00:39:25 | 000,206,336 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2007.09.07 08:45:21 | 000,006,656 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2007.09.07 01:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2007.08.09 05:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.08.03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 20:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 19:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 20:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.17 06:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2007.05.14 23:41:46 | 000,014,336 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Amusbprt.sys -- (Amusbprt)
DRV - [2007.05.14 23:38:22 | 000,009,216 | ---- | M] (A4Tech Co.,Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Amfilter.sys -- (Amfilter)
DRV - [2007.05.02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2007.01.25 03:08:39 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.12.15 00:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 09:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Web Search..."
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {e2c58150-9d72-11dd-ad8b-0800200c9a66}:1.3.1
FF - prefs.js..keyword.URL: "http://playbox.toolbarhome.com/search.aspx?srch=ku&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: D:\Mozilla Firefox\components [2010.04.03 13:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: D:\Mozilla Firefox\plugins [2010.04.03 13:22:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.07.31 23:03:35 | 000,000,000 | ---D | M]

[2008.11.18 11:08:44 | 000,000,000 | ---D | M] -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Extensions
[2010.04.19 12:28:59 | 000,000,000 | ---D | M] -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\extensions
[2008.11.18 13:39:53 | 000,000,000 | ---D | M] (Aquatint Redone) -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\extensions\{47e5a66c-0e35-11dc-8314-0800200c9a66}
[2009.11.06 12:08:30 | 000,000,000 | ---D | M] (IE Tab) -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2010.03.13 15:10:16 | 000,000,000 | ---D | M] (Black Steel) -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\extensions\{e2c58150-9d72-11dd-ad8b-0800200c9a66}
[2010.03.30 22:12:49 | 000,000,000 | ---D | M] -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\extensions\nasanightlaunch@example.com
[2009.05.05 11:06:31 | 000,000,681 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\ask.xml
[2010.04.17 23:17:36 | 000,000,950 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\icqplugin-1.xml
[2009.04.28 19:02:03 | 000,000,950 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\icqplugin-2.xml
[2009.04.21 19:47:12 | 000,000,950 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\icqplugin.xml
[2009.04.26 00:02:18 | 000,000,563 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\mm-forum.xml
[2010.01.02 18:11:02 | 000,001,586 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\Mozilla\Firefox\Profiles\8sdjual6.default\searchplugins\web-search.xml

