VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

keylogger - je už opravdu pryč?

https://forum.viry.cz:443/viewtopic.php?t=97211

Stránka 1 z 1

keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 14:28
od Ennui
Objevil se mi v počítači keylogger, díky kterému mi byl ukraden účet v jedné online hře. Prošla jsem PC různými antiviry a antispyware programy a vyčistila (mj. byl nalezen a zničen AdAwarem Win32.TrojanPWS.Steam), ale keylogger i poté zůstal, opět prolomil účet. Při další várce kontrol Malwarebytes Anti-malware našel a zničil Malware.Packer.Gen. Prosila bych o kontrolu výpisu z RISTu, jestli je keylogger už pryč, nebo mi tu stále řádí. Předem děkuju.


Logfile of random's system information tool 1.06 (written by random/random)
Run by - at 2010-02-04 14:12:37
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 57 GB (12%) free of 477 GB
Total RAM: 4094 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:59, on 4.2.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Programy\DAEMON Tools Lite\daemon.exe
C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
C:\Programy\Winamp\winampa.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
C:\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\-.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programy\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programy\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; Embedded Web Browser from: http://bsalsa.com/; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.2; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://www.brodiegames.com/beggar/"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Philips Device Manager.lnk = C:\Program Files (x86)\Philips\SA28XX Device Manager\main.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programy\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - http://www.freerealms.com/gamedata/Free ... taller.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .8.110.cab
O16 - DPF: {7A70CD54-3FCB-4D64-BE2F-0C71914EE05A} - http://static.beta.eartheternal.com/Rel ... nstall.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Programy\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10955 bytes

======Scheduled tasks folder======

C:\Windows\tasks\NeroLiveEpgUpdate-PC_-.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Programy\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2010-02-03 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.DLL [2010-02-03 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-11-18 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\coIEPlg.dll [2010-02-03 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"WinampAgent"=C:\Programy\Winamp\winampa.exe [2008-08-04 36352]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-11-18 149280]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"DAEMON Tools Lite"=C:\Programy\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
"SpybotSD TeaTimer"=C:\Programy\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"igndlm.exe"=C:\Program Files (x86)\Download Manager\DLM.exe [2009-02-25 1103216]
"PlayNC Launcher"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150596.exe [2009-04-29 468408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Philips Device Manager.lnk - C:\Program Files (x86)\Philips\SA28XX Device Manager\main.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d3f31ce8-fcf6-11dd-8961-806e6f6e6963}]
shell\AutoRun\command - D:\autorun.exe -auto


======List of files/folders created in the last 1 months======

2010-02-04 14:12:38 ----D---- C:\Program Files (x86)\trend micro
2010-02-04 14:12:37 ----D---- C:\rsit
2010-02-04 13:42:30 ----D---- C:\Program Files (x86)\Mass Effect 2
2010-02-03 12:40:27 ----D---- C:\Program Files (x86)\ESET
2010-02-03 12:31:15 ----RA---- C:\Windows\system32\GEARAspi.dll
2010-02-03 12:30:17 ----D---- C:\Program Files (x86)\Norton 360
2010-02-03 12:30:06 ----D---- C:\Program Files (x86)\NortonInstaller
2010-02-02 21:43:37 ----D---- C:\ProgramData\vsosdk
2010-02-02 21:35:27 ----A---- C:\Users\-\AppData\Roaming\inst.exe
2010-02-02 21:35:12 ----A---- C:\Windows\system32\sipr3260.dll
2010-02-02 21:35:12 ----A---- C:\Windows\system32\drv43260.dll
2010-02-02 21:35:12 ----A---- C:\Windows\system32\drv33260.dll
2010-02-02 21:35:12 ----A---- C:\Windows\system32\drv23260.dll
2010-02-02 21:35:12 ----A---- C:\Windows\system32\cook3260.dll
2010-02-02 21:35:11 ----A---- C:\Windows\system32\wvc1dmod.dll
2010-02-02 21:35:11 ----A---- C:\Windows\system32\vp7vfw.dll
2010-02-02 18:36:43 ----D---- C:\Users\-\AppData\Roaming\avidemux
2010-02-02 15:53:55 ----D---- C:\ProgramData\Kaspersky Lab
2010-02-01 20:39:48 ----D---- C:\ProgramData\Farbs
2010-01-30 01:03:01 ----D---- C:\Program Files (x86)\directx
2010-01-30 00:56:46 ----D---- C:\HryUFO Aftermath
2010-01-25 19:31:05 ----HDC---- C:\ProgramData\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2010-01-25 19:27:54 ----D---- C:\ProgramData\Lavasoft
2010-01-25 19:27:54 ----D---- C:\Program Files (x86)\Lavasoft
2010-01-25 05:49:27 ----D---- C:\ProgramData\Symantec
2010-01-24 18:31:24 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-01-24 18:30:58 ----D---- C:\Users\-\AppData\Roaming\SUPERAntiSpyware.com
2010-01-24 18:25:43 ----D---- C:\Users\-\AppData\Roaming\Malwarebytes
2010-01-24 18:25:04 ----D---- C:\ProgramData\Malwarebytes
2010-01-24 17:52:26 ----D---- C:\Program Files (x86)\Common Files\Symantec Shared
2010-01-24 17:47:28 ----D---- C:\ProgramData\Norton
2010-01-24 17:46:24 ----D---- C:\ProgramData\NortonInstaller
2010-01-22 01:44:48 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 01:44:47 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 01:44:47 ----A---- C:\Windows\system32\occache.dll
2010-01-22 01:44:46 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 01:44:46 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 01:44:45 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 01:44:45 ----A---- C:\Windows\system32\ieapfltr.dll
2010-01-22 01:44:44 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 01:44:44 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 01:44:44 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 01:44:43 ----A---- C:\Windows\system32\mstime.dll
2010-01-22 01:44:43 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-22 01:44:43 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 01:44:43 ----A---- C:\Windows\system32\ieencode.dll
2010-01-22 01:44:43 ----A---- C:\Windows\system32\ieaksie.dll
2010-01-21 16:04:18 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-01-21 16:04:18 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-01-21 16:04:16 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-01-21 16:03:24 ----A---- C:\Windows\system32\wrap_oal.dll
2010-01-21 16:03:24 ----A---- C:\Windows\system32\OpenAL32.dll
2010-01-21 15:35:15 ----D---- C:\Program Files (x86)\Deep Silver
2010-01-21 15:34:09 ----D---- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2010-01-17 23:10:03 ----D---- C:\ProgramData\ATI
2010-01-17 22:25:06 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-01-17 22:25:06 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-01-17 22:25:05 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-01-17 22:25:03 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-01-17 22:25:02 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-01-17 22:25:01 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-01-17 22:25:00 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-01-17 22:24:57 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-01-17 22:24:51 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-01-17 22:24:51 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-01-17 22:24:51 ----A---- C:\Windows\system32\xactengine3_2.dll

