FB flash player vir

Zpráva

plutak · #1 Příspěvek od **plutak** » 20 srp 2011 22:18

No brácha naletěl. přikládám Log z RSIT.
Prosím o vyřešení/nápravu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Sotola at 2011-08-20 23:15:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 402 GB (84%) free of 477 GB
Total RAM: 3328 MB (47% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1002UA.job
C:\Windows\tasks\Norton Security Scan for Martin.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~1\SiteRanker\SiteRank.dll [2011-05-31 351448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
&Crawler Toolbar Helper - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-05-31 1219832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2011-05-05 2257760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\Inbox Toolbar\Inbox.dll [2011-07-06 873976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\Inbox Toolbar\Inbox.dll [2011-07-06 873976]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2011-05-31 1219832]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll [2011-05-30 2495816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ioCentre"=C:\Genius\ioCentre\gTaskBar.exe [2007-12-17 61440]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2010-04-30 9210400]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"NPSStartup"= []
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"Cm112Sound"=RunDll32 cm112.cpl,CMICtrlWnd []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"SiteRanker"=C:\Program Files\SiteRanker\SiteRankTray.exe [2011-05-31 319488]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"tray_ico"= []
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"9555733.exe"=C:\Users\Vojta\AppData\Local\Temp\9555733.exe [2011-08-20 258048]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-08-20 258048]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-08-20 258048]
"932886.exe"=C:\Windows\Temp\932886.exe [2011-08-20 632832]
"44370798-loader2.exe"=C:\Windows\Temp\44370798-loader2.exe [2011-08-20 258048]
"7848109.exe"=C:\Windows\Temp\7848109.exe [2011-08-20 258048]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-04-18 2334560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-13 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamersFirst LIVE!.lnk - C:\Program Files\GamersFirst\LIVE!\Live.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
VPN Client.lnk - C:\Windows\Installer\{08B785C1-3893-4154-B53B-F5D341D0AAAA}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.VP62"=vp6vfw.dll
"msacm.lhacm"=lhacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-20 23:09:48 ----D---- C:\rsit
2011-08-20 23:09:48 ----D---- C:\Program Files\trend micro
2011-08-20 23:00:44 ----D---- C:\Users\Sotola\AppData\Roaming\AVG10
2011-08-20 22:59:34 ----D---- C:\ProgramData\AVG Security Toolbar
2011-08-20 22:58:19 ----D---- C:\Windows\system32\drivers\AVG
2011-08-20 22:58:19 ----D---- C:\ProgramData\AVG10
2011-08-20 22:57:34 ----D---- C:\Program Files\AVG
2011-08-20 22:48:25 ----HD---- C:\ProgramData\Common Files
2011-08-20 22:46:50 ----D---- C:\ProgramData\MFAData
2011-08-20 22:01:21 ----A---- C:\Windows\zip.exe
2011-08-20 22:01:21 ----A---- C:\Windows\SWSC.exe
2011-08-20 22:01:21 ----A---- C:\Windows\SWREG.exe
2011-08-20 22:01:21 ----A---- C:\Windows\sed.exe
2011-08-20 22:01:21 ----A---- C:\Windows\PEV.exe
2011-08-20 22:01:21 ----A---- C:\Windows\NIRCMD.exe
2011-08-20 22:01:21 ----A---- C:\Windows\MBR.exe
2011-08-20 22:01:21 ----A---- C:\Windows\grep.exe
2011-08-20 22:01:10 ----D---- C:\Windows\ERDNT
2011-08-20 22:01:09 ----SD---- C:\ComboFix
2011-08-20 22:01:06 ----D---- C:\Qoobox
2011-08-20 21:53:35 ----D---- C:\ProgramData\Alwil Software
2011-08-20 21:53:35 ----D---- C:\Program Files\Alwil Software
2011-08-20 21:42:32 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-20 21:41:37 ----HD---- C:\Windows\update.5.0
2011-08-20 21:40:28 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-20 21:39:40 ----HD---- C:\Windows\update.2
2011-08-20 21:39:26 ----A---- C:\Windows\unrar.exe
2011-08-20 21:38:41 ----HD---- C:\Windows\update.7.1
2011-08-20 21:35:18 ----A---- C:\Windows\sysdriver32_.exe
2011-08-20 21:35:17 ----A---- C:\Windows\iplist.txt
2011-08-20 21:35:04 ----A---- C:\Windows\sysdriver32.exe
2011-08-20 21:34:48 ----A---- C:\Windows\front_ip_list.txt
2011-08-20 21:23:13 ----D---- C:\Windows\av_ico
2011-08-20 21:21:06 ----HD---- C:\Windows\update.1
2011-08-20 21:19:29 ----HD---- C:\Windows\update.tray-7-0-lnk
2011-08-20 21:19:29 ----HD---- C:\Windows\update.tray-7-0
2011-08-20 21:09:07 ----A---- C:\Windows\winlog-ids.txt
2011-08-20 21:09:07 ----A---- C:\Windows\winlog-dirs.txt
2011-08-16 09:48:38 ----A---- C:\Windows\system32\wininet.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\urlmon.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-08-16 09:48:38 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-08-16 09:48:38 ----A---- C:\Windows\system32\msrating.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\msls31.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\mshtmler.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-16 09:48:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\ieui.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\iesysprep.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\iertutil.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\ieframe.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\ieakeng.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-08-16 09:48:38 ----A---- C:\Windows\system32\dxtrans.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\wextract.exe
2011-08-16 09:48:37 ----A---- C:\Windows\system32\webcheck.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\vbscript.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\url.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\pngfilt.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\occache.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\mshtml.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\mshta.exe
2011-08-16 09:48:37 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\jscript9.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\jscript.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\inseng.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\imgutil.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\iexpress.exe
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ieUnatt.exe
2011-08-16 09:48:37 ----A---- C:\Windows\system32\iesetup.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\iernonce.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\iepeers.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ieapfltr.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ieapfltr.dat
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ieakui.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ieaksie.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\ie4uinit.exe
2011-08-16 09:48:37 ----A---- C:\Windows\system32\icardie.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\dxtmsft.dll
2011-08-16 09:48:37 ----A---- C:\Windows\system32\admparse.dll
2011-08-14 16:39:50 ----A---- C:\Windows\system32\drivers\AmdLLD.sys
2011-08-14 16:39:48 ----D---- C:\Program Files\AMD
2011-08-10 18:59:40 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 18:59:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 18:59:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 18:59:34 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 18:59:27 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 18:59:12 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 18:59:11 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 18:59:11 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 18:59:11 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 18:59:10 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 18:59:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 18:59:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 18:59:06 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-10 18:59:06 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 18:59:06 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 18:59:06 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-10 18:59:05 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-09 13:37:22 ----D---- C:\Program Files\CCleaner
2011-08-08 19:42:59 ----D---- C:\Program Files\LogMeIn Hamachi
2011-08-07 18:45:17 ----D---- C:\BDS
2011-07-27 17:29:04 ----D---- C:\Program Files\Microsoft
2011-07-27 11:23:50 ----D---- C:\Content
2011-07-27 11:07:08 ----D---- C:\Program Files\Microsoft Research
2011-07-26 16:46:58 ----D---- C:\ProgramData\Easybits GO
2011-07-25 17:15:55 ----RASH---- C:\MSDOS.SYS
2011-07-25 17:15:55 ----RASH---- C:\IO.SYS
2011-07-24 20:23:18 ----RA---- C:\ProgramData\hash.dat
2011-07-24 17:36:18 ----D---- C:\Windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2011-07-24 10:01:39 ----D---- C:\Root
2011-07-22 16:20:34 ----D---- C:\Program Files\Apple Software Update