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (WebTransBHO Class) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - D:\Překladač\WEBIE.DLL ()
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - D:\Překladač\WEBIE.DLL ()
O3 - HKCU\..\Toolbar\WebBrowser: (BS.Player ControlBar) - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe ()
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ATK Hotkey\HcontrolUser.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] D:\programy\Ati\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - D:\Překladač\WEBIE.DLL ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - D:\Překladač\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - D:\Překladač\WEBIE.DLL ()
O9 - Extra 'Tools' menuitem : Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - D:\Překladač\WEBIE.DLL ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Icq\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.111.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) - C:\Windows\System32\APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Vibrasphare\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Vibrasphare\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\Shell - "" = AutoRun
O33 - MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.19 15:40:29 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Vibrasphare\Desktop\OTL.exe
[2010.04.14 15:53:01 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.04.14 15:53:00 | 003,600,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.04.14 15:52:58 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.04.14 15:52:54 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm
[2010.04.14 15:52:54 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2010.04.05 13:09:30 | 000,000,000 | ---D | C] -- C:\ProgramData\BioWare
[2010.04.05 12:58:32 | 000,000,000 | ---D | C] -- C:\Users\Vibrasphare\Documents\BioWare
[2010.04.05 12:21:51 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies
[2010.04.05 12:21:51 | 000,000,000 | ---D | C] -- C:\Windows\System32\AGEIA
[2010.04.05 12:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010.04.05 12:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\BioWare
[2010.04.01 20:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8
[2010.04.01 19:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.04.01 19:30:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2010.03.30 22:15:27 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.03.30 19:16:32 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.03.30 19:16:31 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.03.30 19:16:31 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.03.30 19:16:29 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.03.30 19:16:29 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.03.30 19:16:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.03.30 19:16:27 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.03.30 19:16:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.03.30 19:16:26 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.03.30 19:16:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.03.30 19:16:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.03.30 19:16:25 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.03.30 19:16:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.03.30 19:16:24 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.03.30 19:16:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.03.28 21:57:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2010.03.28 21:54:59 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.03.28 21:54:58 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.03.28 21:54:58 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.03.28 21:54:58 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.03.28 21:54:58 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.03.28 21:54:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.03.28 21:54:56 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.03.28 21:54:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.03.28 21:54:56 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.03.28 21:54:56 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.03.28 21:54:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.03.28 21:54:56 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.03.28 21:54:56 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.03.28 21:54:56 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.03.28 21:54:56 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.03.28 21:54:56 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.03.28 21:54:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.03.28 21:54:55 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.03.28 21:54:55 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.03.28 21:54:55 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2008.11.24 16:35:09 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Vibrasphare\AppData\Roaming\pcouffin.sys
[2007.01.25 03:08:39 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.19 15:44:04 | 004,456,448 | -HS- | M] () -- C:\Users\Vibrasphare\NTUSER.DAT
[2010.04.19 15:40:59 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Vibrasphare\Desktop\OTL.exe
[2010.04.19 15:38:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.19 13:04:50 | 000,781,909 | ---- | M] () -- C:\Users\Vibrasphare\Desktop\RSIT.exe
[2010.04.19 12:53:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.19 12:53:07 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.19 12:53:02 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.19 12:52:56 | 3220,279,296 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.19 12:52:10 | 000,004,002 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.04.19 12:52:08 | 000,524,288 | -HS- | M] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.04.19 12:52:08 | 000,065,536 | -HS- | M] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.04.19 12:47:38 | 003,619,074 | -H-- | M] () -- C:\Users\Vibrasphare\AppData\Local\IconCache.db
[2010.04.19 00:03:19 | 000,000,430 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{6B6034DF-EF87-44B2-AB64-49D0524C683B}.job
[2010.04.18 22:27:22 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2010.04.06 12:12:50 | 000,590,082 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.04.06 12:12:49 | 001,402,426 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.04.06 12:12:49 | 000,602,086 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.04.06 12:12:49 | 000,116,182 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.04.06 12:12:49 | 000,102,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.04.05 21:43:34 | 000,000,744 | ---- | M] () -- C:\Users\Vibrasphare\Desktop\daorigins – zástupce.lnk
[2010.04.05 11:57:41 | 000,000,671 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\vso_ts_preview.xml
[2010.04.03 10:25:13 | 000,000,328 | ---- | M] () -- C:\Windows\win.ini
[2010.04.02 10:26:20 | 000,375,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.04.01 23:19:38 | 000,100,824 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.03.30 19:30:30 | 000,000,721 | ---- | M] () -- C:\Users\Vibrasphare\Desktop\Avatar – zástupce.lnk
[2010.03.28 03:13:59 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\Driver Robot.job
[2010.03.27 17:34:25 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010.03.24 00:24:33 | 000,000,480 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.03.21 23:03:35 | 000,000,059 | ---- | M] () -- C:\Users\Vibrasphare\AppData\Roaming\AVSDVDPlayer.m3u
[2 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.19 13:04:49 | 000,781,909 | ---- | C] () -- C:\Users\Vibrasphare\Desktop\RSIT.exe
[2010.04.18 22:57:09 | 3220,279,296 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.05 21:43:37 | 000,000,744 | ---- | C] () -- C:\Users\Vibrasphare\Desktop\daorigins – zástupce.lnk
[2010.03.30 19:30:33 | 000,000,721 | ---- | C] () -- C:\Users\Vibrasphare\Desktop\Avatar – zástupce.lnk
[2010.02.05 01:20:22 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.02.04 19:40:51 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2009.11.06 11:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2009.09.24 12:25:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.03.27 21:18:22 | 000,000,034 | ---- | C] () -- C:\Windows\WTRDCTM.INI
[2009.03.27 21:15:02 | 000,000,226 | ---- | C] () -- C:\Windows\MAILTRAN.INI
[2009.03.27 21:14:37 | 000,001,777 | ---- | C] () -- C:\Windows\WDICT32.INI
[2009.03.27 21:14:36 | 000,004,193 | ---- | C] () -- C:\Windows\WTRAN32.INI
[2009.03.15 16:26:08 | 000,000,059 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\AVSDVDPlayer.m3u
[2009.03.15 16:13:29 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.03.15 16:13:29 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.01.17 17:44:18 | 000,000,170 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Local\rahistory.xml
[2008.12.21 01:33:02 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2008.12.21 01:18:36 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2008.11.24 16:35:30 | 000,000,671 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\vso_ts_preview.xml
[2008.11.24 16:35:09 | 000,007,887 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\pcouffin.cat
[2008.11.24 16:35:09 | 000,001,144 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\pcouffin.inf
[2008.11.24 16:35:09 | 000,000,033 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\pcouffin.log
[2008.10.28 19:36:45 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.10.26 16:12:00 | 000,000,161 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\default.pls
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008.09.30 17:52:20 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2008.09.30 17:52:11 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2008.09.24 12:59:38 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2008.09.23 15:31:24 | 000,000,000 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.09.12 18:39:49 | 001,048,576 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.2.regtrans-ms
[2008.09.12 18:39:49 | 001,048,576 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.1.regtrans-ms
[2008.09.12 18:39:49 | 001,048,576 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.0.regtrans-ms
[2008.09.12 18:39:49 | 000,065,536 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539870-6a70-11db-887c-d362bd253390}.TxR.blf
[2008.09.12 12:38:47 | 000,000,680 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Local\d3d9caps.dat
[2008.09.02 16:52:54 | 000,139,584 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2008.09.02 16:52:54 | 000,022,328 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Roaming\PnkBstrK.sys
[2008.09.02 16:52:35 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2008.09.02 09:05:56 | 000,062,232 | R--- | C] () -- C:\Windows\System32\GameuxInstallHelper.dll
[2008.09.02 08:52:13 | 000,716,272 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.09.01 12:31:17 | 000,031,232 | ---- | C] () -- C:\Users\Vibrasphare\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.08.29 21:15:01 | 004,456,448 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT
[2008.08.29 21:15:01 | 000,524,288 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2008.08.29 21:15:01 | 000,524,288 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2008.08.29 21:15:01 | 000,262,144 | -H-- | C] () -- C:\Users\Vibrasphare\ntuser.dat.LOG2
[2008.08.29 21:15:01 | 000,262,144 | -H-- | C] () -- C:\Users\Vibrasphare\ntuser.dat.LOG1
[2008.08.29 21:15:01 | 000,065,536 | -HS- | C] () -- C:\Users\Vibrasphare\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2008.08.29 21:15:01 | 000,000,020 | -HS- | C] () -- C:\Users\Vibrasphare\ntuser.ini
[2008.08.19 06:19:33 | 000,172,032 | ---- | C] () -- C:\Windows\System32\nvccoin.dll
[2008.04.17 12:37:47 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.03.29 09:19:11 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.03.06 23:39:19 | 000,049,152 | ---- | C] () -- C:\Windows\revdevdll.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 18:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.04.03 16:29:59 | 000,110,592 | R--- | C] () -- C:\Windows\System32\scardsyn.dll
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[1998.05.06 21:09:59 | 000,069,632 | R--- | C] () -- C:\Windows\System32\ODMA32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:D282699C
< End of report >
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#4 Příspěvek od fannis »