======List of files/folders modified in the last 1 months======

2010-02-04 14:12:44 ----D---- C:\Windows\Temp
2010-02-04 14:12:38 ----D---- C:\Program Files (x86)
2010-02-04 14:10:47 ----SHD---- C:\Windows\Installer
2010-02-04 14:10:47 ----D---- C:\Windows
2010-02-04 14:10:46 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-02-04 14:10:18 ----D---- C:\Program Files (x86)\AGEIA Technologies
2010-02-04 14:10:16 ----D---- C:\Windows\SysWOW64
2010-02-04 14:09:37 ----D---- C:\Downloads
2010-02-04 14:09:11 ----D---- C:\Program Files (x86)\Common Files\BioWare
2010-02-04 08:24:58 ----D---- C:\Windows\System32
2010-02-04 08:24:57 ----D---- C:\Windows\inf
2010-02-04 08:21:08 ----D---- C:\Users\-\AppData\Roaming\ICQ
2010-02-04 08:13:16 ----D---- C:\Windows\Prefetch
2010-02-03 23:02:57 ----D---- C:\Programy
2010-02-03 22:19:56 ----SHD---- C:\System Volume Information
2010-02-03 22:07:42 ----D---- C:\Hry
2010-02-03 21:57:27 ----D---- C:\ProgramData
2010-02-03 12:30:51 ----RD---- C:\Program Files
2010-02-02 22:47:41 ----D---- C:\Users\-\AppData\Roaming\Vso
2010-02-02 21:35:10 ----D---- C:\Program Files (x86)\vso
2010-02-02 16:04:23 ----SHD---- C:\$Recycle.Bin
2010-02-02 16:01:37 ----D---- C:\Sklad
2010-02-02 15:48:16 ----D---- C:\Windows\system32\drivers
2010-01-31 12:22:32 ----RSD---- C:\Windows\assembly
2010-01-30 10:08:32 ----D---- C:\Windows\Tasks
2010-01-30 00:58:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-01-29 08:05:25 ----D---- C:\Program Files (x86)\Common Files
2010-01-28 17:00:41 ----AD---- C:\ProgramData\TEMP
2010-01-27 03:19:16 ----D---- C:\Program Files (x86)\Internet Explorer
2010-01-27 03:03:30 ----D---- C:\Windows\winsxs
2010-01-26 10:13:05 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-01-26 09:48:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-01-25 09:59:44 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-01-17 23:09:09 ----SD---- C:\Windows\Downloaded Program Files
2010-01-17 23:08:02 ----D---- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2010-01-17 22:32:23 ----D---- C:\ProgramData\WildTangent
2010-01-17 20:26:54 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx64;Symantec Heuristics Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\BHDrvx64.sys []
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\N360x64\0308000.029\ccHPx64.sys []
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-02-02 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100128.002\IDSvia64.sys [2009-10-28 466992]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0308000.029\SRTSPX64.SYS []
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
R1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMTDI.SYS []
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
R3 AmdLLD64;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100203.048\ENG64.SYS [2010-02-03 116272]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100203.048\EX64.SYS [2010-02-03 1742896]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\N360x64\0308000.029\SRTSP64.SYS []
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMFW.SYS []
R3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\N360x64\0308000.029\SYMNDISV.SYS []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S3 aq8k5zbh;aq8k5zbh; C:\Windows\system32\drivers\aq8k5zbh.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys []
S3 dump_wmimmc;dump_wmimmc; \??\C:\Hry\NCsoft\AionEU\bin32\GameGuard\dump_wmimmc.sys []
S3 EraserUtilDrvI9;EraserUtilDrvI9; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrvI9.sys [2010-02-02 132656]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2009-02-17 20544]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-01 4682]
S3 Pcouffin64;Low level access layer for CD devices; C:\Windows\System32\Drivers\pcouffin64a.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-10 40999448]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2010-02-03 117640]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 SBSDWSCService;SBSD Security Center Service; C:\Programy\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-18 654848]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2009-08-30 3407412]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 14:34
od Caroprd111
Zdravím :)

Na logu se pracuje, prosím o strpení.

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 14:57
od Caroprd111
:arrow: Odinstalujte Spybot - Search & Destroy a Ad-Aware v Přidat nebo odebrat programy.

:arrow: Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
- spustte, klikněte na Run Scan
- po skončení skenu sem vložte obsah logů z OTL.Txt a Extras.txt


:arrow: Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

:arrow: Záložka Čistič
- Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

:arrow: Záložka Registry
- Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
:arrow: OK :arrow: Zavřít


:arrow: K čemu používáte disk D: :???:

:arrow: Jsou s PC nějaké problémy :???:

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 16:18
od Ennui
Disk D je dvd jednotka. S PC problémy nejsou (když toho dělám víc naráz, tak občas nějaký program zamrzne, ale to je tuším normální :)), potíž je (zatím) jen to kradení hesel. Výpis z OTL:

OTL.txt:
OTL logfile created on: 4.2.2010 16:00:13 - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 56,33 Gb Free Space | 12,09% Space Free | Partition Type: NTFS
Drive D: | 4,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 149,03 Gb Total Space | 25,23 Gb Free Space | 16,93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: -
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.02.04 15:48:49 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
PRC - [2010.02.03 12:30:36 | 000,117,640 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe
PRC - [2009.12.22 18:43:30 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009.11.18 03:52:53 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2008.12.29 11:40:30 | 000,687,560 | ---- | M] (DT Soft Ltd) -- C:\Programy\DAEMON Tools Lite\daemon.exe
PRC - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.08.04 00:02:20 | 000,036,352 | ---- | M] () -- C:\Programy\Winamp\winampa.exe
PRC - [2008.07.10 16:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008.06.09 10:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2006.02.28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe


========== Modules (SafeList) ==========

MOD - [2010.02.04 15:48:49 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL.exe
MOD - [2008.01.21 03:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2008.01.21 03:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.11.25 04:17:16 | 000,202,752 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2008.07.29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV:64bit: - [2008.01.21 03:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.02.03 12:30:36 | 000,117,640 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\ccSvcHst.exe -- (N360)
SRV - [2009.11.18 02:33:20 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.08.30 20:17:30 | 003,407,412 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009.07.26 06:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2008.09.24 14:32:48 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008.07.27 19:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008.07.10 16:33:06 | 040,999,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2008.07.10 16:33:06 | 000,369,688 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS)
SRV - [2008.07.10 16:33:02 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -- (MSSQLServerADHelper100)
SRV - [2008.06.09 10:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006.11.02 14:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006.11.02 07:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006.11.02 07:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2006.10.27 00:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006.02.28 12:42:38 | 000,229,376 | ---- | M] (Apple Computer, Inc.) [Auto | Running] -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.02.03 12:30:51 | 000,172,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010.02.03 12:30:38 | 000,476,720 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2010.02.03 12:30:38 | 000,402,992 | ---- | M] () [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SYMEFA64.SYS -- (SymEFA)
DRV:64bit: - [2010.02.03 12:30:38 | 000,278,576 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMTDI.SYS -- (SYMTDI)
DRV:64bit: - [2010.02.03 12:30:38 | 000,120,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMFW.SYS -- (SYMFW)
DRV:64bit: - [2010.02.03 12:30:38 | 000,056,880 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\SYMNDISV.SYS -- (SYMNDISV)
DRV:64bit: - [2010.02.03 12:30:38 | 000,032,304 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010.02.03 12:30:38 | 000,031,280 | R--- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\SymIMv.sys -- (SymIM)
DRV:64bit: - [2010.02.03 12:30:37 | 000,583,296 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\ccHPx64.sys -- (ccHP)
DRV:64bit: - [2010.02.03 12:30:37 | 000,334,384 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\0308000.029\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010.02.03 12:30:37 | 000,034,152 | R--- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010.02.02 21:35:27 | 000,082,816 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2009.11.25 04:52:14 | 006,174,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.08.02 11:29:31 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2009.08.02 11:29:30 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.05.27 15:15:16 | 000,033,344 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.20 20:22:35 | 000,082,048 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\pcouffin64a.sys -- (Pcouffin64)
DRV:64bit: - [2009.02.20 13:50:03 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2008.06.18 04:20:32 | 000,181,024 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008.05.02 06:59:48 | 000,166,912 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2007.06.29 14:48:06 | 000,039,424 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AmdLLD64.sys -- (AmdLLD64)
DRV:64bit: - [2006.11.02 06:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV - [2010.02.03 10:00:00 | 001,742,896 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100203.048\EX64.SYS -- (NAVEX15)
DRV - [2010.02.03 10:00:00 | 000,116,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100203.048\ENG64.SYS -- (NAVENG)
DRV - [2010.02.02 15:36:16 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010.02.02 15:36:16 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.10.28 23:37:21 | 000,466,992 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100128.002\IDSviA64.sys -- (IDSVia64)
DRV - [2009.02.17 14:47:10 | 000,020,544 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2007.02.07 19:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2006.09.18 22:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006.09.18 22:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2005.01.01 10:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.centrum.cz"
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.17
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009.08.30 17:19:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.01.17 23:09:14 | 000,000,000 | ---D | M]