======List of files/folders modified in the last 1 month======

2011-08-20 23:13:54 ----D---- C:\Windows\Temp
2011-08-20 23:13:23 ----AD---- C:\Windows
2011-08-20 23:11:38 ----D---- C:\Windows\system32\config
2011-08-20 23:09:48 ----RD---- C:\Program Files
2011-08-20 23:08:37 ----D---- C:\Windows\System32
2011-08-20 23:08:12 ----D---- C:\ProgramData\NVIDIA
2011-08-20 22:59:55 ----SHD---- C:\Windows\Installer
2011-08-20 22:59:54 ----HD---- C:\Config.Msi
2011-08-20 22:59:34 ----HD---- C:\ProgramData
2011-08-20 22:59:14 ----D---- C:\Windows\system32\drivers
2011-08-20 22:58:54 ----D---- C:\Windows\inf
2011-08-20 22:58:46 ----D---- C:\Windows\system32\catroot
2011-08-20 22:58:45 ----D---- C:\Windows\system32\DriverStore
2011-08-20 22:57:55 ----SHD---- C:\System Volume Information
2011-08-20 22:39:02 ----A---- C:\Windows\win.ini
2011-08-20 21:40:18 ----D---- C:\Windows\system32\drivers\etc
2011-08-20 21:26:09 ----D---- C:\Windows\system32\Macromed
2011-08-20 21:26:09 ----D---- C:\Windows\system32\Adobe
2011-08-20 21:23:09 ----A---- C:\Windows\Cm112.ini.imi
2011-08-20 21:13:38 ----D---- C:\Program Files\DVDVideoSoftTB
2011-08-20 21:12:08 ----D---- C:\Program Files\ConduitEngine
2011-08-20 21:12:07 ----A---- C:\Windows\system32\ConduitEngine.tmp
2011-08-20 14:21:27 ----D---- C:\Program Files\Common Files\Steam
2011-08-20 13:58:09 ----D---- C:\Program Files\SiteRanker
2011-08-18 18:42:18 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-18 18:37:53 ----RSD---- C:\Windows\assembly
2011-08-18 16:57:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-17 16:55:56 ----SD---- C:\ProgramData\Microsoft
2011-08-16 17:48:45 ----D---- C:\Windows\rescache
2011-08-16 17:36:19 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-16 10:59:39 ----D---- C:\Windows\Minidump
2011-08-16 09:52:53 ----D---- C:\Windows\winsxs
2011-08-16 09:50:16 ----D---- C:\Windows\system32\cs-CZ
2011-08-16 09:50:15 ----D---- C:\Program Files\Internet Explorer
2011-08-16 09:50:14 ----D---- C:\Windows\system32\migration
2011-08-16 09:50:14 ----D---- C:\Windows\system32\en-US
2011-08-16 09:50:14 ----D---- C:\Windows\PolicyDefinitions
2011-08-16 09:49:24 ----D---- C:\Windows\Logs
2011-08-16 09:49:11 ----D---- C:\Windows\system32\catroot2
2011-08-12 20:50:16 ----D---- C:\Windows\Prefetch
2011-08-11 09:02:37 ----D---- C:\Windows\Microsoft.NET
2011-08-10 20:19:32 ----D---- C:\ProgramData\Microsoft Help
2011-08-10 20:01:23 ----D---- C:\Windows\debug
2011-08-10 20:01:22 ----A---- C:\Windows\system32\MRT.exe
2011-08-09 13:10:32 ----D---- C:\Windows\system32\Tasks
2011-08-08 09:44:23 ----D---- C:\ProgramData\Xfire
2011-08-05 19:18:22 ----D---- C:\ProgramData\PMB Files
2011-08-05 18:04:15 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 7
2011-08-05 17:46:40 ----D---- C:\Program Files\JDownloader
2011-07-31 10:08:41 ----SHD---- C:\$Recycle.Bin
2011-07-28 21:32:07 ----D---- C:\ProgramData\Origin
2011-07-28 21:29:19 ----D---- C:\Program Files\Origin
2011-07-27 17:35:29 ----D---- C:\Program Files\Adobe
2011-07-27 17:35:22 ----D---- C:\Program Files\Common Files\Adobe
2011-07-27 17:32:29 ----D---- C:\Program Files\Common Files
2011-07-27 14:28:02 ----A---- C:\Windows\system32\OpenAL32.dll
2011-07-26 16:48:39 ----RD---- C:\Program Files\Skype
2011-07-26 16:47:51 ----D---- C:\ProgramData\Skype
2011-07-24 17:36:42 ----D---- C:\Windows\system32\directx
2011-07-24 17:35:55 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-13 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-07-12 54112]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2011-01-07 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-03-01 34896]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2011-04-05 297168]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-12-23 281760]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2009-08-23 308859]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-12-23 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-10 21968]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys [2008-12-25 18432]
R3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb16.sys [2008-12-25 9216]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2010-04-30 3086752]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 USBADVAU;USB Advance Audio Interface; C:\Windows\system32\drivers\cm112.sys [2010-01-22 1515520]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 gMouPS2;PS2 Scroll Mouse Device; C:\Windows\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2010-04-27 98560]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2010-04-27 14848]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2010-04-27 123776]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG10\avgfws.exe [2011-03-09 2708024]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-04-18 7398752]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2009-08-23 1528624]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-20 382464]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 1361288]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-07-06 75064]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-08-20 258048]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\pev.cfxxe [2011-06-26 256000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-05-30 1025352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-20 411432]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-12 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 21 srp 2011 00:02

Zdravím a vítám vás na našem bezpečnostním fóru viry.cz

Můj nick je Caroprd111. Budu se vám v tomto topicu věnovat a snažit se odstranit všechny vaše problémy s počítačem.

Než začneme, přečtěte si prosím následující poznámky.

Pokud nemáte, zálohujte si všechna důležitá data. Infikovaný počítač je nevyzpytatelný.
Důsledně a pečlivě si přečtěte celý postup, poté pokračujte po jednotlivých krocích.
Prosím, nespouštějte žádné další programy na vlastní pěst, zejména ComboFix. Zbytečně tím můžete zkomplikovat odvirování, dokonce i znefunkčnit systém.
Absence příznaků nemusí vždy znamenat, že je počítač čistý, proto vždy spolupracujte až do doby, než vám napíšu, že je počítač v pořádku.
V případě, že něčemu nerozumíte nebo si nejste jist, neváhejte se mě zeptat.
Pokud bude log dlouhý a nevejde se do jednoho příspěvku, rozdělte jej do více příspěvků.

Vy umíte pracovat s ComboFixem? Kdo vám poradil jej použít? Máte z něj log?

plutak · #3 Příspěvek od **plutak** » 21 srp 2011 08:01

Ne. U jednoho stejného tématu doporučeno spustit základní čištění. A log se neudělal.

#4 Příspěvek od **Caroprd111** » 21 srp 2011 11:21

Každý počítač je nutno řešit individuálně, jakákoli rada tedy platí jen pro jednoho daného uživatele, proto nespouštějte žádné programy k odvirování bez pokynu ve vašem topicu.

ComboFix se nedoporučuje používat bez dozoru zkušené osoby a většinou kontroly logu z jiného detekčního programu, případně spuštění CF s příslušným parametrem. Rádce ví, jak případné legitimní smazané soubory obnovit, zná příkazy, dokáže se orientovat v logu atp. Nejde jen o problém restartování PC v případě, když vir smaže knihovnu hal.dll, ale o nespočet dalších věcí, které často nelze ani předpovídat.

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 
safebootminimal 
safebootnetwork
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
*crack*
*keygen*

Označte položku Pro všechny uživatele.
Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikněte na tlačítko Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

plutak · #5 Příspěvek od **plutak** » 21 srp 2011 11:51

OTL logfile created on: 21.8.2011 12:28:06 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Martin\Desktop
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 54,18% Memory free
6,50 Gb Paging File | 5,03 Gb Available in Paging File | 77,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 394,98 Gb Free Space | 84,82% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 88,89 Gb Free Space | 9,54% Space Free | Partition Type: NTFS

Computer Name: PUK0000OA095 | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.21 12:21:22 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
PRC - [2011.08.05 15:02:00 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
PRC - [2011.08.04 14:34:50 | 001,955,208 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.08.04 08:21:29 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Martin\AppData\Local\Google\Update\1.3.21.65\GoogleCrashHandler.exe
PRC - [2011.04.18 17:40:08 | 002,334,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011.04.18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011.04.14 05:36:42 | 001,080,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 22:44:58 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.04.07 22:44:48 | 000,841,832 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.03.28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011.03.21 23:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.03.16 16:05:14 | 000,656,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgfws.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2011.02.08 05:33:20 | 000,658,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011.02.08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgam.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.07.20 12:45:24 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.07.07 07:55:10 | 003,687,736 | ---- | M] (Ghisler Software GmbH) -- C:\totalcmd\TOTALCMD.EXE
PRC - [2010.07.04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- D:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.08.23 21:41:16 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2009.01.14 13:46:22 | 000,172,032 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
PRC - [2009.01.14 13:41:22 | 000,299,008 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
PRC - [2008.02.14 11:49:24 | 000,188,416 | ---- | M] () -- C:\Genius\ioCentre\gDeskMgm.exe
PRC - [2007.12.27 16:54:46 | 000,053,248 | ---- | M] () -- C:\Genius\ioCentre\gIMMgm.exe
PRC - [2007.12.17 15:49:20 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
PRC - [2007.11.27 16:19:16 | 000,176,128 | ---- | M] () -- C:\Genius\ioCentre\gKbStatus.exe
PRC - [2007.05.17 10:45:40 | 000,049,152 | ---- | M] () -- C:\Genius\ioCentre\gMGlass.exe
PRC - [2007.03.21 15:39:00 | 000,049,152 | ---- | M] () -- C:\Genius\ioCentre\gTaskSwitch.exe
PRC - [2007.02.26 16:16:30 | 000,188,416 | ---- | M] () -- C:\Genius\ioCentre\gZoom.exe
PRC - [2007.02.26 15:56:18 | 000,180,224 | ---- | M] () -- C:\Genius\ioCentre\gAutoPan.exe
PRC - [2007.01.19 19:03:24 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe

========== Modules (No Company Name) ==========

MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011.08.06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Martin\AppData\Local\Google\Chrome\Application\13.0.782.112\gcswf32.dll
MOD - [2011.08.05 15:02:00 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
MOD - [2011.03.21 23:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 23:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.02.10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2010.07.04 23:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerHook.dll
MOD - [2010.07.04 21:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerAssistant.exe
MOD - [2009.01.14 14:01:12 | 000,245,760 | ---- | M] () -- C:\Genius\ioCentre\gfBrowser.dll
MOD - [2009.01.14 13:46:22 | 000,172,032 | ---- | M] () -- C:\Genius\ioCentre\gKbdTask.exe
MOD - [2009.01.14 13:41:22 | 000,299,008 | ---- | M] () -- C:\Genius\ioCentre\gMouseTask.exe
MOD - [2008.12.24 19:45:24 | 000,126,976 | ---- | M] () -- C:\Genius\ioCentre\GenXml.dll
MOD - [2008.07.10 16:27:42 | 000,132,608 | ---- | M] () -- D:\spolecne\WinRAR\RarExt.dll
MOD - [2008.02.19 16:59:16 | 000,017,920 | ---- | M] () -- C:\Genius\ioCentre\gfOffice.dll
MOD - [2008.02.14 11:49:24 | 000,188,416 | ---- | M] () -- C:\Genius\ioCentre\gDeskMgm.exe
MOD - [2007.12.27 16:54:46 | 000,053,248 | ---- | M] () -- C:\Genius\ioCentre\gIMMgm.exe
MOD - [2007.12.21 15:16:16 | 000,057,344 | ---- | M] () -- C:\Genius\ioCentre\gfMedia.dll
MOD - [2007.12.17 15:49:20 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gTaskBar.exe
MOD - [2007.12.10 14:14:04 | 000,022,528 | ---- | M] () -- C:\Genius\ioCentre\gfSystem.dll
MOD - [2007.11.27 16:19:16 | 000,176,128 | ---- | M] () -- C:\Genius\ioCentre\gKbStatus.exe
MOD - [2007.10.02 15:41:38 | 000,319,488 | ---- | M] () -- D:\spolecne\WinRAR\rarlng.dll
MOD - [2007.08.01 11:02:36 | 000,031,744 | ---- | M] () -- C:\Genius\ioCentre\gfEmail.dll
MOD - [2007.05.18 15:37:10 | 000,021,504 | ---- | M] () -- C:\Genius\ioCentre\gIoCentreHook.dll
MOD - [2007.05.17 10:45:40 | 000,049,152 | ---- | M] () -- C:\Genius\ioCentre\gMGlass.exe
MOD - [2007.03.21 15:39:00 | 000,049,152 | ---- | M] () -- C:\Genius\ioCentre\gTaskSwitch.exe
MOD - [2007.02.26 16:16:30 | 000,188,416 | ---- | M] () -- C:\Genius\ioCentre\gZoom.exe
MOD - [2007.02.26 15:56:18 | 000,180,224 | ---- | M] () -- C:\Genius\ioCentre\gAutoPan.exe
MOD - [2007.01.19 19:07:56 | 000,021,504 | ---- | M] () -- C:\Genius\ioCentre\gDevMgm.dll
MOD - [2007.01.19 19:03:24 | 000,061,440 | ---- | M] () -- C:\Genius\ioCentre\gAutoScroll.exe

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
SRV - [2011.08.20 14:05:57 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.04 14:34:46 | 001,361,288 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.30 11:33:54 | 001,025,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.04.18 17:39:42 | 007,398,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.07.12 21:14:00 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.06.14 16:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.08.23 21:41:16 | 001,528,624 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011.04.14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.04.08 07:14:00 | 010,690,024 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.04.05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.03.16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.03.01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.02.22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011.02.10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.02.10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.01.07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010.12.23 20:26:57 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.12.23 20:26:56 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.07.13 17:48:11 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.07.12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010.06.14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.04.27 04:25:12 | 000,123,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2010.04.27 04:25:12 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2010.04.27 04:25:12 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 15:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 15:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.01.22 07:17:00 | 001,515,520 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cm112.sys -- (USBADVAU)
DRV - [2009.08.23 21:40:32 | 000,308,859 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.03.18 16:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.25 16:29:40 | 000,009,216 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gMouUsb16.sys -- (gMouUsb16)
DRV - [2008.12.25 16:28:32 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\gHidPnp.sys -- (gHidPnp)
DRV - [2008.11.16 18:39:44 | 000,131,984 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007.01.18 20:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006.07.12 04:48:46 | 000,017,408 | ---- | M] ( Mouse Upfilter Driver ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\gMouPS2.sys -- (gMouPS2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
IE - HKU\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 64 C3 AD AC DA 24 CB 01 [binary data]
IE - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Cabrilog.com/Cabri 3D: C:\Program Files\Cabri\Cabri 3D Plug-in 2.1\bin\npcabri3d.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Martin\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.24 15:31:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.11.01 20:38:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\ [2011.07.11 08:40:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011.08.21 11:29:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.11.01 20:38:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.08.24 15:31:02 | 000,000,000 | ---D | M]