OTL Extras logfile created on: 19.4.2010 15:41:57 - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Vibrasphare\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 54,00% Memory free
3,00 Gb Paging File | 2,00 Gb Available in Paging File | 52,00% Paging File free
Paging file location(s): [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 70,58 Gb Free Space | 47,35% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 31,07 Gb Free Space | 22,31% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VIBRASPHARE-PC
Current User Name: Vibrasphare
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04CF4658-EBE3-4774-92CD-FCC922AE062F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{14B97D12-7CBD-4F31-A3ED-D99E2B6E6F59}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{17F8099D-65D0-4750-9A49-53B16EC82A09}" = lport=445 | protocol=6 | dir=in | app=system |
"{1A2C5DAD-8847-4121-9294-195D7B6594A9}" = rport=138 | protocol=17 | dir=out | app=system |
"{1DC89AF8-A3C8-4BFB-9FA4-A2A1BE41BDF8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{24422FF0-7C12-4FE9-8279-C5C7466C12C7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{335C6EB2-AA05-4C2F-A14D-45DF8ACF3AEE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{36F68674-F098-42F1-8C98-46C5E4C9B262}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D5C3AA9-078C-42AD-BB54-59112863F4FB}" = lport=2869 | protocol=6 | dir=in | app=system |
"{51177EC0-5CA6-41D2-B02F-4FEA21724793}" = lport=137 | protocol=17 | dir=in | app=system |
"{51E233B7-77F6-4362-9111-816FE4A007E3}" = lport=138 | protocol=17 | dir=in | app=system |
"{599B4136-6D1C-47DF-B00E-763B98623548}" = rport=137 | protocol=17 | dir=out | app=system |
"{6A206188-98B4-42FF-AC46-5304D95681A9}" = rport=445 | protocol=6 | dir=out | app=system |
"{6D4177C1-520F-4B61-BF94-BCCB72E52D59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{70E1BE62-5CA3-4FAD-8D2E-50126992638E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7171792F-6C0E-4E75-B49B-07C5979FA5E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{86982A59-67F7-40D0-94F9-4C0FF5C985DC}" = lport=6112 | protocol=6 | dir=in | name=blizzard downloader |
"{90976DF2-8DF0-4DED-BA1C-40CE14B93A96}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9A38F973-2401-4EDC-BE4E-B9449F67E2EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B022B025-4796-4316-A27C-1D81F67A20FF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B3B16B33-9854-4C1D-B068-FBFB448AA61F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BBB14A7C-DD32-4FCF-A24D-C3BC444A25D5}" = rport=139 | protocol=6 | dir=out | app=system |
"{CBB2206E-BBA4-4978-8152-8D3A7A97E34B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D6FBBFBD-55CA-4BAD-96A2-C931F579B378}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DBD6580A-1062-4407-BED5-6F14C2AF9F82}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E36F6CDE-4CDE-42E2-892F-CBDF4EDB9967}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F22FF823-8448-41B2-AD01-8EC8E1D40681}" = rport=2869 | protocol=6 | dir=out | app=system |
"{F5E378C4-FE8A-4D0A-A708-BF506A8C9A4F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F5F72B4D-5FED-4DD6-8842-B69331F1CE89}" = lport=139 | protocol=6 | dir=in | app=system |
"{FCE888E6-E2CD-4460-8B77-60285FA300A3}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FD5B5550-72B9-4C74-B352-49E13C1A41F5}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03610764-7EBF-43AC-9134-D3F465C2C448}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{039B66CC-2CEB-4BE4-BB94-11CA48D98543}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{092E262A-8BD6-43B4-BB91-F2F97E23C180}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{0D3FEC42-1B2D-4A9D-9B56-0DF6DFDE2509}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{147ABB97-AFEF-41B2-B0D7-81FB7E937EA0}" = protocol=6 | dir=in | app=d:\world of warcraft - wrath of the lich king\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{1CAD46CF-69E9-4A79-A9E8-9701DA9CD49C}" = protocol=6 | dir=in | app=d:\games\dragon age\bin_ship\daorigins.exe |
"{20A28EC8-8264-496B-918A-C47D0E9A3829}" = protocol=6 | dir=in | app=d:\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{2831A591-5099-464E-96F6-DE630FB47659}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{2D8A0774-4209-428E-9036-DFB409B3B133}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{2E862E18-80EE-49C4-866B-BEACEE3BB060}" = protocol=17 | dir=in | app=d:\games\streetfighter iv\streetfighteriv.exe |
"{3A81E827-97E1-4336-B896-738D7CAD7138}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{4111F1D2-97F8-414A-AC34-DFF6FFF4F7F1}" = protocol=6 | dir=in | app=d:\programy\torrent\bittorrent\bittorrent.exe |
"{4AA6AB79-B73C-43DD-9E72-7C32A87CADCF}" = protocol=17 | dir=in | app=d:\games\dragon age\daoriginslauncher.exe |
"{4C657576-A407-4B75-A7A6-BEAF61557A91}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{55B0918E-BD39-41A2-92EA-DA6899D23A3E}" = protocol=17 | dir=in | app=d:\world of warcraft - wrath of the lich king\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{5D3B39D5-FDF0-4D10-BD92-F9B00CADD34A}" = protocol=17 | dir=in | app=d:\microsoft games\gears of war\binaries\wargame-g4wlive.exe |
"{61FE0AB1-9F9F-4727-83C4-30DB110FAB24}" = protocol=17 | dir=in | app=d:\programy\torrent\bittorrent\bittorrent.exe |
"{625E31C8-7F58-4BD2-A4C5-F529D0111642}" = protocol=6 | dir=out | app=system |