[2009.03.23 08:05:37 | 000,000,000 | ---D | M] -- C:\Users\-\AppData\Roaming\mozilla\Extensions
[2010.02.04 13:48:19 | 000,000,000 | ---D | M] -- C:\Users\-\AppData\Roaming\mozilla\Firefox\Profiles\pwamrttf.default\extensions
[2009.08.21 02:05:12 | 000,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Users\-\AppData\Roaming\mozilla\Firefox\Profiles\pwamrttf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2010.02.04 15:53:29 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.02.02 15:56:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\crawlersrch.xml
[2009.12.22 04:24:43 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2009.12.22 04:24:43 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2009.12.22 04:24:43 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2009.12.22 04:24:43 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2009.12.22 04:24:43 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.05.23 20:38:27 | 000,306,457 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10550 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Programy\Winamp\winampa.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Programy\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKCU..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe (IGN Entertainment)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -Mozilla\4.0 ( File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Programy\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net ... plugin.cab (QuickTime Plugin Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} http://www.freerealms.com/gamedata/Free ... taller.cab (Reg Error: Key error.)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} http://www.fileplanet.com/fpdlmgr/cabs/ ... .8.110.cab (CDownloadCtrl Object)
O16 - DPF: {7A70CD54-3FCB-4D64-BE2F-0C71914EE05A} http://static.beta.eartheternal.com/Rel ... nstall.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton 360\Engine\3.8.0.41\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\-\Pictures\Poster%20-%20Royal%20Wedding_05.jpg
O24 - Desktop BackupWallPaper: C:\Users\-\Pictures\Poster%20-%20Royal%20Wedding_05.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.26 17:45:39 | 000,779,496 | R--- | M] (BioWare) - D:\autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.10.26 22:21:41 | 000,000,054 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{d3f31ce8-fcf6-11dd-8961-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d3f31ce8-fcf6-11dd-8961-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009.10.26 17:45:39 | 000,779,496 | R--- | M] (BioWare)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.02.04 14:12:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.02.04 14:12:37 | 000,000,000 | ---D | C] -- C:\rsit
[2010.02.04 13:42:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2010.02.03 22:02:52 | 000,000,000 | ---D | C] -- C:\Users\-\Documents\GHOSTBUSTERS (tm)
[2010.02.03 22:02:52 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Local\GHOSTBUSTERS (tm)
[2010.02.03 15:33:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0308000.029
[2010.02.03 12:56:28 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Local\Andrej_Koch
[2010.02.03 12:42:17 | 000,000,000 | ---D | C] -- C:\Users\-\Desktop\mok
[2010.02.03 12:40:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010.02.03 12:31:15 | 000,107,368 | R--- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.02.03 12:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.02.03 12:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010.02.03 12:30:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010.02.03 12:30:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010.02.03 12:30:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.02.02 21:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2010.02.02 21:35:27 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\-\AppData\Roaming\pcouffin.sys
[2010.02.02 21:35:12 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv43260.dll
[2010.02.02 21:35:12 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv33260.dll
[2010.02.02 21:35:12 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\drv23260.dll
[2010.02.02 21:35:12 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\sipr3260.dll
[2010.02.02 21:35:12 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\cook3260.dll
[2010.02.02 21:35:11 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wvc1dmod.dll
[2010.02.02 21:35:11 | 000,626,688 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll
[2010.02.02 18:36:43 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Roaming\avidemux
[2010.02.02 15:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.02.01 20:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Farbs
[2010.01.30 01:03:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\directx
[2010.01.30 00:56:46 | 000,000,000 | ---D | C] -- C:\HryUFO Aftermath
[2010.01.26 10:08:19 | 000,000,000 | ---D | C] -- C:\Users\-\Documents\SoliumInfernumGame
[2010.01.25 19:30:32 | 050,935,864 | ---- | C] (NETGATE Technologies s.r.o. ) -- C:\Users\-\Desktop\se-setup.exe
[2010.01.25 19:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010.01.25 19:03:22 | 054,478,752 | ---- | C] (NETGATE Technologies s.r.o. ) -- C:\Users\-\Desktop\is-setup.exe
[2010.01.25 10:48:57 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Local\Threat Expert
[2010.01.25 05:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.01.24 18:31:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010.01.24 18:30:58 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Roaming\SUPERAntiSpyware.com
[2010.01.24 18:25:43 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Roaming\Malwarebytes
[2010.01.24 18:25:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.01.24 18:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.01.24 17:52:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.01.24 17:48:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.01.24 17:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.01.24 17:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.01.22 01:44:47 | 000,833,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.01.22 01:44:47 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.01.22 01:44:45 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2010.01.22 01:44:44 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.01.22 01:44:44 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.01.22 01:44:44 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.01.22 01:44:43 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.01.22 01:44:43 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.01.22 01:44:43 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2010.01.22 01:44:43 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2010.01.22 01:44:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2010.01.22 01:44:43 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.01.21 16:21:07 | 000,000,000 | ---D | C] -- C:\Users\-\AppData\Local\Ascaron Entertainment
[2010.01.21 16:04:18 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.01.21 16:04:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.01.21 16:04:16 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.01.21 16:03:24 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.01.21 16:03:24 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.01.21 15:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Deep Silver
[2010.01.21 15:34:09 | 000,000,000 | ---D | C] -- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
[2010.01.18 02:11:25 | 000,000,000 | ---D | C] -- C:\Users\-\Desktop\dočasné
[2010.01.17 23:10:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.01.17 22:25:06 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.01.17 22:25:06 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.01.17 22:25:05 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.01.17 22:25:03 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.01.17 22:25:02 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.01.17 22:25:01 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.01.17 22:25:00 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.01.17 22:24:57 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.01.17 22:24:51 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.01.17 22:24:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.01.17 22:24:51 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.02.04 16:02:28 | 008,912,896 | -HS- | M] () -- C:\Users\-\NTUSER.DAT