[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011.08.20 21:40:18 | 000,202,984 | -H-- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 127.0.0.1 tl-ph.facebook.com
O1 - Hosts: 127.0.0.1 fo-fo.facebook.com
O1 - Hosts: 127.0.0.1 fr-fr.facebook.com
O1 - Hosts: 127.0.0.1 fy-nl.facebook.com
O1 - Hosts: 127.0.0.1 ga-ie.facebook.com
O1 - Hosts: 127.0.0.1 gl-es.facebook.com
O1 - Hosts: 127.0.0.1 ko-kr.facebook.com
O1 - Hosts: 50053 more lines...
O2 - BHO: () - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\Program Files\SiteRanker\SiteRank.dll (Crawler, LLC)
O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O3 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Cm112Sound] File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [SiteRanker] C:\Program Files\SiteRanker\SiteRankTray.exe (Crawler, LLC)
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [AutoStartNPSAgent] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [DAEMON Tools Lite] D:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe ()
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [RGSC] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [Steam] D:\spolecne\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [XFMNMXYOK] C:\Users\Martin\AppData\Roaming\PkgMgrr.dll ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1008..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/stati ... 0.31.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} https://pegas.cd.cz/dwa7W.cab (Domino Web Access 7 Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{deeceae5-bf2d-11df-9ae2-0016e63418ad}\Shell - "" = AutoRun
O33 - MountPoints2\{deeceae5-bf2d-11df-9ae2-0016e63418ad}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - File not found
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: wxpdrivers - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - File not found
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: wxpdrivers - Service
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codec - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: vidc.VP62 - C:\Windows\System32\vp6vfw.dll (EA.com/On2.com)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.08.21 12:26:05 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2011.08.21 11:51:29 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.08.21 09:26:59 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\AVG10
[2011.08.21 09:00:12 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.08.20 23:54:01 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011.08.20 23:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.08.20 23:09:48 | 000,000,000 | ---D | C] -- C:\rsit
[2011.08.20 22:59:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2011.08.20 22:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2011
[2011.08.20 22:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2011.08.20 22:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011.08.20 22:57:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011.08.20 22:48:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.08.20 22:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.08.20 22:01:21 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.08.20 22:01:21 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.08.20 22:01:21 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.08.20 22:01:10 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.08.20 22:01:06 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.20 21:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011.08.20 21:53:35 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011.08.20 21:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus
[2011.08.20 21:41:37 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.08.20 21:39:40 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.08.20 21:38:41 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011.08.20 21:23:13 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.08.20 21:21:06 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.08.18 18:22:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\STALKER-SHOC
[2011.08.17 19:11:04 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Spartan
[2011.08.16 09:53:34 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.08.16 09:48:38 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.08.16 09:48:38 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.08.16 09:48:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.16 09:48:38 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.08.16 09:48:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.08.16 09:48:38 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.08.16 09:48:38 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.08.16 09:48:38 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.08.16 09:48:38 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.08.16 09:48:38 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.08.16 09:48:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.16 09:48:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.08.16 09:48:38 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.08.16 09:48:38 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.08.16 09:48:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.08.16 09:48:37 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.16 09:48:37 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.08.16 09:48:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.08.16 09:48:37 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.16 09:48:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.08.16 09:48:37 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.08.16 09:48:37 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.08.16 09:48:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.16 09:48:37 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.08.16 09:48:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.08.16 09:48:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.08.16 09:48:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.08.16 09:48:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.08.16 09:48:37 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.08.16 09:48:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.08.16 09:48:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.08.16 09:48:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.08.16 09:48:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.08.16 09:48:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.08.16 09:48:37 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.08.16 09:48:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.08.16 09:48:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.08.16 07:57:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\LEGO Software
[2011.08.16 07:57:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\LEGO Creations
[2011.08.15 19:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Software
[2011.08.14 17:39:28 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Deus Ex - Invisible War
[2011.08.14 16:39:50 | 000,034,304 | ---- | C] (AMD, Inc.) -- C:\Windows\System32\drivers\AmdLLD.sys
[2011.08.14 16:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2011.08.12 13:58:32 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Two Tribes
[2011.08.11 13:21:18 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half Life Source
[2011.08.11 13:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half Life Source
[2011.08.10 18:59:37 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.08.10 18:59:35 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.10 18:59:11 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.08.10 18:59:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.10 18:59:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 18:59:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 18:59:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 18:59:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 18:59:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 18:59:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 18:59:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 18:59:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 18:59:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 18:59:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 18:59:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 18:59:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 18:59:08 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 18:59:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 18:59:08 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 18:59:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 18:59:08 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 18:59:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 18:59:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 18:59:06 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.08.10 18:59:06 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.08.10 18:59:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011.08.10 18:59:06 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011.08.10 18:59:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.08.10 11:37:10 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Tropico 4 Demo
[2011.08.09 13:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.09 13:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.08 19:43:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.08.08 19:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2011.08.08 16:11:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Thief - Deadly Shadows
[2011.08.08 15:56:06 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Thief - Deadly Shadows
[2011.08.08 14:26:04 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Black & White 2
[2011.08.08 14:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
[2011.08.07 20:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doctor Entertainment
[2011.08.07 20:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\007 - The World Is Not Enough
[2011.08.07 18:45:17 | 000,000,000 | ---D | C] -- C:\BDS
[2011.08.07 09:56:35 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firaxis Games
[2011.08.06 12:06:14 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2011.08.05 21:42:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
[2011.08.05 15:06:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\Desktop\Nová složka
[2011.08.04 13:23:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Nitro Games
[2011.08.04 12:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VTFEdit
[2011.08.03 09:03:36 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LIMBO
[2011.08.01 19:24:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2011.07.29 17:53:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\The Witcher
[2011.07.29 11:13:12 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\NFS Most Wanted
[2011.07.28 21:32:07 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Origin
[2011.07.27 17:32:20 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\SmallBasic
[2011.07.27 17:29:05 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Small Basic
[2011.07.27 17:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011.07.27 15:43:46 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\SH5
[2011.07.27 14:58:13 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Cold War
[2011.07.27 11:24:09 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Kodu
[2011.07.27 11:23:50 | 000,000,000 | ---D | C] -- C:\Content
[2011.07.27 11:23:39 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\SavedGames
[2011.07.27 11:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
[2011.07.27 11:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Research
[2011.07.26 19:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frozen Synapse
[2011.07.26 16:47:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.26 16:47:01 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\go
[2011.07.26 16:46:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.07.24 17:36:50 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Roaming\Hi-Rez Studios
[2011.07.24 10:01:39 | 000,000,000 | ---D | C] -- C:\Root
[2011.07.24 09:16:57 | 000,000,000 | ---D | C] -- C:\Users\Martin\Documents\Arktos
[2011.07.24 09:16:57 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Arktos
[2011.07.22 16:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.08.21 12:31:12 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.21 12:26:01 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1001UA.job
[2011.08.21 12:23:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.21 12:23:29 | 2616,893,440 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.21 12:23:28 | 475,639,724 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.08.21 12:21:22 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2011.08.21 12:20:00 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1002UA.job
[2011.08.21 11:51:29 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.08.21 11:29:17 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.08.21 09:26:52 | 000,000,020 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\PKGMGRR.DLL
[2011.08.21 09:10:32 | 000,015,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.21 09:10:32 | 000,015,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.21 09:02:36 | 000,406,344 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.08.21 08:26:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1001Core.job
[2011.08.21 06:36:44 | 129,043,446 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.08.21 06:36:44 | 000,660,214 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011.08.20 21:53:49 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.08.20 21:43:20 | 000,000,156 | ---- | M] () -- C:\Windows\info1
[2011.08.20 21:40:18 | 000,202,984 | -H-- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.08.20 21:40:18 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hîsts
[2011.08.20 21:39:26 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.08.20 21:39:26 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.08.20 21:35:21 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011.08.20 21:23:09 | 000,000,608 | ---- | M] () -- C:\Windows\Cm112.ini.imi
[2011.08.20 13:57:03 | 000,003,328 | ---- | M] () -- C:\Users\Martin\AppData\Local\SRDownloader.nast
[2011.08.20 13:40:06 | 000,142,470 | ---- | M] () -- C:\Users\Martin\AppData\Local\SRDownloader.err
[2011.08.18 18:36:53 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2011.08.18 16:57:04 | 000,669,402 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.08.18 16:57:04 | 000,654,796 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.18 16:57:04 | 000,141,034 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.08.18 16:57:04 | 000,121,668 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.17 20:20:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-15326732-892770985-4257938096-1002Core.job
[2011.08.16 19:34:00 | 000,000,691 | ---- | M] () -- C:\Users\Martin\Desktop\Posel Smrti 3.lnk