"{63C9B1DD-0155-4115-942B-9613C4CB3979}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"{64FFF3AC-A6B8-4B9C-9FD1-B2C88A0707CA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{69F25995-849D-4FB9-8997-8D5CD27A428A}" = protocol=17 | dir=in | app=d:\world of warcraft - wrath of the lich king\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{7176CEF7-2994-4C39-9407-33492850E104}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{72570B03-E363-492E-8C42-76F1E9B86A81}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{76A35491-B384-40B6-802A-523944873016}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{778AE6AA-1E47-4679-B990-08681002550A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{79C9BCC4-6551-4310-9DEC-2EC40AAE90C6}" = protocol=6 | dir=in | app=d:\games\dragon age\daoriginslauncher.exe |
"{7CB33E3D-21CA-4803-9458-8080F50C1938}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7DD75114-7C74-4479-9929-15866C968951}" = protocol=6 | dir=in | app=d:\world of warcraft - wrath of the lich king\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{8B3EBB90-581C-4E36-8441-94B23E728425}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8EF4ACC8-9B29-4D4F-B2AD-F85FA893A365}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{9EC44C75-48DE-4027-B63F-DC254B622519}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{A2BDD7F8-550A-41A5-B2F7-99DEB047BC7A}" = protocol=6 | dir=in | app=d:\warcraft iii eu\frozen throne.exe |
"{A4A431D3-CFB0-41CD-9F02-58C02D57114D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A5D93AF4-0332-4B6E-8F6D-94998351AC8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A93D389F-FE24-4F9A-AAC0-173889418BF5}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{ACDDFC17-6448-404C-BB59-4BF105404479}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"{B1BBDB9E-72CC-48AB-97D3-6ECF4332E813}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B3AC5278-4CFE-4491-8E5E-7C0207AC4753}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{B5691464-38D2-4B4D-890B-D94E9D8D042B}" = protocol=17 | dir=in | app=d:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{B79778B8-9779-43D4-8D01-C34EFCFF121D}" = protocol=6 | dir=in | app=d:\games\streetfighter iv\streetfighteriv.exe |
"{B81C152B-E88B-4F8B-B559-79A1908CE5C8}" = protocol=17 | dir=in | app=d:\warcraft iii eu\frozen throne.exe |
"{BDC95311-3051-4C31-B860-7E902B1718A5}" = protocol=17 | dir=in | app=d:\games\dragon age\bin_ship\daorigins.exe |
"{C798FEB7-C6DD-4311-852D-CE8D285128F7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CC9ECD13-A544-48A1-8421-D98D6132E8C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D2A114F7-FA81-47A6-AA19-C1E1DF55FD10}" = protocol=6 | dir=in | app=d:\games\dragon age\bin_ship\daupdatersvc.service.exe |
"{DC19684D-8C85-4BF1-A377-B9ED777026C2}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.0.1-to-3.0.2-engb-win-update-downloader.exe |
"{E47F626E-499E-4612-B643-89B68CF08C60}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E5C6E003-09BA-489A-86A1-CBFE890C4E76}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{F03FCCD6-E9A3-4560-B288-F255E7D5AA1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F264E080-8D8F-46C9-B0E9-57F4E220F89D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC49B1AE-2ECA-47B8-840D-5AFD700E1266}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FC8305B9-5A31-4FEC-8316-955714C7F630}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{054FF12A-1CA2-4B46-9DFE-43D088ECBCD7}D:\games\warhammer dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer dawn of war 2\dow2.exe |
"TCP Query User{0718D084-37C8-44FC-9ACD-BD22159149F2}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=6 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"TCP Query User{12F83057-8BB8-4C18-B084-4682BD5701C5}D:\nhl 07\nhl 07\nhl2007pal.exe" = protocol=6 | dir=in | app=d:\nhl 07\nhl 07\nhl2007pal.exe |
"TCP Query User{13EAD948-15C0-49E1-8AC7-046E5BD117D3}C:\users\vibrasphare\appdata\local\temp\7zo6980.tmp\strongdc.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\appdata\local\temp\7zo6980.tmp\strongdc.exe |
"TCP Query User{16EF004D-2D89-4481-8663-A39D705183EE}D:\warcraft iii eu\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii eu\war3.exe |
"TCP Query User{20818111-9A11-4173-A2EC-2BBC10EDE4A7}D:\programy\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\yaho's miranda im\miranda32.exe |
"TCP Query User{26E6032B-9460-4A87-8066-C1DD98CB1F8F}D:\miranda\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\miranda\miranda im\miranda32.exe |
"TCP Query User{26F36249-0E2D-455A-A14C-D2031228BDA3}D:\nhl 07\nhl 07\nhl2007.exe" = protocol=6 | dir=in | app=d:\nhl 07\nhl 07\nhl2007.exe |
"TCP Query User{3133DA44-CE3F-41DB-A33C-60F6DD3711EA}D:\world of warcraft - wrath of the lich king\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft - wrath of the lich king\launcher.exe |
"TCP Query User{33ACDA6E-2D12-4DB9-8C09-C62B3FD6ED45}D:\games\lotr - conquest\conquest.exe" = protocol=6 | dir=in | app=d:\games\lotr - conquest\conquest.exe |
"TCP Query User{34DDE985-4664-4099-8815-BD52CC95C5F2}D:\steam\steamapps\fannis\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\fannis\counter-strike\hl.exe |
"TCP Query User{34E333D1-CAA2-4B87-8799-711BC28FA0AF}D:\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=d:\mozilla firefox\firefox.exe |
"TCP Query User{3627E187-6086-48FC-8EFB-4ADD9A15B84A}D:\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\icq\icq6.5\icq.exe |
"TCP Query User{363FD6DC-8208-41CC-BE7F-F34BC36D9B93}D:\ventrilo\ventrilo_srv.exe" = protocol=6 | dir=in | app=d:\ventrilo\ventrilo_srv.exe |
"TCP Query User{4209BBAD-5D6C-453F-BBDB-E56207597AF2}D:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe |
"TCP Query User{47F0E51E-96E5-4560-90D1-80324C15CEE2}D:\zpravy v siti\lanchatbox.exe" = protocol=6 | dir=in | app=d:\zpravy v siti\lanchatbox.exe |
"TCP Query User{4B5B1CA8-B361-46C6-959D-E8DA6C75FDA2}D:\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=d:\electronic arts\red alert 3\data\ra3_1.0.game |
"TCP Query User{4C498C5B-AD6A-4FBB-8D9E-88869F886177}C:\users\vibrasphare\desktop\mtgoiii_helper.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\desktop\mtgoiii_helper.exe |