[2010.02.04 15:59:25 | 001,577,172 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.02.04 15:59:25 | 000,663,906 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.02.04 15:59:25 | 000,652,292 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.02.04 15:59:25 | 000,139,188 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.02.04 15:59:25 | 000,125,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.02.04 15:52:47 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.02.04 15:52:46 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.02.04 15:52:45 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.02.04 15:52:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.02.04 15:51:00 | 000,524,288 | -HS- | M] () -- C:\Users\-\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010.02.04 15:51:00 | 000,065,536 | -HS- | M] () -- C:\Users\-\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010.02.04 15:50:59 | 002,909,813 | -H-- | M] () -- C:\Users\-\AppData\Local\IconCache.db
[2010.02.04 08:19:25 | 002,262,598 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB
[2010.02.04 08:18:42 | 000,002,166 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010.02.04 00:01:09 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\NeroLiveEpgUpdate-PC_-.job
[2010.02.03 22:57:14 | 000,001,991 | ---- | M] () -- C:\Users\-\Documents\aionmemo_ c2daf22.dat
[2010.02.03 15:33:00 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini
[2010.02.03 12:56:08 | 000,000,774 | ---- | M] () -- C:\Users\-\Desktop\Virtual Keyboard.lnk
[2010.02.03 12:30:51 | 000,172,592 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.02.03 12:30:51 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.02.03 12:30:51 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.02.03 12:30:38 | 000,476,720 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys
[2010.02.03 12:30:38 | 000,402,992 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys
[2010.02.03 12:30:38 | 000,278,576 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys
[2010.02.03 12:30:38 | 000,120,880 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symfw.sys
[2010.02.03 12:30:38 | 000,056,880 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndisv.sys
[2010.02.03 12:30:38 | 000,044,080 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndis.sys
[2010.02.03 12:30:38 | 000,043,568 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symids.sys
[2010.02.03 12:30:38 | 000,032,304 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys
[2010.02.03 12:30:38 | 000,031,280 | R--- | M] () -- C:\Windows\SysNative\drivers\SymIMV.sys
[2010.02.03 12:30:37 | 000,583,296 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys
[2010.02.03 12:30:37 | 000,334,384 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys
[2010.02.03 12:30:37 | 000,034,152 | R--- | M] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.02.03 12:30:32 | 000,126,312 | R--- | M] () -- C:\Windows\SysNative\GEARAspi64.dll
[2010.02.03 12:30:32 | 000,107,368 | R--- | M] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.02.03 12:30:27 | 000,003,373 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA.inf
[2010.02.03 12:30:27 | 000,001,836 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.inf
[2010.02.03 12:30:27 | 000,001,481 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf
[2010.02.03 12:30:27 | 000,001,480 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.inf
[2010.02.03 12:30:27 | 000,001,437 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.inf
[2010.02.03 12:30:27 | 000,001,421 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.inf
[2010.02.03 12:30:27 | 000,000,640 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.inf
[2010.02.03 12:30:19 | 000,009,415 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.cat
[2010.02.03 12:30:19 | 000,009,412 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat
[2010.02.03 12:30:19 | 000,007,410 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.cat
[2010.02.03 12:30:19 | 000,007,401 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.cat
[2010.02.03 12:30:19 | 000,007,399 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.cat
[2010.02.03 12:30:19 | 000,007,362 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.CAT
[2010.02.03 12:30:19 | 000,007,345 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.cat
[2010.02.02 22:47:28 | 000,001,173 | ---- | M] () -- C:\Users\-\AppData\Roaming\vso_ts_preview.xml
[2010.02.02 21:35:27 | 000,099,384 | ---- | M] () -- C:\Users\-\AppData\Roaming\inst.exe
[2010.02.02 21:35:27 | 000,082,816 | ---- | M] (VSO Software) -- C:\Users\-\AppData\Roaming\pcouffin.sys
[2010.02.02 21:35:27 | 000,082,816 | ---- | M] () -- C:\Windows\SysNative\drivers\pcouffin.sys
[2010.02.02 21:35:27 | 000,007,859 | ---- | M] () -- C:\Users\-\AppData\Roaming\pcouffin.cat
[2010.02.02 21:35:26 | 000,001,167 | ---- | M] () -- C:\Users\-\AppData\Roaming\pcouffin.inf
[2010.02.02 21:35:17 | 000,000,907 | ---- | M] () -- C:\Users\-\Desktop\ConvertXtoDVD 4.lnk
[2010.02.02 21:14:30 | 000,204,800 | ---- | M] () -- C:\Users\-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.02 18:36:38 | 000,000,740 | ---- | M] () -- C:\Users\Public\Desktop\Avidemux 2.5.lnk
[2010.01.31 12:20:02 | 000,000,731 | ---- | M] () -- C:\Users\-\Desktop\King's Bounty. The Legend.lnk
[2010.01.30 00:58:26 | 000,000,421 | ---- | M] () -- C:\Users\Public\Desktop\UFO Aftermath.lnk
[2010.01.25 19:32:44 | 050,935,864 | ---- | M] (NETGATE Technologies s.r.o. ) -- C:\Users\-\Desktop\se-setup.exe
[2010.01.25 19:03:22 | 054,478,752 | ---- | M] (NETGATE Technologies s.r.o. ) -- C:\Users\-\Desktop\is-setup.exe
[2010.01.24 19:51:13 | 000,370,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.01.22 17:00:14 | 000,001,548 | ---- | M] () -- C:\Users\Public\Desktop\Galactic Civilizations II - Ultimate Edition.lnk
[2010.01.22 08:45:13 | 000,100,856 | ---- | M] () -- C:\Users\-\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.01.21 16:03:24 | 000,419,840 | ---- | M] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.01.21 16:03:24 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.01.21 16:03:24 | 000,133,632 | ---- | M] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.01.21 16:03:24 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.01.21 13:56:48 | 000,004,988 | ---- | M] () -- C:\Users\-\Desktop\en.la.ciudad.de.sylvia.(2007).eng.1cd.(3301212).zip
[2010.01.07 16:07:14 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.01.07 16:07:06 | 000,022,104 | ---- | M] () -- C:\Windows\SysNative\drivers\mbam.sys
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.02.04 08:19:08 | 002,262,598 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\Cat.DB
[2010.02.03 15:33:31 | 000,278,576 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symtdi.sys
[2010.02.03 15:33:31 | 000,120,880 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symfw.sys
[2010.02.03 15:33:31 | 000,056,880 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndisv.sys
[2010.02.03 15:33:31 | 000,044,080 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symndis.sys
[2010.02.03 15:33:31 | 000,043,568 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symids.sys
[2010.02.03 15:33:31 | 000,009,415 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.cat
[2010.02.03 15:33:31 | 000,009,412 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\symnetv.cat
[2010.02.03 15:33:31 | 000,001,481 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNetV.inf
[2010.02.03 15:33:31 | 000,001,480 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymNet.inf
[2010.02.03 15:33:30 | 000,583,296 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\cchpx64.sys
[2010.02.03 15:33:30 | 000,476,720 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.sys
[2010.02.03 15:33:30 | 000,402,992 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.sys
[2010.02.03 15:33:30 | 000,334,384 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.sys
[2010.02.03 15:33:30 | 000,032,304 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.sys
[2010.02.03 15:33:30 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.cat
[2010.02.03 15:33:30 | 000,007,401 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.cat
[2010.02.03 15:33:30 | 000,007,399 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA64.cat
[2010.02.03 15:33:30 | 000,007,345 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.cat
[2010.02.03 15:33:30 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\SymEFA.inf
[2010.02.03 15:33:30 | 000,001,836 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\ccHPx64.inf
[2010.02.03 15:33:30 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtsp64.inf
[2010.02.03 15:33:30 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\srtspx64.inf