[2011.08.16 18:29:25 | 000,001,188 | ---- | M] () -- C:\Users\Public\Desktop\Transformers(TM) - War for Cybertron(TM).lnk
[2011.08.16 17:54:52 | 000,000,460 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Martin.job
[2011.08.16 09:48:38 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.08.16 09:48:38 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.08.16 09:48:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.08.16 09:48:38 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.16 09:48:38 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.08.16 09:48:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.08.16 09:48:38 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.08.16 09:48:38 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.08.16 09:48:38 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.08.16 09:48:38 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.08.16 09:48:38 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.08.16 09:48:38 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.16 09:48:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.08.16 09:48:38 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.08.16 09:48:38 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.08.16 09:48:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.08.16 09:48:37 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.16 09:48:37 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.08.16 09:48:37 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.08.16 09:48:37 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.16 09:48:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.08.16 09:48:37 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.08.16 09:48:37 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.16 09:48:37 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.08.16 09:48:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.08.16 09:48:37 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.08.16 09:48:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.08.16 09:48:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.08.16 09:48:37 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.08.16 09:48:37 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.08.16 09:48:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.08.16 09:48:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.08.16 09:48:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.08.16 09:48:37 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.08.16 09:48:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.08.16 09:48:37 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.08.16 09:48:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.08.16 09:48:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.08.15 19:48:00 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Universe.lnk
[2011.08.15 14:56:13 | 000,000,043 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.08.11 17:07:57 | 077,034,815 | ---- | M] () -- C:\Users\Martin\Desktop\MCGame_Complete_2011-08-11_16-19-24_Backup.mcgame
[2011.08.11 13:21:18 | 000,000,543 | ---- | M] () -- C:\Users\Martin\Desktop\Half Life Source.lnk
[2011.08.10 09:49:19 | 000,002,360 | ---- | M] () -- C:\Users\Martin\Desktop\Google Chrome.lnk
[2011.08.09 20:13:19 | 000,000,216 | ---- | M] () -- C:\Users\Martin\Desktop\sims 3.reg
[2011.08.09 20:12:05 | 000,000,816 | ---- | M] () -- C:\Users\Martin\Desktop\sims.reg
[2011.08.09 20:06:51 | 000,000,938 | ---- | M] () -- C:\Users\Public\Desktop\Sanctum.lnk
[2011.08.09 14:26:24 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Gears of War.lnk
[2011.08.09 13:51:12 | 000,064,432 | ---- | M] () -- C:\Users\Martin\Desktop\Záloha GOW ccleaner.reg
[2011.08.09 13:37:24 | 000,001,001 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.09 13:05:35 | 000,002,208 | ---- | M] () -- C:\Users\Martin\Desktop\Gow 2.reg
[2011.08.09 13:03:47 | 000,000,746 | ---- | M] () -- C:\Users\Martin\Desktop\GoW.reg
[2011.08.08 19:43:01 | 000,000,946 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2011.08.08 14:22:08 | 000,000,787 | ---- | M] () -- C:\Users\Public\Desktop\Black & White 2.lnk
[2011.08.07 20:39:34 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Puzzle Dimension.lnk
[2011.08.07 20:17:30 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\007 - The World Is Not Enough.lnk
[2011.08.07 18:48:52 | 072,495,023 | ---- | M] () -- C:\Users\Martin\Desktop\podcast_288.mp3
[2011.08.07 14:16:57 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\Brink.lnk
[2011.08.07 09:56:32 | 000,001,906 | ---- | M] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011.08.06 20:57:23 | 000,000,356 | ---- | M] () -- C:\Users\Martin\Desktop\123.reg
[2011.08.06 20:56:40 | 000,000,356 | ---- | M] () -- C:\Users\Martin\Desktop\zone.reg
[2011.08.06 20:24:54 | 000,000,685 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2011.08.04 13:21:12 | 000,001,332 | ---- | M] () -- C:\Users\Martin\Desktop\Play Pirates of Black Cove.lnk
[2011.08.04 12:40:28 | 000,000,620 | ---- | M] () -- C:\Users\Martin\Desktop\VTFEdit.lnk
[2011.08.03 09:03:36 | 000,000,650 | ---- | M] () -- C:\Users\Martin\Desktop\LIMBO.lnk
[2011.08.01 19:24:37 | 000,000,898 | ---- | M] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic II - The Sith Lords.lnk
[2011.07.28 21:29:29 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2011.07.27 14:28:02 | 000,081,920 | ---- | M] (Portions (c) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.07.27 11:07:29 | 000,002,220 | ---- | M] () -- C:\Users\Public\Desktop\Configure Kodu Game Lab.lnk
[2011.07.27 11:07:29 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\Kodu Game Lab.lnk
[2011.07.26 16:47:58 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.07.26 16:47:01 | 000,001,700 | ---- | M] () -- C:\Users\Martin\Desktop\Hrát hry (EasyBits GO).lnk
[2011.07.25 17:15:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.07.25 17:15:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.08.21 12:31:12 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.21 12:23:28 | 475,639,724 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.08.21 09:26:52 | 000,000,020 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\PKGMGRR.DLL
[2011.08.21 06:36:44 | 129,043,446 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.08.21 06:36:44 | 000,660,214 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavifw.avm
[2011.08.20 22:59:22 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011.08.20 22:01:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.08.20 22:01:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.08.20 22:01:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.08.20 22:01:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.08.20 22:01:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.08.20 21:39:27 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011.08.20 21:39:26 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011.08.20 21:39:26 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011.08.20 21:38:41 | 000,000,156 | ---- | C] () -- C:\Windows\info1
[2011.08.20 21:35:21 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011.08.18 18:36:53 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\S.T.A.L.K.E.R. - Shadow of Chernobyl.lnk
[2011.08.16 19:34:00 | 000,000,691 | ---- | C] () -- C:\Users\Martin\Desktop\Posel Smrti 3.lnk
[2011.08.16 18:29:25 | 000,001,188 | ---- | C] () -- C:\Users\Public\Desktop\Transformers(TM) - War for Cybertron(TM).lnk
[2011.08.16 09:53:34 | 000,001,449 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.08.16 09:48:37 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.08.15 19:48:00 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Universe.lnk
[2011.08.11 16:48:57 | 077,034,815 | ---- | C] () -- C:\Users\Martin\Desktop\MCGame_Complete_2011-08-11_16-19-24_Backup.mcgame
[2011.08.11 13:21:18 | 000,000,543 | ---- | C] () -- C:\Users\Martin\Desktop\Half Life Source.lnk
[2011.08.09 20:13:19 | 000,000,216 | ---- | C] () -- C:\Users\Martin\Desktop\sims 3.reg
[2011.08.09 20:12:05 | 000,000,816 | ---- | C] () -- C:\Users\Martin\Desktop\sims.reg
[2011.08.09 20:06:51 | 000,000,938 | ---- | C] () -- C:\Users\Public\Desktop\Sanctum.lnk
[2011.08.09 20:06:51 | 000,000,938 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sanctum.lnk
[2011.08.09 14:26:24 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Gears of War.lnk
[2011.08.09 13:51:06 | 000,064,432 | ---- | C] () -- C:\Users\Martin\Desktop\Záloha GOW ccleaner.reg
[2011.08.09 13:37:24 | 000,001,001 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.09 13:05:35 | 000,002,208 | ---- | C] () -- C:\Users\Martin\Desktop\Gow 2.reg
[2011.08.09 13:03:47 | 000,000,746 | ---- | C] () -- C:\Users\Martin\Desktop\GoW.reg
[2011.08.08 14:22:08 | 000,000,787 | ---- | C] () -- C:\Users\Public\Desktop\Black & White 2.lnk
[2011.08.07 20:39:34 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Puzzle Dimension.lnk
[2011.08.07 20:17:30 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\007 - The World Is Not Enough.lnk
[2011.08.07 18:46:05 | 072,495,023 | ---- | C] () -- C:\Users\Martin\Desktop\podcast_288.mp3
[2011.08.07 14:16:57 | 000,000,927 | ---- | C] () -- C:\Users\Public\Desktop\Brink.lnk
[2011.08.07 09:56:32 | 000,001,906 | ---- | C] () -- C:\Users\Public\Desktop\Sid Meier's Pirates!.lnk
[2011.08.06 20:57:23 | 000,000,356 | ---- | C] () -- C:\Users\Martin\Desktop\123.reg
[2011.08.06 20:56:40 | 000,000,356 | ---- | C] () -- C:\Users\Martin\Desktop\zone.reg
[2011.08.05 21:42:14 | 000,000,685 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2011.08.04 13:21:12 | 000,001,332 | ---- | C] () -- C:\Users\Martin\Desktop\Play Pirates of Black Cove.lnk
[2011.08.04 12:40:28 | 000,000,620 | ---- | C] () -- C:\Users\Martin\Desktop\VTFEdit.lnk
[2011.08.03 09:03:36 | 000,000,650 | ---- | C] () -- C:\Users\Martin\Desktop\LIMBO.lnk
[2011.08.01 19:24:37 | 000,000,898 | ---- | C] () -- C:\Users\Public\Desktop\Star Wars Knights of the Old Republic II - The Sith Lords.lnk
[2011.07.27 11:07:29 | 000,002,220 | ---- | C] () -- C:\Users\Public\Desktop\Configure Kodu Game Lab.lnk
[2011.07.27 11:07:29 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\Kodu Game Lab.lnk
[2011.07.26 16:47:58 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.07.26 16:47:01 | 000,001,730 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hrát hry (EasyBits GO).lnk
[2011.07.26 16:47:01 | 000,001,700 | ---- | C] () -- C:\Users\Martin\Desktop\Hrát hry (EasyBits GO).lnk
[2011.07.25 17:15:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.07.25 17:15:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.07.24 20:23:18 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.07.07 19:23:09 | 000,000,266 | ---- | C] () -- C:\Windows\level.ini
[2011.06.28 18:23:09 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.06.21 18:05:06 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011.06.06 15:49:45 | 000,143,360 | ---- | C] () -- C:\Windows\Vmix112.dll
[2011.06.06 15:49:44 | 000,557,056 | ---- | C] () -- C:\Windows\System32\Cmeau112.exe
[2011.06.06 15:49:44 | 000,000,123 | ---- | C] () -- C:\Windows\Cm112.ini.cfl
[2011.06.06 15:49:00 | 000,000,608 | ---- | C] () -- C:\Windows\Cm112.ini.imi
[2011.06.06 15:48:59 | 000,303,104 | ---- | C] () -- C:\Windows\System32\CmiInstallResAll.dll
[2011.06.06 15:48:59 | 000,002,049 | ---- | C] () -- C:\Windows\Cm112.ini.cfg
[2011.06.06 15:48:50 | 000,005,630 | ---- | C] () -- C:\Windows\cm112.ini
[2011.05.27 19:21:35 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.drv190904.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.drv120205.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.data001.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.data000.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.app190905.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | C] () -- C:\Users\Martin\AppData\Roaming\.addit001.dat
[2011.05.10 17:34:01 | 008,917,102 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\minecraft.jar
[2011.05.09 17:24:25 | 107,124,703 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\.minecraft.rar
[2011.05.09 16:27:09 | 000,405,746 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\.minecraft_server.rar
[2011.04.30 19:38:59 | 000,000,042 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\TheHunterSettings_live.cfg
[2011.04.29 09:46:58 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2011.02.20 14:17:49 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011.02.19 15:23:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011.02.19 15:23:38 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011.02.15 15:04:35 | 000,000,017 | ---- | C] () -- C:\Users\Martin\AppData\Local\resmon.resmoncfg
[2011.02.13 14:45:21 | 000,000,374 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.01.19 15:22:41 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010.12.28 12:31:01 | 000,048,778 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.12.23 20:26:57 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010.12.23 20:26:56 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010.12.21 19:02:35 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2010.12.05 19:24:03 | 000,000,510 | ---- | C] () -- C:\Windows\eReg.dat
[2010.11.25 15:04:42 | 000,028,672 | ---- | C] () -- C:\Windows\System32\nnr.dll
[2010.10.21 18:17:03 | 002,427,248 | ---- | C] () -- C:\Windows\System32\pbsvc_heroes.exe
[2010.10.10 13:02:34 | 000,003,328 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.nast
[2010.10.10 13:00:27 | 000,142,470 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.err
[2010.10.04 19:16:21 | 000,009,728 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.04 17:56:45 | 000,139,128 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.10.04 17:56:45 | 000,138,056 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2010.10.04 17:56:31 | 000,215,128 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2010.10.04 17:56:29 | 000,669,184 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2010.10.04 17:56:29 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2010.09.15 17:56:03 | 000,000,565 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\myMPQ.ini
[2010.08.24 15:26:46 | 000,179,195 | ---- | C] () -- C:\Windows\hpoins29.dat
[2010.08.24 15:26:46 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2010.07.16 07:28:32 | 000,018,432 | ---- | C] () -- C:\Windows\System32\drivers\gHidPnp.sys
[2010.07.16 07:28:31 | 000,009,216 | ---- | C] () -- C:\Windows\System32\drivers\gMouUsb16.sys
[2010.07.14 12:11:11 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.23 21:41:22 | 000,197,424 | ---- | C] () -- C:\Windows\System32\vpnapi.dll
[2009.07.14 10:44:22 | 000,669,402 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,141,034 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,406,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,654,796 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,121,668 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2007.10.25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