"TCP Query User{53FD7D82-D380-45D0-9293-6EF0B2BA5B65}D:\nhl 09\nhl 09\nhl2009.exe" = protocol=6 | dir=in | app=d:\nhl 09\nhl 09\nhl2009.exe |
"TCP Query User{5BB00045-11F3-4F95-834A-3587795AA483}D:\mobiledit!\webvideodownloader.exe" = protocol=6 | dir=in | app=d:\mobiledit!\webvideodownloader.exe |
"TCP Query User{6750F843-1232-4090-9EF0-39CEDAAE2406}D:\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\miranda im\miranda32.exe |
"TCP Query User{6966D4F0-E8FA-4E53-B22C-7460C37BB6A9}D:\games\unrealtournament\system\unrealtournament.exe" = protocol=6 | dir=in | app=d:\games\unrealtournament\system\unrealtournament.exe |
"TCP Query User{7272E9A6-B34E-4F0B-B7FB-2A8FAF4D714E}C:\users\vibrasphare\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\program files\dna\btdna.exe |
"TCP Query User{761EFF90-77B8-4F0B-AD31-0D6AE51E27DB}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{7952150F-0953-43BA-8F77-FFEC922BB686}D:\steam\steamapps\fannis\condition zero\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\fannis\condition zero\hl.exe |
"TCP Query User{7A85D056-A445-43A3-B349-3243D0CC07E6}D:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe |
"TCP Query User{7B69EE9C-17F5-484D-8482-A096CEDB664B}D:\steam\steamapps\fannis\counter-strike beta\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\fannis\counter-strike beta\hl.exe |
"TCP Query User{7F942CEA-6C9D-469B-9CDB-E8932F828FF4}D:\icq\icq6.5\icq.exe" = protocol=6 | dir=in | app=d:\icq\icq6.5\icq.exe |
"TCP Query User{884F90D7-DB20-4CAB-98D4-FD6804548580}D:\hlsw\hlsw\hlsw.exe" = protocol=6 | dir=in | app=d:\hlsw\hlsw\hlsw.exe |
"TCP Query User{8B7095B1-E1FB-4C38-9FA2-21D9CD986179}G:\patch\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe" = protocol=6 | dir=in | app=g:\patch\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"TCP Query User{8DA7E4E7-9583-4D68-970D-E184EAFE3376}D:\hamatchi\hamachi.exe" = protocol=6 | dir=in | app=d:\hamatchi\hamachi.exe |
"TCP Query User{8FBEBE41-4BE4-4ADF-B631-AB07EBD97E9E}D:\games\warhammer dawn of war 2\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer dawn of war 2\dow2.exe |
"TCP Query User{9153F339-B17D-4B9C-BC27-523A575E3DF9}D:\steam\steamapps\fannis\condition zero\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\fannis\condition zero\hl.exe |
"TCP Query User{96E3CF29-FF06-407A-966A-2503DE432EA0}D:\programy\yaho's miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\yaho's miranda im\miranda32.exe |
"TCP Query User{A118E29E-7643-4898-8AD6-C257BB3E79DC}D:\games\dow 2 - patch\dow2.exe" = protocol=6 | dir=in | app=d:\games\dow 2 - patch\dow2.exe |
"TCP Query User{A37BF05F-F75C-4A72-9533-33E68D798AF4}D:\tightvnc\winvnc.exe" = protocol=6 | dir=in | app=d:\tightvnc\winvnc.exe |
"TCP Query User{A6628C48-D56D-4C13-AA17-FB45CB22EB70}D:\programy\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"TCP Query User{BCE24B8C-4CA2-4D73-A0ED-7892E060B087}C:\program files\hamachi\hamachi.exe" = protocol=6 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"TCP Query User{BDE0DBFF-7C8D-48BF-9CD8-65D841DFCFD0}D:\zpravy v siti\lanchatbox.exe" = protocol=6 | dir=in | app=d:\zpravy v siti\lanchatbox.exe |
"TCP Query User{BDE7ED5C-3CF9-46C0-98B8-302B0E9C0B57}D:\hlsw\hlsw\hlsw.exe" = protocol=6 | dir=in | app=d:\hlsw\hlsw\hlsw.exe |
"TCP Query User{BF92D8EF-652B-4292-9CE3-0DC765133AFA}D:\icq\icq6\icq.exe" = protocol=6 | dir=in | app=d:\icq\icq6\icq.exe |
"TCP Query User{BFE5CF3B-5C99-48D2-8C2A-3EC618F68A0C}D:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe |
"TCP Query User{C631CD28-4873-40F3-A9DA-D55F793F997A}D:\warcraft iii eu\war3.exe" = protocol=6 | dir=in | app=d:\warcraft iii eu\war3.exe |
"TCP Query User{C81489E9-4437-4C9D-A435-B622AF13C5B6}D:\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=6 | dir=in | app=d:\electronic arts\red alert 3\data\ra3_1.0.game |
"TCP Query User{C9715B47-033F-468C-9716-DA3777D1E2FA}C:\users\vibrasphare\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\program files\dna\btdna.exe |
"TCP Query User{CA12DC4A-C38A-45BB-9FF5-667F3173BC02}D:\icq\icq6\icq.exe" = protocol=6 | dir=in | app=d:\icq\icq6\icq.exe |
"TCP Query User{CAE6C4C1-FD15-4900-A21E-FD36C8DBC464}C:\users\vibrasphare\desktop\keygen.winrar.password.cracker.4.12.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\desktop\keygen.winrar.password.cracker.4.12.exe |
"TCP Query User{CE304F0D-7294-4652-BBB3-C18ADF7201C2}C:\program files\common files\nero\nero web\setupx.exe" = protocol=6 | dir=in | app=c:\program files\common files\nero\nero web\setupx.exe |
"TCP Query User{DBB98FD9-E5D6-4C20-80E7-ACD72FEB12F0}D:\miranda im\miranda32.exe" = protocol=6 | dir=in | app=d:\miranda im\miranda32.exe |
"TCP Query User{EA4530A4-ED51-49DC-8CC6-74033426150E}D:\nhl 07\nhl2007.exe" = protocol=6 | dir=in | app=d:\nhl 07\nhl2007.exe |
"TCP Query User{EAD14F1B-BAD4-499F-875C-C19539C65FF7}D:\games\avatar-the game\bin\avatar.exe" = protocol=6 | dir=in | app=d:\games\avatar-the game\bin\avatar.exe |
"TCP Query User{EE39A61D-624B-4608-BD79-9AD6495C7C44}D:\steam\steamapps\fannis\counter-strike\hl.exe" = protocol=6 | dir=in | app=d:\steam\steamapps\fannis\counter-strike\hl.exe |
"TCP Query User{EEE9E52C-60F3-41F0-958C-B8E2F159F355}D:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe" = protocol=6 | dir=in | app=d:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe |
"TCP Query User{EF650D83-4F74-41EF-A1B2-D8677C3110FF}C:\users\vibrasphare\desktop\keygen.rar.password.cracker.4.12.exe" = protocol=6 | dir=in | app=c:\users\vibrasphare\desktop\keygen.rar.password.cracker.4.12.exe |
"TCP Query User{F3A80DF9-C6AE-444A-93FA-579652F7674B}D:\dc\strongdc.exe" = protocol=6 | dir=in | app=d:\dc\strongdc.exe |