[2010.02.03 15:33:29 | 000,007,362 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.CAT
[2010.02.03 15:33:29 | 000,000,640 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\BHDrvx64.inf
[2010.02.03 15:33:00 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0308000.029\isolate.ini
[2010.02.03 12:56:08 | 000,000,774 | ---- | C] () -- C:\Users\-\Desktop\Virtual Keyboard.lnk
[2010.02.03 12:31:15 | 000,126,312 | R--- | C] () -- C:\Windows\SysNative\GEARAspi64.dll
[2010.02.03 12:31:15 | 000,034,152 | R--- | C] () -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.02.03 12:30:59 | 000,031,280 | R--- | C] () -- C:\Windows\SysNative\drivers\SymIMV.sys
[2010.02.03 12:30:53 | 000,172,592 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.02.03 12:30:53 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.02.03 12:30:53 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.02.03 12:30:44 | 000,002,166 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2010.02.02 21:37:53 | 000,001,173 | ---- | C] () -- C:\Users\-\AppData\Roaming\vso_ts_preview.xml
[2010.02.02 21:37:18 | 000,000,034 | ---- | C] () -- C:\Users\-\AppData\Roaming\pcouffin.log
[2010.02.02 21:35:27 | 000,099,384 | ---- | C] () -- C:\Users\-\AppData\Roaming\inst.exe
[2010.02.02 21:35:27 | 000,082,816 | ---- | C] () -- C:\Windows\SysNative\drivers\pcouffin.sys
[2010.02.02 21:35:27 | 000,007,859 | ---- | C] () -- C:\Users\-\AppData\Roaming\pcouffin.cat
[2010.02.02 21:35:26 | 000,001,167 | ---- | C] () -- C:\Users\-\AppData\Roaming\pcouffin.inf
[2010.02.02 21:35:17 | 000,000,907 | ---- | C] () -- C:\Users\-\Desktop\ConvertXtoDVD 4.lnk
[2010.02.02 18:36:38 | 000,000,740 | ---- | C] () -- C:\Users\Public\Desktop\Avidemux 2.5.lnk
[2010.01.31 12:20:02 | 000,000,731 | ---- | C] () -- C:\Users\-\Desktop\King's Bounty. The Legend.lnk
[2010.01.30 00:58:26 | 000,000,421 | ---- | C] () -- C:\Users\Public\Desktop\UFO Aftermath.lnk
[2010.01.25 10:29:11 | 000,377,136 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistMSI19EB.txt
[2010.01.25 10:29:11 | 000,011,994 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistUI19EE.txt
[2010.01.25 10:29:10 | 000,012,502 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistUI19EB.txt
[2010.01.24 18:25:02 | 000,022,104 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.01.22 17:00:14 | 000,001,548 | ---- | C] () -- C:\Users\Public\Desktop\Galactic Civilizations II - Ultimate Edition.lnk
[2010.01.22 01:44:50 | 005,686,784 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.01.22 01:44:48 | 007,005,696 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.01.22 01:44:47 | 001,426,432 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.01.22 01:44:47 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.01.22 01:44:47 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.01.22 01:44:45 | 000,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.01.22 01:44:45 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.01.22 01:44:45 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010.01.22 01:44:45 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.01.22 01:44:44 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010.01.22 01:44:44 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.01.22 01:44:43 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.01.22 01:44:43 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010.01.22 01:44:43 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010.01.22 01:44:43 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.01.22 01:44:43 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.01.22 01:44:41 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.01.21 16:04:18 | 001,942,552 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.01.21 16:04:18 | 000,540,688 | ---- | C] () -- C:\Windows\SysNative\d3dx10_39.dll
[2010.01.21 16:04:16 | 004,992,520 | ---- | C] () -- C:\Windows\SysNative\D3DX9_39.dll
[2010.01.21 16:03:24 | 000,419,840 | ---- | C] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.01.21 16:03:24 | 000,133,632 | ---- | C] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.01.21 13:56:47 | 000,004,988 | ---- | C] () -- C:\Users\-\Desktop\en.la.ciudad.de.sylvia.(2007).eng.1cd.(3301212).zip
[2010.01.17 22:25:06 | 000,517,960 | ---- | C] () -- C:\Windows\SysNative\XAudio2_5.dll
[2010.01.17 22:25:06 | 000,176,968 | ---- | C] () -- C:\Windows\SysNative\xactengine3_5.dll
[2010.01.17 22:25:05 | 002,582,888 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.01.17 22:25:03 | 005,554,512 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.01.17 22:25:02 | 000,285,024 | ---- | C] () -- C:\Windows\SysNative\d3dx11_42.dll
[2010.01.17 22:25:01 | 000,523,088 | ---- | C] () -- C:\Windows\SysNative\d3dx10_42.dll
[2010.01.17 22:25:00 | 002,475,352 | ---- | C] () -- C:\Windows\SysNative\D3DX9_42.dll
[2010.01.17 22:24:57 | 000,073,544 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.01.17 22:24:51 | 000,513,544 | ---- | C] () -- C:\Windows\SysNative\XAudio2_2.dll
[2010.01.17 22:24:51 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\xactengine3_2.dll
[2010.01.17 22:24:51 | 000,072,200 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_1.dll
[2009.11.27 23:49:13 | 000,429,532 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistMSI7C68.txt
[2009.11.27 23:49:13 | 000,011,364 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistUI7C68.txt
[2009.11.18 22:37:36 | 001,598,754 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.11.18 22:15:42 | 000,337,216 | ---- | C] () -- C:\Users\-\AppData\Local\dd_SharedManagementObjects_MSI75A2.txt
[2009.11.18 22:15:39 | 000,171,956 | ---- | C] () -- C:\Users\-\AppData\Local\dd_SQLSysClrTypes_msi7599.txt
[2009.11.18 22:15:35 | 000,305,232 | ---- | C] () -- C:\Users\-\AppData\Local\dd_SQLCEToolsForVS2007_MSI758C.txt
[2009.11.18 22:15:31 | 000,397,740 | ---- | C] () -- C:\Users\-\AppData\Local\dd_SSCERuntime_MSI757E.txt
[2009.11.18 22:12:38 | 009,628,706 | ---- | C] () -- C:\Users\-\AppData\Local\VSMsiLog734A.txt
[2009.11.18 22:12:33 | 000,199,996 | ---- | C] () -- C:\Users\-\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI7339.txt
[2009.11.18 22:12:27 | 000,213,310 | ---- | C] () -- C:\Users\-\AppData\Local\dd_WinSDK_ExpTools_x64_MSI7326.txt
[2009.11.18 22:12:14 | 001,228,166 | ---- | C] () -- C:\Users\-\AppData\Local\dd_ExpRemoteDbg_x64_MSI72FB.txt
[2009.11.18 22:12:10 | 000,341,080 | ---- | C] () -- C:\Users\-\AppData\Local\dd_VC_Red_MSI72EE.txt
[2009.11.18 21:57:41 | 000,120,210 | ---- | C] () -- C:\Users\-\AppData\Local\dd_depcheck_VCS_EXP_90.txt
[2009.11.18 21:57:33 | 000,507,626 | ---- | C] () -- C:\Users\-\AppData\Local\dd_install_vcs_xcor_90.txt
[2009.11.18 21:57:33 | 000,009,596 | ---- | C] () -- C:\Users\-\AppData\Local\uxeventlog.txt
[2009.11.18 21:57:33 | 000,000,002 | ---- | C] () -- C:\Users\-\AppData\Local\dd_error_vcs_xcor_90.txt
[2009.08.20 02:30:36 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2009.08.19 16:02:13 | 000,435,654 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistMSI11AE.txt
[2009.08.19 16:02:13 | 000,011,382 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistUI11AE.txt
[2009.07.24 16:34:31 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2009.07.14 17:15:00 | 000,178,432 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.04 00:52:16 | 000,424,692 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistMSI4F1A.txt
[2009.07.04 00:52:15 | 000,011,414 | ---- | C] () -- C:\Users\-\AppData\Local\dd_vcredistUI4F1A.txt
[2009.07.02 12:14:14 | 000,168,448 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.02 12:14:13 | 000,795,648 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.07.02 12:14:12 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2009.07.02 12:14:12 | 000,130,048 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.07.02 12:14:11 | 000,067,584 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.07.02 12:14:11 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2009.02.22 15:38:41 | 000,000,142 | ---- | C] () -- C:\Users\-\AppData\Roaming\default.rss
[2009.02.20 15:39:50 | 000,204,800 | ---- | C] () -- C:\Users\-\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.17 14:44:03 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2009.02.17 14:39:52 | 000,000,732 | ---- | C] () -- C:\Users\-\AppData\Local\d3d9caps64.dat
[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 03:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E828A893
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:EA983230
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 16:19
od Ennui
Tady ještě Extras.Txt:

OTL Extras logfile created on: 4.2.2010 16:00:13 - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 59,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 56,33 Gb Free Space | 12,09% Space Free | Partition Type: NTFS
Drive D: | 4,21 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 149,03 Gb Total Space | 25,23 Gb Free Space | 16,93% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PC
Current User Name: -
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5687F409-9EB4-4CD1-B20B-0F6752078C7F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{738BCAA1-1D2B-4EE7-BA16-8F6B6AD35538}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012F46C9-7677-4CC1-9890-59376FE549F0}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
"{04F7A947-9035-475D-8664-7DC9BA67F672}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
"{08117DA2-DB23-4336-90EF-29AFE868F864}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daorigins.exe |
"{082847DD-B0E4-42AA-A5C8-DD3D9F830743}" = protocol=6 | dir=in | app=c:\programy\bitcomet\bitcomet.exe |
"{0F90A2D9-C969-415C-B70B-CE0E5FCF25DA}" = protocol=6 | dir=in | app=c:\hry\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{107FA0A6-1FE8-43B7-9177-BFE2C0C3EC57}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{10E5C55C-978B-4823-82FF-5C94BBFBE91E}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\daoriginslauncher.exe |
"{17C694A2-762D-4A0E-BCAD-65A640315CE2}" = protocol=17 | dir=in | app=c:\hry\stardock games\demigod\bin\demigod.exe |
"{1CBE1625-E58A-463A-B1E7-BEDFA024F1F9}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{1F0C5F04-6B44-4DD5-9ABE-567DB12F71CE}" = protocol=6 | dir=in | app=c:\hry\battleforge\bootstrapper.exe |
"{37D0070A-EB71-4ADC-B8CC-37A56C6380DA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{3BCF9B0F-F2FD-4684-818F-6EEC02405F58}" = protocol=17 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
"{3CC9762C-163C-400B-A2E9-574712755921}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\binaries\masseffect2.exe |
"{52D6A0F5-B01A-46AA-AB8F-18052D7340FC}" = protocol=17 | dir=in | app=c:\hry\batman arkham asylum\binaries\shippingpc-bmgame.exe |
"{569090B3-CA72-4658-94BB-4288BC65996C}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"{5F930BE5-B754-4824-A412-170447684D8C}" = protocol=6 | dir=in | app=c:\hry\battleforge\battleforge.exe |
"{6425A8FB-AC46-4092-A770-262290CC4FC0}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-engb-downloader.exe |
"{72936C79-2F35-4DF5-962E-FCEA0CCAD934}" = protocol=6 | dir=in | app=c:\programy\torrent\utorrent.exe |
"{7772452F-1AEB-4E43-8D57-248075AE544E}" = protocol=17 | dir=in | app=c:\hry\battleforge\bootstrapper.exe |
"{7A66BAAA-D8E1-4F6B-A4B9-708A314D303E}" = protocol=6 | dir=in | app=c:\program files (x86)\dragon age\bin_ship\daupdatersvc.service.exe |
"{7FDB8F66-C3EB-45CA-BD96-B562E62C32AD}" = protocol=6 | dir=in | app=c:\hry\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-engb-downloader.exe |
"{8772889E-5112-4DF6-9A83-47DB33974FBE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{8A9BABAE-5832-4353-AC34-42B88F494410}" = protocol=6 | dir=in | app=c:\hry\overlord ii\overlord2.exe |
"{8AF791BC-5143-440B-9104-4FCD4BAD8064}" = protocol=17 | dir=in | app=c:\hry\overlord ii\overlord2.exe |
"{8C8107FA-D83B-4F3E-A161-33158DA1A0B2}" = protocol=17 | dir=in | app=c:\hry\rockstar games\rockstar games social club\rgsclauncher.exe |
"{8D9A02A6-5CDA-4105-AD40-BEE1B9FBAFBB}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{8EFB3F6C-AF65-401F-A69A-2D4670EA7EAB}" = protocol=17 | dir=in | app=c:\hry\sid meier's civilization iv colonization\colonization.exe |
"{979CADF1-5E75-499B-AA83-CD08853E7A9F}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-engb-downloader.exe |
"{9C20BDF4-5407-415A-988D-06045ED87AEB}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect 2\masseffect2launcher.exe |
"{A07BD972-5C2C-4C96-AFF4-EE68BBA742BD}" = protocol=17 | dir=in | app=c:\hry\battleforge\battleforge.exe |
"{A16D6F6F-6E7F-429C-82CA-7941492E078F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AB290C22-BF15-460C-B1CC-5D568D69EAC7}" = protocol=6 | dir=in | app=c:\hry\rockstar games\rockstar games social club\rgsclauncher.exe |
"{ACE69E23-6FDB-48BC-A1D1-696FAF3B4872}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{AD6E06FE-D251-4A91-8305-9A57D2005E45}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
"{AE73DD3E-668E-4DAD-9E98-5F79985AE9A6}" = protocol=17 | dir=in | app=c:\hry\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-engb-downloader.exe |
"{B0DCF846-7BB9-48C6-BEE8-899DD79E2D5A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-engb-downloader.exe |
"{B9D7DE30-1489-4B41-8437-9641FBC76EFF}" = protocol=6 | dir=in | app=c:\hry\stardock games\demigod\bin\demigod.exe |
"{BB00A0E5-EE2C-438B-BB53-C73C14446404}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C15AF086-89FD-4226-9A4C-4745C2A19599}" = protocol=17 | dir=in | app=c:\programy\torrent\utorrent.exe |
"{C2E0A502-F06E-47C5-8BF5-6C3D51105F85}" = protocol=6 | dir=in | app=c:\hry\sid meier's civilization iv colonization\colonization.exe |
"{CD1C8B1C-66F2-417F-B218-185547B29E18}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{CEDDFB69-DFAE-48E5-A4F5-412295B0B33E}" = protocol=17 | dir=in | app=c:\programy\bitcomet\bitcomet.exe |
"{D2CA1E68-A083-402E-B697-6A862A86B265}" = protocol=17 | dir=in | app=c:\hry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{E8533716-E9AE-4411-A2B9-22C6490861C8}" = protocol=6 | dir=in | app=c:\hry\rockstar games\grand theft auto iv\launchgtaiv.exe |
"{ED193B99-36EB-4F3F-8CC6-684CAE407B2D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F739EDD7-8913-4DD7-9E84-59DBCC49E071}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-engb-downloader.exe |
"TCP Query User{07EDEBAC-5295-4849-9717-F58714111DD7}C:\hry\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\hry\world of warcraft\launcher.exe |
"TCP Query User{10024050-6C18-4929-84BE-C551EA37CB4F}C:\hry\stardock games\demigod\bin\demigod.exe" = protocol=6 | dir=in | app=c:\hry\stardock games\demigod\bin\demigod.exe |
"TCP Query User{1DF04C18-FCDD-49F1-9AD4-A09A8D42AED9}C:\hry\thq\dawn of war\w40k.exe" = protocol=6 | dir=in | app=c:\hry\thq\dawn of war\w40k.exe |
"TCP Query User{200E55C3-320F-43EA-9D5D-5D20D9C1B015}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{215B1507-6AE8-4BB0-9F67-E1B681602B00}C:\program files (x86)\icq6.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{23FF4560-32A5-4BF8-B4FC-A7B0C1410104}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{2D975824-9896-445A-B745-B2E51EEF98BF}C:\users\-\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\-\program files (x86)\dna\btdna.exe |
"TCP Query User{4FAF2C6C-6A70-47F8-9599-14BDE2E8ACCB}C:\programy\sdc222\strongdc.exe" = protocol=6 | dir=in | app=c:\programy\sdc222\strongdc.exe |
"TCP Query User{621C69A7-3326-48FE-BE97-049FDE9AD62F}C:\hry\wowko-ptr\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=c:\hry\wowko-ptr\world of warcraft public test\launcher.exe |
"TCP Query User{78DF13A7-0402-40CE-9EF1-E1B4D957B1C5}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{7A710A51-EDA5-404B-AB96-07A1CB34C40B}C:\hry\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\hry\world of warcraft\backgrounddownloader.exe |
"TCP Query User{9A954A99-2D3D-4F4B-A555-FFA0939B0F6E}C:\users\-\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\-\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"TCP Query User{9E7A8E5F-43D9-4D77-A2EC-3E47A5F2265A}C:\users\-\downloads\sdc222\strongdc.exe" = protocol=6 | dir=in | app=c:\users\-\downloads\sdc222\strongdc.exe |
"TCP Query User{9F424073-BC15-4509-A31D-2DDC75DDDDF9}C:\programy\sdc222\strongdc.exe" = protocol=6 | dir=in | app=c:\programy\sdc222\strongdc.exe |
"TCP Query User{CA3DE2CD-A686-4029-A07C-70AC8AEBC561}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{DFC681F6-F4DB-4F16-A5F7-92EA272B5751}E:\bin\demigod.exe" = protocol=6 | dir=in | app=e:\bin\demigod.exe |
"TCP Query User{E1DD2BB3-6288-4044-A231-78AB970938EC}C:\hry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\hry\rockstar games\grand theft auto iv\gtaiv.exe |
"TCP Query User{EDDA0F7B-74B0-47C8-BB0B-7794D23BCEA3}C:\hry\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\hry\world of warcraft\backgrounddownloader.exe |
"TCP Query User{FD087868-A07B-445C-BF2E-B1C8E1F870E3}C:\hry\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\hry\world of warcraft\launcher.exe |
"UDP Query User{3063AC20-3C34-4B59-ADFC-77E8D658F2E7}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{3606F76C-2440-4A46-A708-E013DC34087F}C:\hry\stardock games\demigod\bin\demigod.exe" = protocol=17 | dir=in | app=c:\hry\stardock games\demigod\bin\demigod.exe |
"UDP Query User{3B6956F7-69AD-4BE7-AC00-ED846B67BA04}E:\bin\demigod.exe" = protocol=17 | dir=in | app=e:\bin\demigod.exe |
"UDP Query User{42FC36B3-EA4E-457C-BEA5-B6A58B672F5B}C:\hry\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\hry\rockstar games\grand theft auto iv\gtaiv.exe |
"UDP Query User{4D0DD4CA-1CB0-4B2D-936E-13A8859CAF13}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{556DBA59-49F9-4B86-B0F6-5DDA8FCBA0A7}C:\users\-\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\-\desktop\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"UDP Query User{617AFC4B-1C83-4D35-9BF5-5E0E757ABDF8}C:\programy\sdc222\strongdc.exe" = protocol=17 | dir=in | app=c:\programy\sdc222\strongdc.exe |
"UDP Query User{63F1B68B-A800-4635-B5D9-9EFE4DA195D2}C:\hry\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\hry\world of warcraft\backgrounddownloader.exe |
"UDP Query User{71CD427B-D0AF-4460-851D-E6A2EB9AD742}C:\hry\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\hry\world of warcraft\launcher.exe |