plutak · #6 Příspěvek od **plutak** » 21 srp 2011 11:52

========== LOP Check ==========

[2011.05.17 14:46:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.Cabri3D-2.1
[2011.08.14 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.05.09 16:26:18 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft_server
[2010.12.09 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Astroburn Lite
[2011.07.12 13:42:23 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Atari
[2011.08.21 09:26:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\AVG10
[2010.07.29 09:27:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Bioshock
[2011.06.03 15:58:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Bioshock2
[2011.08.09 14:02:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011.08.09 13:43:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Pro
[2011.04.03 08:34:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DarksporeData
[2011.06.23 16:16:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Day 1 Studios
[2011.05.17 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DisneyInteractiveStudios
[2010.07.15 07:57:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GHISLER
[2011.07.26 16:47:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\go
[2011.07.24 17:36:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Hi-Rez Studios
[2011.07.02 17:27:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Hothead Games
[2011.06.07 20:14:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ice-pick Lodge
[2010.10.31 16:54:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IObit
[2010.10.12 16:37:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2011.05.19 15:25:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Lionhead Studios
[2010.11.03 20:33:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MinecraftTools
[2011.02.19 17:20:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ML
[2010.12.06 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mount&Blade
[2011.05.06 18:58:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mount&Blade With Fire and Sword
[2010.11.01 21:15:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nokia
[2010.11.01 21:15:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nokia Ovi Suite
[2011.07.28 21:32:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Origin
[2010.11.01 20:57:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PC Suite
[2011.03.16 16:47:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PunkBuster
[2011.04.08 15:37:42 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\runic games
[2011.04.25 20:13:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Samsung
[2011.04.10 18:25:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2010.11.14 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sports Interactive
[2011.02.23 20:06:08 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\The Creative Assembly
[2011.07.30 21:31:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Tropico 3
[2011.08.10 11:49:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Tropico 4 Demo
[2011.07.01 16:52:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ubisoft
[2011.01.31 14:43:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Unity
[2010.11.07 11:01:48 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VitySoft
[2011.08.06 21:00:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2011.04.07 16:24:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Wroom
[2010.09.19 14:05:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\XRay Engine
[2011.08.20 23:00:44 | 000,000,000 | ---D | M] -- C:\Users\Sotola\AppData\Roaming\AVG10
[2010.07.13 15:43:20 | 000,000,000 | ---D | M] -- C:\Users\Sotola\AppData\Roaming\GHISLER
[2011.05.18 06:53:39 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\.Cabri3D-2.1
[2011.07.12 17:07:50 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Atari
[2011.08.21 08:47:54 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\AVG10
[2011.08.21 08:54:06 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\DAEMON Tools Lite
[2010.11.30 19:30:02 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\FDRLab
[2011.02.26 14:48:35 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\FreeAudioPack
[2011.02.26 14:49:36 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\FreeCDRipper
[2010.11.14 08:04:59 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\GHISLER
[2011.02.26 14:37:43 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Leawo
[2010.12.08 18:19:07 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Mount&Blade
[2011.02.26 14:37:45 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Moyea
[2010.12.20 20:42:44 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\PC Suite
[2011.07.11 08:41:02 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\PCPowerSpeed
[2011.02.20 14:17:59 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Samsung
[2011.04.02 17:29:05 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\SPORE
[2011.03.24 18:42:41 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\The Creative Assembly
[2011.08.05 13:39:38 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Tropico 3
[2011.07.01 17:59:54 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\Ubisoft
[2011.04.22 09:57:47 | 000,000,000 | ---D | M] -- C:\Users\Vojta\AppData\Roaming\VitySoft
[2011.07.02 07:09:54 | 000,032,560 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Google Update" = "C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2010.07.13 17:30:13 | 000,136,176 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"NVIDIA driver monitor" = C:\Users\Public\nvsvc32.exe
"EA Core" = "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
"" =
"XFMNMXYOK" = rundll32 "C:\Users\Martin\AppData\Roaming\PkgMgrr.dll",Okheh
"AutoStartNPSAgent" = C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
"RGSC" = D:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
"Steam" = "D:\spolecne\Steam\steam.exe" -silent -- [2011.08.02 10:29:39 | 001,242,448 | ---- | M] (Valve Corporation)
"Pando Media Booster" = C:\Program Files\Pando Networks\Media Booster\PMB.exe -- [2011.08.05 15:02:00 | 003,077,528 | ---- | M] ()

< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 14:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NTFS.SYS >
[2011.03.11 07:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 14:30:06 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 07:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 07:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2010.08.20 06:25:14 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=2FB4CE429488156B19C0D8E5C4552043 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.20785_none_d6ab9bc23bf9f1c6\spoolsv.exe
[2009.07.14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010.11.20 14:17:45 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe
[2010.08.21 07:32:37 | 000,316,928 | ---- | M] (Microsoft Corporation) MD5=D1BB750EB51694DE183E08B9C33BE5B2 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16661_none_d6339da722cfb4be\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2011.08.20 21:08:25 | 001,216,000 | -H-- | M] () MD5=2794E080E8A8FCC21284FDAF415CF43F -- C:\Windows\update.tray-7-0-lnk\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 08:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 08:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:15:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpzppw71.dll
[2009.07.14 03:15:26 | 000,090,624 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\HPZPPWN7.DLL
[2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 10:43:31 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 23:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.11.01 20:42:52 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
[2010.11.01 21:09:02 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.07.12 17:48:46 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.01 20:42:59 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.04.08 07:14:00 | 000,010,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvBridge.kmd

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.07.13 17:48:11 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.08.21 12:32:47 | 000,015,360 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.21 12:32:47 | 000,015,360 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 21:53:49 | 000,002,577 | ---- | M] () -- C:\Windows\system32\config.nt
[2011.08.21 11:51:29 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[2011.08.21 09:02:36 | 000,406,344 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2011.08.18 16:57:04 | 000,141,034 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.08.18 16:57:04 | 000,121,668 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.08.18 16:57:04 | 000,669,402 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.08.18 16:57:04 | 000,654,796 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.08.18 16:57:03 | 001,584,882 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[12 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[17 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[10 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.05.17 14:46:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.Cabri3D-2.1
[2011.08.14 18:27:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft
[2011.05.09 16:26:18 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\.minecraft_server
[2011.07.27 17:33:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Adobe
[2011.05.11 18:28:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Apple Computer
[2010.12.09 11:28:37 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Astroburn Lite
[2011.07.12 13:42:23 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Atari
[2011.08.21 09:26:59 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\AVG10
[2010.07.29 09:27:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Bioshock
[2011.06.03 15:58:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Bioshock2
[2011.08.09 14:02:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2011.08.09 13:43:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Pro
[2011.04.03 08:34:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DarksporeData
[2011.06.23 16:16:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Day 1 Studios
[2011.05.17 19:40:11 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DisneyInteractiveStudios
[2011.04.11 07:32:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DivX
[2010.07.15 07:57:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GHISLER
[2011.07.26 16:47:01 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\go
[2011.03.28 14:24:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Hamachi
[2011.07.24 17:36:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Hi-Rez Studios
[2011.07.02 17:27:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Hothead Games
[2010.08.24 15:41:09 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\HP
[2011.06.07 20:14:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ice-pick Lodge
[2010.07.12 18:44:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Identities
[2011.06.14 18:52:35 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield
[2011.07.09 14:04:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\InstallShield Installation Information
[2010.10.31 16:54:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\IObit
[2010.10.12 16:37:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Leadertech
[2011.05.19 15:25:51 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Lionhead Studios
[2010.07.13 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Macromedia
[2009.07.14 11:20:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Center Programs
[2011.08.16 17:19:00 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Media Player Classic
[2011.07.07 18:54:34 | 000,000,000 | --SD | M] -- C:\Users\Martin\AppData\Roaming\Microsoft
[2011.08.09 14:36:52 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Microsoft Games
[2010.11.03 20:33:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\MinecraftTools
[2011.02.19 17:20:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ML
[2010.12.06 11:34:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mount&Blade
[2011.05.06 18:58:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mount&Blade With Fire and Sword
[2011.08.05 18:04:04 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Mozilla
[2010.11.01 21:15:26 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nokia
[2010.11.01 21:15:27 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nokia Ovi Suite
[2011.05.04 21:26:22 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\NVIDIA
[2011.07.28 21:32:07 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Origin
[2010.11.01 20:57:06 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PC Suite
[2011.03.16 16:47:49 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PunkBuster
[2011.04.08 15:37:42 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\runic games
[2011.04.25 20:13:16 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Samsung
[2010.07.14 12:30:50 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SecuROM
[2011.08.15 21:41:02 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Skype
[2011.07.26 16:46:14 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\skypePM
[2011.04.10 18:25:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\SPORE
[2010.11.14 18:40:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Sports Interactive
[2011.01.05 17:56:20 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\teamspeak2
[2011.02.23 20:06:08 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\The Creative Assembly
[2011.07.30 21:31:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Tropico 3
[2011.08.10 11:49:30 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Tropico 4 Demo
[2011.07.01 16:52:10 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ubisoft
[2011.01.31 14:43:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Unity
[2010.11.07 11:01:48 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\VitySoft
[2011.08.06 21:00:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\wargaming.net
[2010.07.29 15:18:15 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\WinRAR
[2011.04.07 16:24:19 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Wroom
[2011.08.08 18:05:53 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Xfire
[2010.09.19 14:05:34 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\XRay Engine

< %APPDATA%\*.* >
[2011.05.22 20:02:18 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.addit001.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.app190905.dat
[2011.05.22 20:02:18 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.data000.dat
[2011.05.22 20:02:18 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.data001.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.drv120205.dat
[2011.05.17 14:46:56 | 000,000,008 | -HS- | M] () -- C:\Users\Martin\AppData\Roaming\.drv190904.dat
[2011.05.09 17:25:58 | 107,124,703 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\.minecraft.rar
[2011.05.09 16:27:10 | 000,405,746 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\.minecraft_server.rar
[2011.05.10 17:30:35 | 008,917,102 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\minecraft.jar
[2010.12.21 11:39:23 | 000,000,565 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\myMPQ.ini
[2011.08.21 09:26:52 | 000,000,020 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\PKGMGRR.DLL
[2011.07.06 12:48:40 | 000,138,056 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\PnkBstrK.sys
[2011.04.30 19:51:48 | 000,000,042 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\TheHunterSettings_live.cfg