"TCP Query User{FD1317BD-C648-4D9E-BBF4-9FFEA5A1133A}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0480E368-AA4C-414F-83AA-BDE5B73663AC}C:\users\vibrasphare\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\program files\dna\btdna.exe |
"UDP Query User{0750F7F8-2011-4ECF-8C71-84E3EC9A247A}D:\games\unrealtournament\system\unrealtournament.exe" = protocol=17 | dir=in | app=d:\games\unrealtournament\system\unrealtournament.exe |
"UDP Query User{08F5D74F-6770-4429-9E6D-CF7245065A77}D:\games\warhammer dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer dawn of war 2\dow2.exe |
"UDP Query User{0927F575-37D7-40DD-A897-964CF630CB66}D:\programy\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\miranda im\miranda32.exe |
"UDP Query User{0DBD694D-9145-47C6-8A65-04D832BDC9FF}D:\icq\icq6\icq.exe" = protocol=17 | dir=in | app=d:\icq\icq6\icq.exe |
"UDP Query User{0E744A8E-8F7F-427D-B151-EAD8371C0262}D:\games\dow 2 - patch\dow2.exe" = protocol=17 | dir=in | app=d:\games\dow 2 - patch\dow2.exe |
"UDP Query User{15D10DAE-E2DE-4549-B0DB-FE7A6CF54E66}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{18B62324-FCB6-4276-915D-583E5E49CF14}D:\hamatchi\hamachi.exe" = protocol=17 | dir=in | app=d:\hamatchi\hamachi.exe |
"UDP Query User{19AC6B48-1B2E-43AA-9770-F73E5A228405}D:\icq\icq6\icq.exe" = protocol=17 | dir=in | app=d:\icq\icq6\icq.exe |
"UDP Query User{2793F520-7BFB-4CEB-9856-526ADC9EA594}D:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe |
"UDP Query User{2F775D8D-FCBB-429F-A063-B2378B8154A5}C:\users\vibrasphare\desktop\mtgoiii_helper.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\desktop\mtgoiii_helper.exe |
"UDP Query User{3BD24422-4E0A-404D-8FB6-EA31C9E36A22}D:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft\world of warcraft - wrath of the lich king\launcher.exe |
"UDP Query User{40BD013D-9209-475D-995D-1284523216B1}D:\warcraft iii eu\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii eu\war3.exe |
"UDP Query User{41ABBAF4-58DA-469D-BB46-CF75F3061DD4}D:\ventrilo\ventrilo_srv.exe" = protocol=17 | dir=in | app=d:\ventrilo\ventrilo_srv.exe |
"UDP Query User{4389B531-9B98-49E4-8CFD-87B0F758FDAC}D:\world of warcraft - wrath of the lich king\launcher.exe" = protocol=17 | dir=in | app=d:\world of warcraft - wrath of the lich king\launcher.exe |
"UDP Query User{46B8D036-D545-479A-87DB-2E47C52DAE40}D:\steam\steamapps\fannis\condition zero\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\fannis\condition zero\hl.exe |
"UDP Query User{4922529F-00B9-4398-AEDD-C82FE1D547DC}D:\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=d:\electronic arts\red alert 3\data\ra3_1.0.game |
"UDP Query User{53706E59-9FE8-4350-8590-BE5F5B8C4F53}D:\steam\steamapps\fannis\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\fannis\counter-strike\hl.exe |
"UDP Query User{56161579-72B2-4A29-947F-CAC61A694847}D:\programy\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\yaho's miranda im\miranda32.exe |
"UDP Query User{59B97EC8-DDD9-4FF4-A9FE-2F4328683CE6}D:\warcraft iii eu\war3.exe" = protocol=17 | dir=in | app=d:\warcraft iii eu\war3.exe |
"UDP Query User{5A426D7C-6EAF-4942-ABE4-B29A081F0D71}D:\steam\steamapps\fannis\counter-strike\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\fannis\counter-strike\hl.exe |
"UDP Query User{5BDFCF43-864F-4745-A7F0-FC70545CDCA1}D:\steam\steamapps\fannis\condition zero\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\fannis\condition zero\hl.exe |
"UDP Query User{6623EB0A-33B5-485C-805F-FEEE7407335B}D:\nhl 09\nhl 09\nhl2009.exe" = protocol=17 | dir=in | app=d:\nhl 09\nhl 09\nhl2009.exe |
"UDP Query User{6C555AC4-94E5-4535-B530-83C1C36BF09D}D:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe |
"UDP Query User{7000916B-640B-4A85-B653-7626902A438A}D:\games\avatar-the game\bin\avatar.exe" = protocol=17 | dir=in | app=d:\games\avatar-the game\bin\avatar.exe |
"UDP Query User{783A6AC3-8478-4848-BA91-E0F0A2768CC6}D:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer\w40k.dow2\warhammer dawn of war 2\warhammer dawn of war 2\dow2.exe |
"UDP Query User{7D56F973-E75D-4B7B-8E45-C3B27F8795E5}C:\users\vibrasphare\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\program files\dna\btdna.exe |
"UDP Query User{7EA740E9-2880-401E-A815-70FB44A690C0}D:\steam\steamapps\fannis\counter-strike beta\hl.exe" = protocol=17 | dir=in | app=d:\steam\steamapps\fannis\counter-strike beta\hl.exe |
"UDP Query User{87BEBB3B-CC46-459D-B6A1-AF949EA591E1}D:\hlsw\hlsw\hlsw.exe" = protocol=17 | dir=in | app=d:\hlsw\hlsw\hlsw.exe |
"UDP Query User{8A8F98CF-E3F1-4D79-902D-1DAA51C107F0}C:\users\vibrasphare\appdata\local\temp\7zo6980.tmp\strongdc.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\appdata\local\temp\7zo6980.tmp\strongdc.exe |
"UDP Query User{8DE2C77C-B005-4117-B305-9B0F857667B1}D:\nhl 07\nhl2007.exe" = protocol=17 | dir=in | app=d:\nhl 07\nhl2007.exe |
"UDP Query User{9B53BDDE-4FFB-4595-B2AE-676159806EF5}D:\games\warhammer dawn of war 2\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer dawn of war 2\dow2.exe |
"UDP Query User{AEE0DE57-0656-4B24-B87E-37458543E158}D:\miranda\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\miranda\miranda im\miranda32.exe |
"UDP Query User{AF5B47E1-74C1-46AF-BECD-45605B91CE80}D:\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\miranda im\miranda32.exe |
"UDP Query User{B0CD2167-C82C-4C67-8641-3F6A7046C481}D:\zpravy v siti\lanchatbox.exe" = protocol=17 | dir=in | app=d:\zpravy v siti\lanchatbox.exe |
"UDP Query User{BD5B032C-B52F-409E-8AAF-1D60880DE761}D:\electronic arts\red alert 3\data\ra3_1.0.game" = protocol=17 | dir=in | app=d:\electronic arts\red alert 3\data\ra3_1.0.game |
"UDP Query User{C2254DC0-FADE-44DC-8B25-74FBBEF77175}G:\patch\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe" = protocol=17 | dir=in | app=g:\patch\wow-3.0.9.9551-to-3.1.0.9767-engb-downloader.exe |
"UDP Query User{C7880C5F-FF59-442D-ACD4-B05F6F4E6037}D:\programy\yaho's miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\programy\yaho's miranda im\miranda32.exe |
"UDP Query User{CAA0AF7C-72EF-4744-ADCE-78BC607EEAFF}D:\hlsw\hlsw\hlsw.exe" = protocol=17 | dir=in | app=d:\hlsw\hlsw\hlsw.exe |
"UDP Query User{CB6241F0-B8FF-4E1C-AD65-599FAA0DD81A}C:\program files\nero\nero8\nero home\nerohome.exe" = protocol=17 | dir=in | app=c:\program files\nero\nero8\nero home\nerohome.exe |
"UDP Query User{D0642223-BDE5-4563-A3B8-44FB104FB246}D:\games\lotr - conquest\conquest.exe" = protocol=17 | dir=in | app=d:\games\lotr - conquest\conquest.exe |
"UDP Query User{D170DE34-A34D-418B-8D9F-DE4EABA745DA}D:\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\icq\icq6.5\icq.exe |
"UDP Query User{D4A033BF-D0DD-4FA0-B60D-F6D63BACBB95}C:\program files\common files\nero\nero web\setupx.exe" = protocol=17 | dir=in | app=c:\program files\common files\nero\nero web\setupx.exe |
"UDP Query User{D722BAAE-7EA6-4ABB-9046-FAE0EF72682F}D:\nhl 07\nhl 07\nhl2007.exe" = protocol=17 | dir=in | app=d:\nhl 07\nhl 07\nhl2007.exe |
"UDP Query User{D73DA5A6-9DEA-4AFE-BF49-DC399BF7BE1D}D:\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=d:\mozilla firefox\firefox.exe |
"UDP Query User{DAF370E4-1D47-402E-877C-6B8CA464068D}D:\nhl 07\nhl 07\nhl2007pal.exe" = protocol=17 | dir=in | app=d:\nhl 07\nhl 07\nhl2007pal.exe |
"UDP Query User{E1CD0DB1-03DA-4616-BEE4-2C0257950C93}D:\mobiledit!\webvideodownloader.exe" = protocol=17 | dir=in | app=d:\mobiledit!\webvideodownloader.exe |
"UDP Query User{EAAA102E-16D2-47EE-9920-C299FEF24D8C}C:\users\vibrasphare\desktop\keygen.winrar.password.cracker.4.12.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\desktop\keygen.winrar.password.cracker.4.12.exe |
"UDP Query User{EC98E69E-8194-4A40-9471-15919E06E399}D:\miranda im\miranda32.exe" = protocol=17 | dir=in | app=d:\miranda im\miranda32.exe |
"UDP Query User{F1B2AED0-0B14-44A5-813E-C6EB08D99A58}C:\users\vibrasphare\desktop\keygen.rar.password.cracker.4.12.exe" = protocol=17 | dir=in | app=c:\users\vibrasphare\desktop\keygen.rar.password.cracker.4.12.exe |
"UDP Query User{F3F5F198-05D1-4221-AFA4-8689B7E75FA4}D:\tightvnc\winvnc.exe" = protocol=17 | dir=in | app=d:\tightvnc\winvnc.exe |
"UDP Query User{F8641AB3-2C23-43DB-B21F-BAB0A45C833F}C:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{F946BB8E-4DC7-4EAD-A9BB-BD6C7192EDEC}D:\icq\icq6.5\icq.exe" = protocol=17 | dir=in | app=d:\icq\icq6.5\icq.exe |
"UDP Query User{F97A7001-475D-43CA-B837-398F714D698A}D:\zpravy v siti\lanchatbox.exe" = protocol=17 | dir=in | app=d:\zpravy v siti\lanchatbox.exe |
"UDP Query User{F9B61F3A-6169-4A0E-8C0F-B02D8621B35A}C:\program files\hamachi\hamachi.exe" = protocol=17 | dir=in | app=c:\program files\hamachi\hamachi.exe |
"UDP Query User{FDB61828-9EBE-4361-B855-B23446603E27}D:\dc\strongdc.exe" = protocol=17 | dir=in | app=d:\dc\strongdc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{067EC517-9731-43FD-B4D5-296EE0027BBB}" = LogMeIn Hamachi
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{344F40AF-294A-6C59-71C4-0021F7F7629F}" = CCC Help English
"{484B197B-6F01-6A10-7058-9408053BFCEE}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}" = STREET FIGHTER IV
"{628C3D50-F524-4C49-A958-672CE7953756}" = The Lord of the Rings - Conquest™
"{6604FCA3-FE4F-21EA-F53D-94F979A9E913}" = ccc-utility
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6E1C7463-4FBE-E8A2-4E4E-059A7CCA1986}" = ATI Catalyst Install Manager
"{7299052B-02A4-4627-81F2-1818DA5D550D}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7C52B545-9D3B-853A-A5FF-3E9154C3CDDF}" = Catalyst Control Center InstallProxy
"{8836AE5B-2CC4-F1C2-EF70-6F399169E254}" = ccc-core-static
"{8B06CE55-653A-6ACF-41CB-776E9CE37466}" = Catalyst Control Center Graphics Light
"{8F8E1C9D-C36D-7676-3179-D7CF8331A26F}" = Catalyst Control Center Localization All
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1C962E2-2426-49C6-A38B-9A07E40D607C}" = Microsoft Games for Windows - LIVE
"{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}" = Catalyst Control Center - Branding
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1.2 - Czech
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B3131F98-FC4B-4931-9D01-723C61F1AFBD}_is1" = Yaho's Miranda Pack - Dark 4.6
"{BBC8862B-BFC8-475D-9BB8-93289703BD33}" = ESET NOD32 Antivirus
"{C1F6CCE4-B6C4-5728-F8C6-C6FD78B3C6F7}" = CCC Help Czech
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D504469D-0A63-50D2-2822-C595959970AF}" = Catalyst Control Center Core Implementation
"{D802FB47-F720-4AC0-F0D5-8CF9DC29412C}" = Catalyst Control Center Graphics Previews Common
"{D889A496-B80F-3C65-F4AF-74473C1B30D8}" = Skins
"{EFC2CAB5-669E-BE1E-A794-C5B87224D681}" = Catalyst Control Center Graphics Full Existing
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F169602A-667A-CEE1-2F15-050134486FE9}" = Catalyst Control Center Graphics Previews Vista
"Absolute Uninstaller_is1" = Absolute Uninstaller 2.7.0.616
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"BitTorrent" = BitTorrent
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps
"HijackThis" = HijackThis 2.0.2
"LogMeIn Hamachi" = LogMeIn Hamachi
"NR csy_is1" = Nowy Rozkrój ver. 6.2.3 demo
"R4" = R4
"SystemRequirementsLab" = System Requirements Lab
"Transformers Revenge of the Fallen - The Game_is1" = Transformers Revenge of the Fallen - The Game
"UnrealTournament" = Unreal Tournament
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5f48e2ab41c5d005" = RapidShare Manager
"Mozilla Firefox (3.6.2)" = Mozilla Firefox (3.6.2)
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 26.9.2009 6:24:44 | Computer Name = Vibrasphare-PC | Source = EventSystem | ID = 4621
Description =

Error - 26.9.2009 10:47:44 | Computer Name = Vibrasphare-PC | Source = EventSystem | ID = 4621
Description =

Error - 28.9.2009 17:20:22 | Computer Name = Vibrasphare-PC | Source = Application Error | ID = 1000
Description = Chybující aplikace winamp.exe, verze 5.5.4.2165, časové razítko 0x4896392e,
chybující modul ntdll.dll, verze 6.0.6002.18005, časové razítko 0x49e03821, kód
výjimky 0xc0000005, posun chyby 0x0003e13d, ID procesu 0x66c, čas spuštění aplikace
0x01ca408173676c7b.

Error - 28.9.2009 17:55:45 | Computer Name = Vibrasphare-PC | Source = EventSystem | ID = 4621
Description =

Error - 1.10.2009 7:07:36 | Computer Name = Vibrasphare-PC | Source = EventSystem | ID = 4621
Description =

Error - 11.10.2009 11:52:44 | Computer Name = Vibrasphare-PC | Source = EventSystem | ID = 4621
Description =

Error - 13.10.2009 11:42:32 | Computer Name = Vibrasphare-PC | Source = VSS | ID = 8194
Description =

Error - 13.10.2009 11:43:09 | Computer Name = Vibrasphare-PC | Source = System Restore | ID = 8193
Description =

Error - 13.10.2009 11:48:23 | Computer Name = Vibrasphare-PC | Source = VSS | ID = 8194
Description =

Error - 13.10.2009 11:49:00 | Computer Name = Vibrasphare-PC | Source = System Restore | ID = 8193
Description =

[ ASUS Security Protect Manager Events ]
Error - 11.6.2009 6:06:28 | Computer Name = Vibrasphare-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Vibrasphare@VIBRASPHARE-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 12.6.2009 6:28:00 | Computer Name = Vibrasphare-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Vibrasphare@VIBRASPHARE-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 14.6.2009 7:41:43 | Computer Name = Vibrasphare-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Vibrasphare@VIBRASPHARE-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

Error - 18.6.2009 4:46:41 | Computer Name = Vibrasphare-PC | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: Vibrasphare@VIBRASPHARE-PC
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.

[ System Events ]
Error - 9.9.2008 17:11:47 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 9.9.2008 17:21:20 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 9.9.2008 17:36:39 | Computer Name = Vibrasphare-PC | Source = netbt | ID = 4321
Description = Název DOMA :1d nelze zaregistrovat v rozhraní s adresou
IP 192.168.1.102. Počítač s adresou IP 192.168.1.101 nepovolil získání názvu tímto
počítačem.

Error - 10.9.2008 6:10:48 | Computer Name = Vibrasphare-PC | Source = HTTP | ID = 15016
Description =

Error - 10.9.2008 6:11:06 | Computer Name = Vibrasphare-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =

Error - 10.9.2008 9:05:58 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 10.9.2008 9:11:20 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 10.9.2008 16:01:10 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 10.9.2008 16:16:28 | Computer Name = Vibrasphare-PC | Source = ipnathlp | ID = 31004
Description = Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To
může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti
zjistil vnitřní chybu.

Error - 11.9.2008 9:53:02 | Computer Name = Vibrasphare-PC | Source = HTTP | ID = 15016
Description =


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#5 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O2 - BHO: (no name) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - No CLSID value found.
O13 - gopher Prefix: missing
O33 - MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\Shell - "" = AutoRun
O33 - MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
[2 C:\*.tmp files -> C:\*.tmp -> ]
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:D282699C

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Obrázek Tohle otestujte na http://www.virustotal.com/cs/
C:\Windows\revdevdll.dll
C:\Windows\System32\lcppn21.dll
C:\Windows\System32\ODMA32.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)


Obrázek Doporučuji odinstalovat BitTorrent

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#6 Příspěvek od fannis »

C:\Windows\revdevdll.dll
http://www.virustotal.com/cs/analisis/d ... 1271703841

C:\Windows\System32\lcppn21.dll
http://www.virustotal.com/cs/analisis/6 ... 1271704532

C:\Windows\System32\ODMA32.dll
http://www.virustotal.com/cs/analisis/a ... 1271703634
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#7 Příspěvek od Caroprd111 »

OK, ještě další kroky. :)
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#8 Příspěvek od fannis »

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{201f27d4-3704-41d6-89c1-aa35e39143ed}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3041d03e-fd4b-44e0-b742-2d9b88305f98} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3041d03e-fd4b-44e0-b742-2d9b88305f98}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce17f305-78bb-11dd-8080-0015affe2315}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce17f305-78bb-11dd-8080-0015affe2315}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ce17f305-78bb-11dd-8080-0015affe2315}\ not found.
File F:\autorun.exe not found.
C:\__000001.TMP deleted successfully.
C:\__000002.TMP deleted successfully.
ADS C:\ProgramData\TEMP:05EE1EEF deleted successfully.
ADS C:\ProgramData\TEMP:D282699C deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Vibrasphare
->Temp folder emptied: 9387753 bytes
->Temporary Internet Files folder emptied: 2063908 bytes
->Java cache emptied: 10627980 bytes
->FireFox cache emptied: 86163472 bytes
->Flash cache emptied: 1932663 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 51348512 bytes
RecycleBin emptied: 2300258 bytes

Total Files Cleaned = 156,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Vibrasphare
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb




OTL by OldTimer - Version 3.2.1.3 log created on 04192010_211835

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#9 Příspěvek od Caroprd111 »

Jak to vypadá s PC :???:
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#10 Příspěvek od fannis »

jeste jednou zkusim restartovat ale zda se byt lepsi. btw nejdou mi odinstalovat ty toolbary. v programech to nikde nevidim.
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#11 Příspěvek od Caroprd111 »

Obrázek Zkuste použít Revo Uninstaller http://www.stahuj.centrum.cz/utility_a_ ... installer/
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#12 Příspěvek od fannis »

PC startuje krasne jen. mam porad problem s pouzitelnosti po nastartovani. Zda se mi ze drive to bylo rychlejsi. Pritom se snazim mit co nejmene programu spoustenych pri startu.
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#13 Příspěvek od Caroprd111 »

Obrázek Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe
  • Spusťte.
  • Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Obrázek Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
  • Spusťte.
  • Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)


Obrázek Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
  • Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

    Obrázek Záložka Čistič
  • Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

    Obrázek Záložka Registry
  • Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
    Obrázek OK Obrázek Zavřít


Obrázek Defragmentujte disk.


Obrázek Proveďte kontrolu disku.


Obrázek Napište stav PC.
Obrázek
Nahoru
fannis
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 24 čer 2009 18:50

Re: Prosim o kontrolu logu

#14 Příspěvek od fannis »

tak to vypaka ze je to lepsi dekuju za ochotu a rady.
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: Prosim o kontrolu logu

#15 Příspěvek od Caroprd111 »

Poprosím o nový log z RSIT.
Obrázek
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“