"UDP Query User{7437D796-6B61-4E92-AC88-AF852026FF56}C:\users\-\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\-\program files (x86)\dna\btdna.exe |
"UDP Query User{83EFF74C-262B-46E7-9D29-25697033A0B3}C:\hry\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\hry\world of warcraft\launcher.exe |
"UDP Query User{868D78EF-548D-44DA-9B23-E15547FF3E20}C:\program files (x86)\icq6.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"UDP Query User{8EC7DB00-E2A7-41B9-8EFD-6041ACB75146}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{97945732-8105-4DC5-A778-AA37098E6996}C:\users\-\downloads\sdc222\strongdc.exe" = protocol=17 | dir=in | app=c:\users\-\downloads\sdc222\strongdc.exe |
"UDP Query User{A94DADFF-CAD3-49CB-9C3F-B98895B5AD1F}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{B8F26E69-6B97-4A12-BF6E-7F931DEAB58F}C:\hry\thq\dawn of war\w40k.exe" = protocol=17 | dir=in | app=c:\hry\thq\dawn of war\w40k.exe |
"UDP Query User{BDDCB9CB-609A-4E92-A5A0-745FC0CF470E}C:\hry\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\hry\world of warcraft\backgrounddownloader.exe |
"UDP Query User{C4CF5623-37F7-4AA3-86E4-1103BEC623D2}C:\programy\sdc222\strongdc.exe" = protocol=17 | dir=in | app=c:\programy\sdc222\strongdc.exe |
"UDP Query User{F78C01EB-8476-4A07-AC10-56857BC31894}C:\hry\wowko-ptr\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=c:\hry\wowko-ptr\world of warcraft public test\launcher.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0826F9E4-787E-481D-83E0-BC6A57B056D5}" = Microsoft SQL Server VSS Writer
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DA5428C-3D35-317C-2FBA-485AAC49E9C0}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}" = Microsoft SQL Server 2008 Native Client
"{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}" = ATI Catalyst Install Manager
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD73CA82-EA82-38AA-863D-9A24A018DC96}" = Microsoft .NET Framework 3.5 Language Pack SP1 - csy
"{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{f45b48a7-f616-4211-b927-17cab6a96613}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"EPSON Printer and Utilities" = EPSON Printer Software
"Microsoft .NET Framework 3.5 Language Pack SP1 - csy" = Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0650BB10-BCF4-400A-85EE-04097E3046C6}" = Adobe Setup
"{0711500B-9912-4D60-9A49-C577B4503D42}" = Nero Recode Help
"{07FF7593-9DEA-40B5-9F87-F557E65BBF60}" = Nero Recode
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0BDE949A-3CF5-3852-B4F7-92EAE4F25F73}" = CCC Help English
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1122AAC4-AAAA-43BF-B2D4-3C8C12378952}" = Nero InfoTool
"{11A84FCA-C3C7-4AFD-A797-111DB8569DBC}" = Nero BurningROM
"{12345674-DE9A-677A-CCEE-666356D89777}" = Nero BurnRights
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1B040683-C390-4711-ABC7-DA8D85E470E7}" = NeroBurningROM
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2D3455A8-3B15-41A8-99F8-0D4215746463}" = Nero StartSmart
"{3097B151-1F61-4211-A4CC-D70127B226AE}" = SoundTrax
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{3699BC50-DA7B-4DA7-BB43-2981C9178FAD}" = UFO Aftermath
"{3A1B1652-D70A-4D19-981E-BB15D0DBF253}" = Ghostbusters (TM): The Video Game
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3F30CC51-0788-487B-AA83-7214A239C0C0}" = Nero Disc Copy Gadget Help
"{45350494-82B7-3E53-85B7-79A1AD9AE080}" = Catalyst Control Center Graphics Light
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4D42353B-533F-4306-AD0B-7FEF292ADE04}" = Nero CoverDesigner Help
"{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum
"{4e829e13-4e5c-41bd-b0d0-34071e8a9175}" = Nero 9
"{4E8C27C2-D727-4C00-A90E-C3F6376EEE70}" = Nero ControlCenter
"{525E7F71-67C1-806E-69D0-892CC3CE2F8E}" = Catalyst Control Center Graphics Full Existing
"{537306C2-CDAC-F606-5D46-D5727F58FAD3}" = Catalyst Control Center Graphics Previews Vista
"{548F99E0-14CC-4D53-A7D6-4A62A5F2C748}" = Nero PhotoSnap
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56BE5CC9-95E6-4128-ABEA-968414CA9C80}" = DolbyFiles
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A62A775-A29A-4CE1-BBC2-4A9CD0B211EF}" = Nero Live Help
"{5AE12194-3EAA-40DF-B2BF-FE1D6B78BBF4}" = Nero Vision
"{5C2E8A0F-80E2-4C68-8CC0-D8D16E7196BF}" = Nero RescueAgent Help
"{5C42EAB8-54F9-423A-948C-1CBEF25F8DB4}" = Nero PhotoSnap Help
"{5C9BB0B3-E830-4814-BBA4-D93535E1C7B9}" = Nero Live
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{6D7D1E6B-C24E-4EAF-84E3-432D0DA1056B}" = Aion
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75321954-2589-11DC-DDCC-E98356D81493}" = Nero DriveSpeed
"{753973C4-B961-43BF-B2D4-3C8C92F7216E}" = Nero DriveSpeed
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{78523651-D8B1-11DC-CCEE-741589645873}" = Nero DiscSpeed
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{88DDBE5E-8AC0-F463-AC50-E56FAA2E3CEB}" = Catalyst Control Center Graphics Previews Common
"{897B3B21-8691-26F5-97E8-A9955C20BB20}" = Catalyst Control Center HydraVision Full
"{8C654BD0-1949-43DE-84F2-EC2A1ABB0CB4}" = Nero ShowTime
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{943CC0C0-2253-4FE0-9493-DD386F7857FD}" = Nero Express
"{948FFAAE-C57F-447B-9B07-3721E950BFDC}" = Nero ShowTime
"{961D53EA-40DC-4156-AD74-25684CE05F81}" = Nero Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A875B56-A35C-46BA-A3AA-DF8D03EE9F2F}" = Nero ControlCenter
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{9F3523F8-DAD7-AE52-6DA7-45CDDDF33726}" = Advertising Center
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A4418082-E601-3954-805B-D56A2B50EC8B}" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A73BEC3C-40A0-480E-87EF-EFCD33629088}" = NeroExpress
"{A8399F58-234A-48C6-BA55-30C15738BF3C}" = Nero CoverDesigner
"{A842C34B-2083-6947-BC0E-5654BDBADCDA}" = Catalyst Control Center Graphics Full New
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AAA12554-2589-11DC-92EF-E98356D81493}" = Nero InfoTool
"{AABBCC54-D8B1-11DC-92EF-E98356D81493}" = Nero DiscSpeed
"{AC76BA86-7AD7-1029-7B44-A91000000001}" = Adobe Reader 9.1.3 - Czech
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Prameny
"{AFD12747-7CDA-49A5-BC5F-18B90FAD6822}" = SA28xx Device Manager
"{B2C12C8D-65DC-40BD-B309-5ADB0C6C8D8F}" = Nero WaveEditor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B45FABE7-D101-4D99-A671-E16DA40AF7F0}" = Microsoft Games for Windows - LIVE
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B578C85A-A84C-4230-A177-C5B2AF565B8C}" = Microsoft Games for Windows - LIVE Redistributable
"{B96C2601-52F5-4D5D-816A-63469EA311EF}" = "Nero SoundTrax Help
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA3B34EB-3F4B-0E19-0916-971C1AD3F0AD}" = Catalyst Control Center InstallProxy
"{BACF6E43-F9BE-4645-B2A4-035B29E41A52}" = SA28xx Device Manager
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.0.13
"{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}" = EPSON Easy Photo Print
"{BCD82AB5-670D-4242-90FA-1F97103C16CD}" = Movie Templates - Starter Kit
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C99C89A3-119A-45E6-B26E-DD5643CAA0C5}" = Menu Templates - Starter Kit
"{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}" = NCsoft Launcher
"{CB166F48-6219-2DFD-8800-191BE6F5923A}" = ccc-core-static
"{CD1826A5-CFCC-4C6E-9F9D-E181876162EA}" = Nero Rescue Agent
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7C206B6-1A63-4389-A8B1-8F607D0BFF1F}" = Nero StartSmart Help
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322
"{E0B71631-6AA8-C596-A485-8480E92DD745}" = Catalyst Control Center Core Implementation
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1" = King's Bounty. The Legend (Remove Only)
"{E4A8DD87-A746-4443-BF25-CAF99CED6767}" = Nero Disc Copy Gadget
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E86156E5-9859-440D-8876-26CED1349802}" = Nero WaveEditor Help
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EA9FFE54-D8B1-11DC-92EF-E98356D81493}" = Nero BurnRights
"{EB5F211D-85D5-44C4-BB15-1207C77EF430}" = Visual C++ 8.0 Runtime Setup Package
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F53F6769-AC46-49E3-ABE3-2C8AFD39D0DD}" = Nero Vision
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_7328fdfcb73660ec8b11d5a3d5c6232" = Adobe Dreamweaver CS3
"Age of Mythology 1.0" = Age of Mythology
"Avidemux 2.5" = Avidemux 2.5
"BadMilkDemo" = BadMilkDemo
"BitComet" = BitComet 1.17
"BSPlayerf" = BS.Player FREE
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Download Manager" = Download Manager 2.3.8
"Easy Video Splitter_is1" = Easy Video Splitter 1.28
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.2
"Galactic Civilizations II - Ultimate Edition" = Galactic Civilizations II - Ultimate Edition
"GIF Animator" = Microsoft GIF Animator
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"Homeworld2" = Homeworld2
"Impulse" = Impulse
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.6.2
"Light of Altair Demo_is1" = Light of Altair Demo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual C# 2008 Express Edition with SP1 - ENU" = Microsoft Visual C# 2008 Express Edition with SP1 - ENU
"Monopoly by Parker Brothers" = Monopoly by Parker Brothers
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"N360" = Norton 360
"Organism" = Organism
"Pixel Mine Launcher_is1" = Pixel Mine Launcher 1.00
"PokerAcademyPro2" = Poker Academy Pro 2
"Poznáváme C# a Microsoft.NET_is1" = 1.1.13.574
"ProcessScanner_is1" = Uniblue ProcessScanner
"PROHYBRIDR" = 2007 Microsoft Office system
"PSPad editor_is1" = PSPad editor
"ROM CHECK FAIL_is1" = ROM CHECK FAIL 1.0
"SpeedFan" = SpeedFan (remove only)
"Strange Adventures in Infinite Space" = Strange Adventures in Infinite Space
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualKeyboard" = Virtual Keyboard 3.1.5
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 4 Free 4.24