< %APPDATA%\*.exe /s >
[2011.08.11 17:08:59 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Martin\AppData\Roaming\.minecraft\MinecraftSP.exe
[2011.07.09 14:02:01 | 000,331,776 | ---- | M] (Epic Games ) -- C:\Users\Martin\AppData\Roaming\InstallShield Installation Information\{6530FDAA-5B1F-4830-95BB-650E9804D239}\setup.exe
[2010.11.07 11:55:57 | 000,026,624 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{6910C412-A523-493C-BC22-0213CD7F4F3A}\Icon6910C412.exe
[2011.07.27 17:29:05 | 000,923,416 | R--- | M] (Microsoft Corporation) -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}\StartMenuIcon.exe
[2011.02.06 21:18:45 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe
[2010.12.31 17:20:51 | 000,090,112 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{870013DB-984D-42A8-9E63-8673D8B2775A}\ARPPRODUCTICON.exe
[2010.12.31 17:20:51 | 000,090,112 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{870013DB-984D-42A8-9E63-8673D8B2775A}\NewShortcut1_870013DB984D42A89E638673D8B2775A.exe
[2010.12.31 17:20:51 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{870013DB-984D-42A8-9E63-8673D8B2775A}\NewShortcut2_870013DB984D42A89E638673D8B2775A.exe
[2010.12.31 17:20:51 | 000,090,112 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{870013DB-984D-42A8-9E63-8673D8B2775A}\NewShortcut3_870013DB984D42A89E638673D8B2775A.exe
[2010.12.31 17:20:51 | 000,008,854 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{870013DB-984D-42A8-9E63-8673D8B2775A}\Uninstall_Stubbs_The_870013DB984D42A89E638673D8B2775A.exe
[2011.04.10 15:56:45 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2011.08.14 16:40:03 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}\ARPPRODUCTICON.exe
[2010.07.15 19:44:12 | 000,010,134 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.02.24 17:07:45 | 000,835,440 | R--- | M] () -- C:\Users\Martin\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2011.02.19 15:20:42 | 000,069,632 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Samsung\New PC Studio\DriverChecker.exe

< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-19 16:33:49

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *\0C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync\0C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< type c:\boot.ini >> test.txt /c >

< *crack* >

< *keygen* >

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:9B811920D2E6D20F

< End of report >

plutak · #7 Příspěvek od **plutak** » 21 srp 2011 11:53

A ještě zasílám extras.txt

OTL Extras logfile created on: 21.8.2011 12:28:06 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Martin\Desktop
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,25 Gb Total Physical Memory | 1,76 Gb Available Physical Memory | 54,18% Memory free
6,50 Gb Paging File | 5,03 Gb Available in Paging File | 77,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 394,98 Gb Free Space | 84,82% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 88,89 Gb Free Space | 9,54% Space Free | Partition Type: NTFS

Computer Name: PUK0000OA095 | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0624140D-534E-401E-9F15-E9CE24089CB5}" = NetObjects Fusion 10.0
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08B785C1-3893-4154-B53B-F5D341D0AAAA}" = Cisco Systems VPN Client 5.0.06.0110
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0AEB967F-1D12-43C8-A59C-D93DA8EE4A4E}" = Duty Calls
"{0B6A9773-F8F8-4D3F-BCF0-029D2B87DB8A}" = Deus Ex - Invisible War
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Kolekce The Sims™ 3 Zahradní mejdan
"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.5
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}" = Borderlands
"{20D9C678-A895-4F76-8AC2-22EDFF5F9C91}" = American McGee presents Scrapland
"{20EAC554-95F9-4926-8D9A-C4FF3EC44C72}" = AVG 2011
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
"{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Activision(R)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{30BA90A9-E6B4-4FFC-8BC5-B7F2E014F432}" = Hitman Blood Money
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3D294F77-AD11-45A5-B56B-E0D9C63C21FF}" = World of Subways Vol. 3
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44E1DE63-C8FA-4C70-B4AA-0C49A947ACDE}" = Sid Meier's Railroads!
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Po setmění
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{472ABCE2-5B2E-4D29-ABF4-94E1097558A6}" = Diplomacy
"{472C9FFA-422E-465E-8360-D1276B4A4BC0}" = Penumbra - Black Plague + Requiem
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B331F2F-FA89-451B-8A73-E79EE58A1382}_is1" = Cargo! version 1.0
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D090F70-6F08-4B60-9357-A1DFD4458F09}" = Microsoft Mathematics
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F64A46D-67F7-4497-AEA2-313D4305A5F6}" = Torchlight
"{5157A26D-28AF-4E96-99EE-25D510437653}_is1" = SpaceChem
"{518A54AE-002F-406F-BB48-620676AB9960}" = Anno 1404
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59C80C5E-8C92-40FF-B910-2BB5C7281F61}" = Europa Universalis III
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{611BD998-34B9-4DDA-00AE-0CB4632E86FA}" = SimCity 4
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{629F65FB-7F3C-4D66-A1C0-20722744B7B6}" = Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
"{6365F76B-1FBF-449A-9075-5A78B924DE17}" = Mass Effect
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64958DA4-79D3-43FD-AF06-720DAD044F9E}" = LEGO® Pirates of the Caribbean The Video Game
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{679F739E-5C76-4A41-B562-F9392156B6DD}" = System Requirements Lab CYRI
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6910C412-A523-493C-BC22-0213CD7F4F3A}" = Industry Giant 2 - Gold Edition
"{695B13B2-7919-4EC5-8601-092F0D2DE069}" = AVG 2011
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6CA1CD8C-2D65-491E-9467-00A3ACA4A0A9}" = Tropico 3
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{6DD1D809-EE6F-49EE-B3A4-D406C75AEC49}" = Kodu Game Lab
"{70073F81-7201-1F4B-8111-2686B8A60F85}" = Tomb Raider: Underworld
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 Luxusní bydlení – Kolekce
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}" = Microsoft Small Basic v1.0
"{7E18C9F0-1262-4AF6-AC3D-9CB1EBF54772}" = Day of Defeat: Source
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{870013DB-984D-42A8-9E63-8673D8B2775A}" = Stubbs The Zombie
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{894084B6-BC69-43B7-BF06-B93AECFEA520}" = GameSpy Comrade
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}" = THE SETTLERS - Dědictví králů
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_PROPLUS_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROPLUS_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon 3 Platinum
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Povolání snů
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A996B6A-846E-4A89-B9C4-17546B7BE49F}" = Burnout(TM) Paradise The Ultimate Box
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}" = Victoria 2
"{9C916142-C18C-429D-BFED-40094A7E0BEB}" = The Settlers 7 - Paths to a Kingdom
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Benátky
"{A248972D-94ED-43EB-9BEF-284C9921FE2B}" = Transport Giant GOLD
"{A2B4621B-CEB9-4E44-95FD-3500D4DB3727}" = ioCentre
"{A3B42EE5-AEDA-47C9-9A3D-066445362E1D}" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A837BCE6-BCB1-4A44-8807-A678EAF06933}" = ANNO 1404 Entwickler-Tools
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}" = Silent Hunter 5
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.5 - Czech
"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 Cestovní horečka
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{BD084D51-A2C5-487E-80D5-8B50261ACEE6}_is1" = Reign: Conflict of Nations (Remove Only)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE4BA698-8533-4F77-9559-C7F3F78C0B05}" = Assassin's Creed Brotherhood
"{BE82A297-272E-48E3-BD1F-E15E6597E5F5}_is1" = ConvertGenius 3.6
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3
"{C5334C85-F601-427C-85F7-CDD9FDC8C69F}" = StubbsPatchInstaller
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D3EC9E5A-27BA-4834-828E-5D7A77CDE964}" = Samsung PC Studio 3
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}" = Black & White® 2
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Hrátky osudu
"{EB0D5614-D858-4A66-BBAC-9F67E6C03C76}" = Wroom
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Kolekce The Sims™ 3 Na plný plyn
"{EE11CFFC-898C-4875-8A63-8B732A9AD43B}" = Aerosoft's - Aerosoft Launcher
"{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}" = Sid Meier's Railroads!
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{FB132F09-DCF1-46EA-AE92-F8B42AB7BAD4}" = Stunt GP
"{FC123EEA-330A-4685-911C-95B8F5E9DE68}" = Thief - Deadly Shadows
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"007: The World Is Not Enough (pSX 1.13 emulation)" = 007: The World Is Not Enough (pSX 1.13 emulation)
"1489-3350-5074-6281" = JDownloader 0.9
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Age of Conan_is1" = Age of Conan - Hyborian Adventures
"Amnesia_is1" = Amnesia
"ArtMoney SE_is1" = ArtMoney SE v7.33
"Astroburn Lite" = Astroburn Lite
"AVG" = AVG 2011
"Brink_is1" = Brink
"cabrilog_cabri3d_21x_is1" = Cabri 3D 2.1.2
"cabrilog_cabri3d_plugin_21x_is1" = Cabri 3D Plug-in 2.1.2
"CCleaner" = CCleaner
"Celtic kings" = Keltští králové
"CloneDVD2" = CloneDVD2
"C-Media CM112 Like Sound Driver" = Genius USB Audio
"conduitEngine" = Conduit Engine
"Crazy Machines 2 Complete_is1" = Crazy Machines 2 Complete
"CToolbar_UNINSTALL" = Crawler Toolbar
"DeathSpank: Thongs of Virtue_is1" = DeathSpank: Thongs of Virtue
"DivX Setup.divx.com" = DivX Setup
"'Duke Nukem HD'_is1" = 'Duke Nukem HD' (v.4.2.231)
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ESET Online Scanner" = ESET Online Scanner v3
"Evil Genius_is1" = Evil Genius
"Fallout New Vegas_is1" = Fallout New Vegas
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8
"Frozen Synapse_is1" = Frozen Synapse
"Game Booster_is1" = Game Booster
"GameParkClient_is1" = GamePark
"GameSpy Arcade" = GameSpy Arcade
"GFWL_{4D530FA3-9B89-4186-98B7-F51000000100}" = Age of Empires Online
"GSview 4.91beta" = GSview 4.91beta
"Half-Life Source" = Half-Life Source
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"InstallShield_{1170D24F-42B7-40CF-AA1B-6395CE562354}" = Gears of War
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}" = Transformers(TM) - War for Cybertron(TM)
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype(TM)
"InstallShield_{A3B42EE5-AEDA-47C9-9A3D-066445362E1D}" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006]
"JAR2EXE Converter_is1" = JAR2EXE Converter 1.0
"Jets'n'Guns" = Jets'n'Guns 1.0341
"LANGMaster Škola DNES_is1" = LANGMaster Škola DNES
"LogMeIn Hamachi" = LogMeIn Hamachi
"Lost Vikings 2 1995" = Lost Vikings 2 1995
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.3.9
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mount&Blade" = Mount&Blade
"Mount&Blade With Fire and Sword" = Mount&Blade With Fire and Sword
"NetDevil_LEGO_Universe_is1" = LEGO Universe
"Nokia Ovi Suite" = Nokia Ovi Suite
"NSS" = Norton Security Scan
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.0.4
"Origin" = Origin
"OVERGROWTH" = Overgrowth (remove only)
"PiratesOfBlackCove_is1" = Pirates of Black Cove
"Posel Smrti 2_is1" = Posel Smrti 2
"Posel Smrti 3_is1" = Posel Smrti 3
"Posel smrti_is1" = Posel smrti 1.2
"PROPLUS" = Microsoft Office Professional Plus 2007
"PunkBusterSvc" = PunkBuster Services
"Puzzle Dimension_is1" = Puzzle Dimension
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"Quincy" = Quincy
"S.T.A.L.K.E.R. - Shadow of Chernobyl_is1" = S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005]
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Sanctum (c) Coffee Stain Studios_is1" = Sanctum (c) Coffee Stain Studios version 1
"Shop for HP Supplies" = Shop for HP Supplies
"Sonic the Hedgehog (KEGA Fusion 3.64 emulation)" = Sonic the Hedgehog (KEGA Fusion 3.64 emulation)
"StarCraft II" = StarCraft II
"Steam App 10500" = Empire: Total War
"Steam App 215" = Source SDK Base 2006
"Steam App 300" = Day of Defeat: Source
"Steam App 36620" = Forsaken World
"Steam App 440" = Team Fortress 2
"Steam App 50130" = Mafia II
"Steam App 520" = Team Fortress 2 Beta
"Steam App 57750" = Tropico 4 - Demo
"Steam App 60" = Ricochet
"Steam App 620" = Portal 2
"Steam App 70140" = Hacker Evolution: Untold - Demo
"Steam App 80" = Counter-Strike: Condition Zero
"Steam App 99900" = Spiral Knights
"Super Mario Bros (VirtuaNES 0.97 emulation)" = Super Mario Bros (VirtuaNES 0.97 emulation)
"SystemRequirementsLab" = System Requirements Lab
"Test Drive Unlimited 2_is1" = Test Drive Unlimited 2
"The Sith Lords Restored Content Mod_is1" = TSLRCM 1.6
"theHunter" = theHunter (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"Turrican (KEGA Fusion 3.64 emulation)" = Turrican (KEGA Fusion 3.64 emulation)
"Uninstall_is1" = Uninstall 1.0.0.1
"Unlocker" = Unlocker 1.9.0
"VTFEdit_is1" = VTFEdit 1.2.5
"Výukový program deskriptivní geometrie_is1" = Výukový program deskriptivní geometrie 2.01
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver
"WinX Video Converter_is1" = WinX Video Converter 4.4.5
"World of Goo/EN-English_is1" = World of Goo
"X3Reunion_is1" = X3 Reunion v2.5
"Xfire" = Xfire (remove only)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Game Organizer" = EasyBits GO
"GeoGebra WebStart" = GeoGebra WebStart
"Google Chrome" = Google Chrome
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"UnityWebPlayer" = Unity Web Player
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#8 Příspěvek od **Caroprd111** » 21 srp 2011 12:10

Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O4 - HKLM..\Run: [Cm112Sound] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [AutoStartNPSAgent] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [RGSC] File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = File not found
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
SafeBootMin: wxpdrivers - Service
SafeBootMin: PEVSystemStart - File not found
SafeBootNet: PEVSystemStart - File not found
SafeBootNet: wxpdrivers - Service
[2011.08.20 21:41:37 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.08.20 21:39:40 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.08.20 21:38:41 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011.08.20 21:23:13 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.08.20 21:21:06 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.08.20 21:43:20 | 000,000,156 | ---- | M] () -- C:\Windows\info1
[2011.08.20 21:39:26 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.08.20 21:39:26 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.08.20 21:35:21 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
@Alternate Data Stream - 24 bytes -> C:\Windows:9B811920D2E6D20F

:Files
C:\Users\Public\nvsvc32.exe

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA driver monitor" =-
""=-

plutak · #9 Příspěvek od **plutak** » 21 srp 2011 13:02

Nějak to nejde. Sekne se to na SafeBootmin: pevsystem start file not found. (ještě jsem to nerestartoval/ nevypínal). Tak newim jestli počkat nebo to vypnout (už je to ztuhlé cca 50 min)

#10 Příspěvek od **Caroprd111** » 21 srp 2011 14:54

V tom případě restartujte PC a zkuste skript spustit znovu.

plutak · #11 Příspěvek od **plutak** » 21 srp 2011 15:33

Třikrát jsem to zkoušel a stále se to sekne na tom programě safebootmin .... Tak nevim co stím je.

#12 Příspěvek od **Caroprd111** » 21 srp 2011 16:42

Zkuste skript:

Kód: Vybrat vše

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

:OTL
SRV - File not found [Auto | Stopped] -- -- (PEVSystemStart)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
O4 - HKLM..\Run: [Cm112Sound] File not found
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [tray_ico] File not found
O4 - HKLM..\Run: [tray_ico1] File not found
O4 - HKLM..\Run: [tray_ico2] File not found
O4 - HKLM..\Run: [tray_ico3] File not found
O4 - HKLM..\Run: [tray_ico4] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [AutoStartNPSAgent] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [EA Core] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [NVIDIA driver monitor] File not found
O4 - HKU\S-1-5-21-15326732-892770985-4257938096-1001..\Run: [RGSC] File not found
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk = File not found
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-15326732-892770985-4257938096-1001\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
SafeBootMin: wxpdrivers - Service
SafeBootNet: wxpdrivers - Service
[2011.08.20 21:41:37 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011.08.20 21:39:40 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011.08.20 21:38:41 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
[2011.08.20 21:23:13 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011.08.20 21:21:06 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
[2011.08.20 21:19:29 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
[2011.08.20 21:43:20 | 000,000,156 | ---- | M] () -- C:\Windows\info1
[2011.08.20 21:39:26 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011.08.20 21:39:26 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011.08.20 21:35:21 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
@Alternate Data Stream - 24 bytes -> C:\Windows:9B811920D2E6D20F

:Files
C:\Users\Public\nvsvc32.exe

:Reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA driver monitor" =-
""=-

plutak · #13 Příspěvek od **plutak** » 21 srp 2011 16:51

Ok zkusím ten skript. Chtěl bych dodat, že po restartu se mi tohle zobrazilo ve formátu .txt :
Files\Folders moved on Reboot...
File\Folder C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk not found!

Registry entries deleted on Reboot...

to se mi zobrazilo po použití toho staršího scriptu.

plutak · #14 Příspěvek od **plutak** » 21 srp 2011 16:55

All processes killed
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martin
->Temp folder emptied: 8280 bytes
->Temporary Internet Files folder emptied: 63431 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 7508870 bytes
->Flash cache emptied: 343 bytes

User: Mcx1-PUK0000OA095
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Pavla
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Sotola
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Vojta
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1934 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Martin
->Flash cache emptied: 0 bytes

User: Mcx1-PUK0000OA095

User: Pavla
->Flash cache emptied: 0 bytes

User: Public

User: Sotola
->Flash cache emptied: 0 bytes

User: UpdatusUser

User: Vojta
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== OTL ==========
Error: No service named PEVSystemStart was found to stop!
Service\Driver key PEVSystemStart not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cm112Sound not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 not found.
Registry value HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AutoStartNPSAgent not found.
Registry value HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core not found.
Registry value HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor not found.
Registry value HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\Software\Microsoft\Windows\CurrentVersion\Run\\RGSC not found.
File move failed. C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk scheduled to be moved on reboot.
Registry key HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-21-15326732-892770985-4257938096-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers\ not found.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers\ deleted successfully.
C:\Windows\update.5.0 folder moved successfully.
C:\Windows\update.2 folder moved successfully.
C:\Windows\update.7.1 folder moved successfully.
C:\Windows\av_ico folder moved successfully.
C:\Windows\update.1 folder moved successfully.
C:\Windows\update.tray-7-0-lnk folder moved successfully.
C:\Windows\update.tray-7-0 folder moved successfully.
C:\Windows\info1 moved successfully.
C:\Windows\geoiplist.rar moved successfully.
C:\Windows\unrar.exe moved successfully.
C:\Windows\loader2.exe_ok moved successfully.
ADS C:\Windows:9B811920D2E6D20F deleted successfully.
========== FILES ==========
File\Folder C:\Users\Public\nvsvc32.exe not found.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\NVIDIA driver monitor not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.

OTL by OldTimer - Version 3.2.26.5 log created on 08212011_175119

Files\Folders moved on Reboot...
File\Folder C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk not found!

Registry entries deleted on Reboot...

#15 Příspěvek od **Caroprd111** » 21 srp 2011 16:57

Jak se chová PC?

VIRY.CZ

FB flash player vir

FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir

Re: FB flash player vir