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3.2.2010 7:40:14 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Downloads\esetsmartinstaller_csy.exe.
Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná aplikací
je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní součásti
jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 3.2.2010 7:40:23 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Downloads\esetsmartinstaller_csy.exe.
Chyba v souboru manifestu nebo zásad na řádku . Verze součásti požadovaná aplikací
je v konfliktu s jinou verzí součásti, která je již aktivní. Konfliktní součásti
jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 4.2.2010 3:18:16 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 4.2.2010 3:18:16 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 4.2.2010 3:18:16 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 4.2.2010 3:18:16 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

Error - 4.2.2010 3:18:56 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =

Error - 4.2.2010 10:53:57 | Computer Name = PC | Source = WinMgmt | ID = 10
Description =

Error - 4.2.2010 10:55:19 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.

Error - 4.2.2010 10:55:20 | Computer Name = PC | Source = SideBySide | ID = 16842830
Description = Selhalo generování kontextu aktivace pro: C:\Program Files (x86)\Nero\Nero
9\Nero Recode\Recode.exe.Manifest. Chyba v souboru manifestu nebo zásad na řádku
. Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která
je již aktivní. Konfliktní součásti jsou: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_152e7382f3bd50c6.manifest.

[ System Events ]
Error - 4.2.2010 5:25:49 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:25:52 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:25:55 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:25:58 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:26:01 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:26:04 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:26:08 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:26:11 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 5:26:14 | Computer Name = PC | Source = disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 4.2.2010 10:52:45 | Computer Name = PC | Source = HTTP | ID = 15016
Description =


< End of report >

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 16:23
od Caroprd111
OK, podívám se na to.

Re: keylogger - je už opravdu pryč?

Napsal: 04 úno 2010 16:42
od Caroprd111
:arrow: stáhněte HostsXpert http://www.funkytoad.com/download/HostsXpert.zip
- rozbalte do vlastní složky
- klikněte na tlačítko Restore MS Hosts File
- vyskočí hláška na potvrzení, klikněte na OK
- pokud by program vyhodil chybovou hlášku: ERROR: Cannot create file C:\WINDOWS\system32\DRIVERS\ETC\hosts, tak klikněte tlačítko Make Writeable? a pak teprve klikněte na tlačítko Restore MS Hosts File
- po proběhnutí klikněte na tlačítko Make ReadOnly?
- ukončete program a restartujte Počítač


:arrow: Stáhněte AVPTool http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

- Podle návodu nainstalujte a proveďte sken.
- Co najde, nechejte léčit, mazat.
- Sken může trvat několik hodin.

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 03:28
od Ennui
Všechno provedeno, AVPTool nic nenašel (ten processing error je jen od vyndání dvd):

Autoscan: completed 1 hour ago (events: 3, objects: 793108, time: 08:48:42)
4.2.2010 17:12:42 Task started
5.2.2010 1:03:36 Processing error D:\data\movies.rar Read error
5.2.2010 2:01:24 Task completed

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 06:30
od Caroprd111
:arrow: Znovu spusťte OTL, klikněte na CleanUp! Zvolte "Yes"

:arrow: Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)

V žádném z logů nic škodlivého nevidím :)

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 10:11
od Ennui
Oba programy úspěšně použity. To je skvělý, jestli už tu ten keylogger není - já byla trochu paranoidní, jak se vrátil po té první očistě počítače. :)

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 13:31
od Caroprd111
OK, v tom případě to zde můžeme ukončit :)

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 18:02
od Ennui
Děkuju moc za rady. :)

Re: keylogger - je už opravdu pryč?

Napsal: 05 úno 2010 18:11
od Caroprd111
Nemáte zač :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz