Naletěl jsem na FB vir!

[Pug]

Nechal bych udělat raději tu delší

[Caroprd111]

Ok

Stáhněte OTL http://oldtimer.geekstogo.com/OTL.exe na plochu

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 safebootminimal
safebootnetwork 
netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
/md5start
scecli.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
atapi.sys
cdrom.sys 
ndis.sys
ntfs.sys
tcpip.sys
%SystemDrive%\PhysicalMBR.bin
/md5stop
C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X 
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav 
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c
type c:\boot.ini >> test.txt /c
*crack*
*keygen*

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[Pug]

OTL logfile created on: 20.8.2011 13:32:50 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Stana\Downloads
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,57% Memory free
4,00 Gb Paging File | 2,40 Gb Available in Paging File | 60,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 39,97 Gb Free Space | 26,84% Space Free | Partition Type: NTFS
Drive D: | 4,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,73 Gb Total Space | 1,88 Gb Free Space | 50,41% Space Free | Partition Type: FAT32

Computer Name: STANA-PC | User Name: Stana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.08.20 13:31:34 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Stana\Downloads\OTL.exe
PRC - [2011.07.06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.07.02 16:38:59 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011.06.09 19:57:25 | 000,400,760 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\BitTorrent.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2011.05.25 08:09:08 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.05.25 08:09:07 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.05.25 08:09:06 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.04.10 17:29:14 | 001,646,936 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
PRC - [2011.03.18 17:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2010.11.20 04:17:48 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.06.07 21:12:12 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010.06.07 21:12:08 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.07.17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe


========== Modules (No Company Name) ==========

MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\ppgooglenaclpluginchrome.dll
MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011.08.06 02:29:30 | 006,338,720 | ---- | M] () -- C:\Users\Stana\AppData\Local\Google\Chrome\Application\13.0.782.112\gcswf32.dll
MOD - [2011.06.23 20:05:30 | 000,970,752 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.06.18 11:23:45 | 006,271,136 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.04.10 17:28:46 | 000,047,960 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll
MOD - [2009.09.15 18:20:52 | 000,177,152 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madbasic_.bpl
MOD - [2009.09.15 18:20:52 | 000,044,544 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\maddisAsm_.bpl
MOD - [2009.09.15 18:20:46 | 000,345,088 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 2\madexcept_.bpl


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (AntiVirSchedulerService)
SRV - File not found [Auto | Stopped] -- -- (AntiVirService)
SRV - [2011.08.02 18:56:02 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.09 22:47:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.05.25 17:29:48 | 001,336,712 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.25 08:09:06 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.18 17:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.07.17 15:32:00 | 003,576,320 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.27 21:27:18 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.06.20 21:39:49 | 000,218,688 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.05.25 08:09:05 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.02.23 16:50:44 | 000,016,184 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV - [2010.12.21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.12.21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 13:47:38 | 000,095,384 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.11.20 04:30:16 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 04:30:16 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 04:30:16 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 02:24:42 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 01:14:46 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 01:14:42 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.02 16:10:08 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.08.02 16:10:08 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.14 00:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - Reg Error: Key error. File not found


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2450630174-3625044855-554241015-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=101916
IE - HKU\S-1-5-21-2450630174-3625044855-554241015-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Stana\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Stana\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)



O1 HOSTS File: ([2011.08.19 22:17:11 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000..\Run: [BitTorrent] C:\Program Files\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2450630174-3625044855-554241015-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2450630174-3625044855-554241015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2450630174-3625044855-554241015-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.20
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.07.14 11:26:40 | 000,000,043 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2011.08.19 22:21:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.08.19 22:17:19 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011.08.19 22:15:18 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Local\temp
[2011.08.19 20:02:10 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\Malwarebytes
[2011.08.19 20:02:03 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.08.19 20:02:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.08.19 20:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.08.19 20:01:59 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.08.19 20:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.08.19 19:09:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.08.19 19:09:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.08.19 19:09:53 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.08.19 19:09:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.08.19 19:09:36 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.08.19 18:11:32 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.08.19 18:11:31 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.08.19 18:11:31 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.08.18 18:21:40 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\.minecraft
[2011.08.18 18:20:57 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinecraftAlpha
[2011.08.14 22:09:37 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\PDB reader
[2011.08.10 06:53:49 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.08.10 06:53:48 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.08.10 06:53:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.08.10 06:53:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.08.10 06:53:28 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.08.10 06:53:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.08.10 06:53:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.08.10 06:53:24 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.08.10 06:53:24 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.08.10 06:53:24 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.08.10 06:53:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.10 06:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.10 06:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.08.10 06:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.08.10 06:53:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.08.10 06:53:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.10 06:53:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.08.10 06:53:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.10 06:53:23 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.08.10 06:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.10 06:53:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.10 06:53:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.08.10 06:53:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.08.10 06:53:21 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2011.08.10 06:53:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2011.08.10 06:53:21 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2011.08.10 06:53:21 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2011.08.10 06:53:21 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2011.08.09 20:27:23 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica Beatcraft
[2011.08.09 20:27:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acoustica Beatcraft
[2011.08.09 20:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Shared Effects
[2011.08.09 20:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Acoustica Beatcraft
[2011.08.09 20:19:36 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HammerHead Rhythm Station
[2011.08.09 20:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HammerHead Rhythm Station
[2011.08.09 20:19:34 | 000,000,000 | ---D | C] -- C:\Program Files\HammerHead
[2011.08.09 19:31:37 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\world
[2011.08.04 21:49:20 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.07.31 15:32:45 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\Documents\Amnesia
[2011.07.31 15:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
[2011.07.30 16:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic III
[2011.07.30 16:51:15 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\InstallShield
[2011.07.29 22:45:26 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\Documents\Minecraft
[2011.07.25 19:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Prelauncher
[2011.07.25 19:42:17 | 000,000,000 | ---D | C] -- C:\Program Files\Game Prelauncher
[2011.07.25 19:23:18 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\Documents\gothic3
[2011.07.25 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Stana\AppData\Roaming\NVIDIA
[2011.07.25 17:40:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.07.25 17:40:46 | 000,000,000 | ---D | C] -- C:\Users\Stana\Desktop\Documents\ArcaniA - Gothic 4 Demo
[2011.07.25 17:39:31 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.07.25 17:39:31 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.07.25 17:39:31 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.07.25 17:39:31 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.07.25 17:39:31 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.07.25 17:39:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.07.25 17:39:30 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.07.25 17:39:30 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011.07.25 17:39:30 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.07.25 17:39:30 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011.07.25 17:39:30 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011.07.25 17:39:30 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.07.25 17:39:29 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2011.07.25 17:39:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2011.07.25 17:39:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2011.07.25 17:39:28 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011.07.25 17:39:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011.07.25 17:39:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011.07.25 17:39:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011.07.25 17:39:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2011.07.25 17:39:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011.07.25 17:39:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011.07.25 17:39:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011.07.25 17:39:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011.07.25 17:39:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011.07.25 17:39:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011.07.25 17:39:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011.07.25 17:39:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011.07.25 17:39:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011.07.25 17:39:25 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2011.07.25 17:39:25 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011.07.25 17:39:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2011.07.25 17:39:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011.07.25 17:39:25 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011.07.25 17:39:25 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011.07.25 17:39:24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011.07.25 17:39:24 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011.07.25 17:39:24 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011.07.25 17:39:24 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011.07.25 17:39:23 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011.07.25 17:39:23 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011.07.25 17:39:23 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011.07.25 17:39:23 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011.07.25 17:39:22 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011.07.25 17:39:22 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011.07.25 17:39:22 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011.07.25 17:39:21 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011.07.25 17:39:21 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011.07.25 17:39:21 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011.07.25 17:39:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011.07.25 17:39:20 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011.07.25 17:39:20 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011.07.25 17:39:20 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011.07.25 17:39:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011.07.25 17:39:19 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011.07.25 17:39:18 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011.07.25 17:39:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011.07.25 17:39:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011.07.25 17:39:16 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2011.07.25 17:39:16 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011.07.25 17:39:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011.07.25 17:39:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011.07.25 17:39:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011.07.25 17:39:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011.07.25 17:39:13 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011.07.25 17:39:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011.07.25 17:39:11 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011.07.25 17:39:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011.07.25 17:39:10 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011.07.25 17:39:10 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011.07.25 17:39:10 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011.07.25 17:39:10 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011.07.25 17:39:09 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011.07.25 17:39:09 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011.07.25 17:39:08 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011.07.25 17:39:08 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011.07.25 17:39:08 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011.07.25 17:39:01 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011.07.25 17:39:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011.07.25 17:39:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011.07.25 17:39:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011.07.25 17:39:00 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2011.07.25 17:38:59 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011.07.25 17:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard

========== Files - Modified Within 30 Days ==========

[2011.08.20 13:35:25 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2011.08.20 13:32:01 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000UA.job
[2011.08.20 12:43:57 | 000,018,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 12:43:57 | 000,018,848 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 12:36:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.20 12:36:23 | 1609,375,744 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.19 22:17:11 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.08.19 21:51:43 | 000,631,054 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.08.19 21:51:43 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.08.19 21:51:43 | 000,121,708 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.08.19 21:51:43 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.08.19 21:03:44 | 000,026,373 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.08.19 21:03:44 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.08.19 21:00:31 | 000,005,932 | ---- | M] () -- C:\Users\Stana\Desktop\Windows Compatibility Report.htm
[2011.08.19 20:02:03 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.17 18:54:12 | 001,691,118 | ---- | M] () -- C:\Users\Stana\Desktop\Jack Kerouac.rar
[2011.08.12 20:40:26 | 000,844,721 | ---- | M] () -- C:\Users\Stana\Desktop\Dream Walking.mp3
[2011.08.12 16:07:11 | 040,108,421 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\Minecraft.zip
[2011.08.11 22:44:03 | 000,223,211 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\DSC01206.JPG
[2011.08.11 22:44:03 | 000,184,814 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\DSC01208.JPG
[2011.08.11 22:39:45 | 000,092,355 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\DSC00046.JPG
[2011.08.09 19:04:52 | 000,015,266 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\[CzT]500_dni_se_Summer_500_Days_of_Summer_2009_.torrent
[2011.08.07 22:18:53 | 001,291,101 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\TapeDeck 1 Aug 07 22-10-53.mp3
[2011.08.07 11:32:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000Core.job
[2011.08.04 21:49:20 | 000,000,213 | ---- | M] () -- C:\Users\Stana\Desktop\Team Fortress 2.url
[2011.07.31 19:01:45 | 039,013,052 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\Penumbra-Black-Plague.rar
[2011.07.31 15:30:59 | 000,001,844 | ---- | M] () -- C:\Users\Stana\Desktop\Amnesia.lnk
[2011.07.30 17:04:04 | 000,001,562 | ---- | M] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2011.07.25 16:39:08 | 000,028,361 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\Bob+Dylan-Dont+Look+Back+%281965%29.avi.torrent
[2011.07.23 15:28:51 | 001,964,016 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\sero.mp3
[2011.07.23 15:25:50 | 001,975,301 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\lamop.mp3
[2011.07.23 15:20:45 | 001,241,364 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\ges.mp3
[2011.07.23 15:09:01 | 002,654,902 | ---- | M] () -- C:\Users\Stana\Desktop\Documents\Deleted.mp3
[2011.07.22 19:59:01 | 000,000,565 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\myMPQ.ini
[2011.07.22 06:54:18 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

========== Files Created - No Company Name ==========

[2011.08.20 13:35:25 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2011.08.19 21:00:31 | 000,005,932 | ---- | C] () -- C:\Users\Stana\Desktop\Windows Compatibility Report.htm
[2011.08.19 20:57:28 | 000,026,373 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.08.19 20:57:28 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.08.19 20:02:03 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.08.19 19:09:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.08.19 19:09:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.08.19 19:09:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.08.19 19:09:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.08.19 19:09:53 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.08.17 18:55:24 | 000,451,532 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Na ceste.pdb
[2011.08.17 18:54:45 | 000,382,315 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Na ceste.pdb.ZIP
[2011.08.17 18:54:45 | 000,179,976 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Maggie Cassidy.pdb.ZIP
[2011.08.17 18:54:45 | 000,143,960 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Podzemnici.pdb.ZIP
[2011.08.17 18:54:45 | 000,071,417 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Satori v Parizi.pdb.ZIP
[2011.08.17 18:54:44 | 000,455,760 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Andele pustiny.pdb.ZIP
[2011.08.17 18:54:44 | 000,256,062 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Dharmovi tulaci.pdb.ZIP
[2011.08.17 18:54:44 | 000,201,126 | ---- | C] () -- C:\Users\Stana\Desktop\Kerouac, Jack - Big Sur.pdb.ZIP
[2011.08.17 18:53:58 | 001,691,118 | ---- | C] () -- C:\Users\Stana\Desktop\Jack Kerouac.rar
[2011.08.12 20:39:41 | 000,844,721 | ---- | C] () -- C:\Users\Stana\Desktop\Dream Walking.mp3
[2011.08.12 16:07:07 | 040,108,421 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\Minecraft.zip
[2011.08.11 22:43:34 | 000,184,814 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\DSC01208.JPG
[2011.08.11 22:43:31 | 000,223,211 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\DSC01206.JPG
[2011.08.11 22:39:08 | 000,092,355 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\DSC00046.JPG
[2011.08.09 19:04:49 | 000,015,266 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\[CzT]500_dni_se_Summer_500_Days_of_Summer_2009_.torrent
[2011.08.07 22:18:20 | 001,291,101 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\TapeDeck 1 Aug 07 22-10-53.mp3
[2011.08.04 21:49:20 | 000,000,213 | ---- | C] () -- C:\Users\Stana\Desktop\Team Fortress 2.url
[2011.07.31 18:42:25 | 039,013,052 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\Penumbra-Black-Plague.rar
[2011.07.31 15:30:59 | 000,001,844 | ---- | C] () -- C:\Users\Stana\Desktop\Amnesia.lnk
[2011.07.30 17:04:04 | 000,001,562 | ---- | C] () -- C:\Users\Public\Desktop\Gothic III.lnk
[2011.07.25 16:39:08 | 000,028,361 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\Bob+Dylan-Dont+Look+Back+%281965%29.avi.torrent
[2011.07.23 15:27:53 | 001,964,016 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\sero.mp3
[2011.07.23 15:24:50 | 001,975,301 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\lamop.mp3
[2011.07.23 15:20:00 | 001,241,364 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\ges.mp3
[2011.07.23 15:07:39 | 002,654,902 | ---- | C] () -- C:\Users\Stana\Desktop\Documents\Deleted.mp3
[2011.07.14 19:37:19 | 000,006,842 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMIUtils.class
[2011.07.14 19:37:19 | 000,005,673 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMIConfig.class
[2011.07.14 19:37:19 | 000,005,438 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\id.class
[2011.07.14 19:37:19 | 000,004,464 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMIController.class
[2011.07.14 19:37:19 | 000,003,974 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMIView.class
[2011.07.14 19:37:19 | 000,002,876 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMICompatibility.class
[2011.07.14 19:37:19 | 000,002,852 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgCanvas.class
[2011.07.14 19:37:19 | 000,002,262 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgItemPanel.class
[2011.07.14 19:37:19 | 000,001,093 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgButton.class
[2011.07.14 19:37:19 | 000,001,059 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgWidget.class
[2011.07.14 19:37:19 | 000,000,813 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\mod_TooManyItems.class
[2011.07.14 19:37:19 | 000,000,564 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgZOrder.class
[2011.07.14 19:37:19 | 000,000,371 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\TMIStateButtonData.class
[2011.07.14 19:37:19 | 000,000,169 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgButtonHandler.class
[2011.07.14 19:37:19 | 000,000,150 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgItemHandler.class
[2011.07.08 19:12:11 | 000,029,008 | ---- | C] () -- C:\Windows\System32\SmartDefragBootTime.exe
[2011.07.08 19:12:11 | 000,016,184 | ---- | C] () -- C:\Windows\System32\drivers\SmartDefragDriver.sys
[2011.06.25 16:17:58 | 000,000,565 | ---- | C] () -- C:\Users\Stana\AppData\Roaming\myMPQ.ini
[2011.06.25 11:47:02 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2011.06.09 06:17:44 | 000,631,054 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2011.06.09 06:17:44 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2011.06.09 06:17:44 | 000,121,708 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2011.06.09 06:17:44 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2011.06.08 21:26:54 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,289,992 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,615,810 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,106,190 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011.08.18 18:22:08 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\.minecraft
[2011.08.20 13:37:18 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\BitTorrent
[2011.06.20 21:40:36 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\DAEMON Tools Lite
[2011.06.27 22:19:49 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\DeepBurner
[2011.07.08 19:12:12 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\IObit
[2011.06.24 21:14:23 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\OpenOffice.org
[2011.06.09 18:17:53 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Opera
[2011.07.16 17:02:50 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\TeamViewer
[2011.06.27 18:27:33 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Zoner
[2011.07.22 22:37:40 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BitTorrent" = "C:\Program Files\BitTorrent\BitTorrent.exe" -- [2011.06.09 19:57:25 | 000,400,760 | ---- | M] (BitTorrent, Inc.)
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 04:17:42 | 001,174,016 | ---- | M] (Microsoft Corporation)
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd)
"AlcoholAutomount" = "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount -- [2009.11.15 11:42:00 | 000,033,120 | ---- | M] (Alcohol Soft Development Team)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.06.15 15:02:58 | 015,141,768 | R--- | M] (Skype Technologies S.A.)


< MD5 for: ATAPI.SYS >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\ERDNT\cache\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 04:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 00:38:12 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CSRSS.EXE >
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\System32\csrss.exe
[2009.07.14 03:14:16 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=342271F6142E7C70805B8A81E1BA5F5C -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.1.7600.16385_none_58ba39fb456943bd\csrss.exe

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 04:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

< MD5 for: LSASS.EXE >
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\ERDNT\cache\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 03:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\ERDNT\cache\ndis.sys
[2010.11.20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 04:30:08 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NTFS.SYS >
[2011.03.11 07:44:01 | 001,210,240 | ---- | M] (Microsoft Corporation) MD5=187002CE05693C306F43C873F821381F -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16778_none_a65558427e3453b4\ntfs.sys
[2010.11.20 04:30:08 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=33C3093D09017CFE2E219F2472BFF6EB -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_a87893a87b2db29e\ntfs.sys
[2009.07.14 03:20:44 | 001,210,432 | ---- | M] (Microsoft Corporation) MD5=3795DCD21F740EE799FB7223234215AF -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.16385_none_a6477fe07e3f2f04\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\ERDNT\cache\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\System32\drivers\ntfs.sys
[2011.03.11 07:39:00 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=81189C3D7763838E55C397759D49007A -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_a83ab4fe7b5ba649\ntfs.sys
[2011.03.11 07:52:25 | 001,210,752 | ---- | M] (Microsoft Corporation) MD5=A7266D82DB9675AFBDED39695B69EDAC -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7600.20921_none_a70e0489972fb38f\ntfs.sys
[2011.03.11 07:28:10 | 001,211,264 | ---- | M] (Microsoft Corporation) MD5=E2EDE3F02F95B896A1C7C6F0CC0C4083 -- C:\Windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_a8b27fd79487b0a3\ntfs.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 04:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\ERDNT\cache\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\System32\services.exe
[2009.07.14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe

< MD5 for: SMSS.EXE >
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 03:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SPOOLSV.EXE >
[2009.07.14 03:14:41 | 000,316,416 | ---- | M] (Microsoft Corporation) MD5=49B6DD6AB3715B7A67965F17194E98A9 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7600.16385_none_d621f94522dc5a87\spoolsv.exe
[2010.11.20 04:17:46 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\ERDNT\cache\spoolsv.exe
[2010.11.20 04:17:46 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\System32\spoolsv.exe
[2010.11.20 04:17:46 | 000,317,440 | ---- | M] (Microsoft Corporation) MD5=866A43013535DC8587C258E43579C764 -- C:\Windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_d8530d0d1fcade21\spoolsv.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 06:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\ERDNT\cache\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\System32\drivers\tcpip.sys
[2011.06.21 07:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.04.25 06:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 04:30:14 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.04.25 08:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 06:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 07:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2011.06.21 07:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 08:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 04:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010.11.20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 04:17:56 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< C:\windows\system32\spool\prtprocs|dll;true;true;true /FP >
[2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2010.11.20 04:21:38 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
[2009.07.14 04:43:38 | 000,003,584 | ---- | M] (Lexmark International Inc.) -- C:\Windows\System32\spool\prtprocs\w32x86\cs-CZ\LXKPTPRC.DLL.mui

< %systemroot%\system32\drivers\*.sys /5 >

< %systemroot%\system32\drivers\*.sys /X >
[2009.06.10 23:14:29 | 003,440,660 | ---- | M] () -- C:\Windows\system32\drivers\gm.dls
[2009.06.10 23:14:29 | 000,000,646 | ---- | M] () -- C:\Windows\system32\drivers\gmreadme.txt
[2009.06.10 23:27:38 | 000,000,003 | ---- | M] () -- C:\Windows\system32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2011.06.12 19:24:52 | 000,000,000 | -H-- | M] () -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.25 08:09:04 | 000,012,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvBridge.kmd

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011.06.27 21:27:18 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\drivers\sptd.sys

< %systemroot%\system32\*.* /5 >
[2011.08.20 12:43:57 | 000,018,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.20 12:43:57 | 000,018,848 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.19 21:51:43 | 000,121,708 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.08.19 21:51:43 | 000,106,190 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.08.19 21:51:43 | 000,631,054 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.08.19 21:51:43 | 000,615,810 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.08.19 21:51:43 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\config\*.sav >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp files -> C:\Windows\SoftwareDistribution\Download\2c5f142d97790997d9b113eb9ad8f966\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73359e52f84f08cc68c71cf422b798bb\*.tmp -> ]

< %systemroot%\*. /mp /s >

< %ALLUSERSPROFILE%\Data Aplikací\*.* >

< %ALLUSERSPROFILE%\Data Aplikací\*.exe /s >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.* >

< %ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s >

< %APPDATA%\*. >
[2011.08.18 18:22:08 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\.minecraft
[2011.06.25 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Adobe
[2011.08.20 13:50:28 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\BitTorrent
[2011.06.20 21:40:36 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\DAEMON Tools Lite
[2011.06.27 22:19:49 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\DeepBurner
[2011.06.08 20:48:25 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Identities
[2011.07.30 16:51:15 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\InstallShield
[2011.07.08 19:12:12 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\IObit
[2011.06.09 16:20:54 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Macromedia
[2011.08.19 20:02:10 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Malwarebytes
[2009.07.14 09:49:10 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Media Center Programs
[2011.06.25 14:49:40 | 000,000,000 | --SD | M] -- C:\Users\Stana\AppData\Roaming\Microsoft
[2011.06.27 22:06:04 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Nero
[2011.07.25 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\NVIDIA
[2011.06.24 21:14:23 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\OpenOffice.org
[2011.06.09 18:17:53 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Opera
[2011.08.20 13:49:47 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Skype
[2011.07.05 18:00:02 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\skypePM
[2011.07.16 17:02:50 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\TeamViewer
[2011.07.14 19:35:39 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\WinRAR
[2011.06.27 18:27:33 | 000,000,000 | ---D | M] -- C:\Users\Stana\AppData\Roaming\Zoner

< %APPDATA%\*.* >
[2011.07.01 10:45:28 | 000,005,438 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\id.class
[2011.07.01 10:45:28 | 000,000,813 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\mod_TooManyItems.class
[2011.07.22 19:59:01 | 000,000,565 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\myMPQ.ini
[2011.07.01 10:45:28 | 000,002,876 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMICompatibility.class
[2011.07.01 10:45:28 | 000,005,673 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMIConfig.class
[2011.07.01 10:45:28 | 000,004,464 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMIController.class
[2011.07.01 10:45:28 | 000,000,371 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMIStateButtonData.class
[2011.07.01 10:45:28 | 000,006,842 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMIUtils.class
[2011.07.01 10:45:28 | 000,003,974 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\TMIView.class
[2011.07.01 10:45:28 | 000,001,093 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgButton.class
[2011.07.01 10:45:28 | 000,000,169 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgButtonHandler.class
[2011.07.01 10:45:28 | 000,002,852 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgCanvas.class
[2011.07.01 10:45:28 | 000,000,150 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgItemHandler.class
[2011.07.01 10:45:28 | 000,002,262 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgItemPanel.class
[2011.07.01 10:45:28 | 000,001,059 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgWidget.class
[2011.07.01 10:45:28 | 000,000,564 | ---- | M] () -- C:\Users\Stana\AppData\Roaming\_tmi_MgZOrder.class

< %APPDATA%\*.exe /s >

< %SYSTEMDRIVE%\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-19 19:15:43

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER
BOOTEXECUTE REG_MULTI_SZ autocheck autochk *

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c >

< type c:\boot.ini >> test.txt /c >

< *crack* >

< *keygen* >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

[Pug]

OTL Extras logfile created on: 20.8.2011 13:32:50 - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Stana\Downloads
An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,85 Gb Available Physical Memory | 42,57% Memory free
4,00 Gb Paging File | 2,40 Gb Available in Paging File | 60,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148,95 Gb Total Space | 39,97 Gb Free Space | 26,84% Space Free | Partition Type: NTFS
Drive D: | 4,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,73 Gb Total Space | 1,88 Gb Free Space | 50,41% Space Free | Partition Type: FAT32

Computer Name: STANA-PC | User Name: Stana | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 1
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Windows\update.tray-2-0-lnk\svchost.exe" = C:\Windows\update.tray-2-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0-lnk\svchost.exe
"C:\Windows\update.1\svchost.exe" = C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe
"C:\Windows\update.2\svchost.exe" = C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{2930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments GuitarRig Mobile IO Driver
"{3A03D3D2-46C7-49ED-B60B-B91B1F5E71D3}_is1" = Game Prelauncher version 3.26
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Session IO Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Czech
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 275.33
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3 Driver
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C7FAFC98-5ECC-40FC-B440-A5D5FE3A6A6E}" = Native Instruments Guitar Rig 4
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{FAB43061-FEFB-46E8-A159-96710395DB5E}" = OpenOffice.org 3.2
"7-Zip" = 7-Zip 9.20
"Acoustica Beatcraft" = Acoustica Beatcraft
"Acoustica Effects Pack" = Acoustica Effects Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"HammerHead Rhythm Station" = HammerHead Rhythm Station
"InstallShield_{EDFB64A7-5BFD-4137-943D-5663149A15F5}" = Heroes of Might and Magic III Complete
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MinecraftAlpha" = MinecraftAlpha
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 4" = Native Instruments Guitar Rig 4
"Native Instruments GuitarRig Mobile IO Driver" = Native Instruments GuitarRig Mobile IO Driver
"Native Instruments Rig Kontrol 3 Driver" = Native Instruments Rig Kontrol 3 Driver
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments Session IO Driver" = Native Instruments Session IO Driver
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.50.1074" = Opera 11.50
"Postal 2_is1" = Portal 2
"Smart Defrag 2_is1" = Smart Defrag 2
"StarCraft II" = StarCraft II
"TeamViewer 6" = TeamViewer 6
"The KMPlayer" = The KMPlayer (remove only)
"Zoner Photo Studio 9_is1" = Zoner Photo Studio 9

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2450630174-3625044855-554241015-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 14.8.2011 12:13:47 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: 7zFM.exe, verze: 9.20.0.0, časové razítko:
0x4ce54f9c Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651, časové
razítko: 0x4e2111c0 Kód výjimky: 0xe06d7363 Posun chyby: 0x0000d36f ID chybujícího
procesu: 0x12f0 Čas spuštění chybující aplikace: 0x01cc5a9ceab743ef Cesta k chybující
aplikaci: C:\Program Files\7-Zip\7zFM.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: 630a75f2-c690-11e0-b0ac-0019dba5960b

Error - 14.8.2011 12:48:23 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: 7zFM.exe, verze: 9.20.0.0, časové razítko:
0x4ce54f9c Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.17651, časové
razítko: 0x4e2111c0 Kód výjimky: 0xe06d7363 Posun chyby: 0x0000d36f ID chybujícího
procesu: 0x720 Čas spuštění chybující aplikace: 0x01cc5aa1af702b6f Cesta k chybující
aplikaci: C:\Program Files\7-Zip\7zFM.exe Cesta k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll
ID
zprávy: 38dcc06a-c695-11e0-b0ac-0019dba5960b

Error - 14.8.2011 12:49:07 | Computer Name = Stana-PC | Source = Application Hang | ID = 1002
Description = Program javaw.exe verze 6.0.260.3 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
94 Čas spuštění: 01cc5aa2056e3735 Čas ukončení: 27 Cesta k aplikaci: C:\Windows\system32\javaw.exe

ID
hlášení: 500dfb1a-c695-11e0-b0ac-0019dba5960b

Error - 14.8.2011 15:51:48 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: hl2.exe, verze: 0.0.0.0, časové razítko:
0x4e384ca8 Název chybujícího modulu: filesystem_steam.dll_unloaded, verze: 0.0.0.0,
časové razítko: 0x4e38798f Kód výjimky: 0xc0000005 Posun chyby: 0x72fce649 ID chybujícího
procesu: 0x810 Čas spuštění chybující aplikace: 0x01cc5abb02f82607 Cesta k chybující
aplikaci: c:\program files\steam\steamapps\pug190\team fortress 2\hl2.exe Cesta
k chybujícímu modulu: filesystem_steam.dll ID zprávy: d83b6b01-c6ae-11e0-b0ac-0019dba5960b

Error - 14.8.2011 17:39:37 | Computer Name = Stana-PC | Source = Application Hang | ID = 1002
Description = Program chrome.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1718 Čas spuštění: 01cc5ac89421b6c9 Čas ukončení: 12 Cesta k aplikaci: C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe

ID
hlášení: e4d1563b-c6bd-11e0-b071-0019dba5960b

Error - 19.8.2011 12:56:27 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: exeHelper.com, verze: 0.0.0.0, časové razítko:
0x4bc5b7a7 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x0000df7a ID chybujícího procesu:
0x1234 Čas spuštění chybující aplikace: 0x01cc5e90ee0206da Cesta k chybující aplikaci:
C:\Users\Stana\Downloads\exeHelper.com Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID
zprávy: 2d7c91bf-ca84-11e0-9da4-0019dba5960b

Error - 19.8.2011 12:57:11 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: exeHelper.com, verze: 0.0.0.0, časové razítko:
0x4bc5b7a7 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x0000df7a ID chybujícího procesu:
0x1728 Čas spuštění chybující aplikace: 0x01cc5e91086997b4 Cesta k chybující aplikaci:
C:\Users\Stana\Downloads\exeHelper.com Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID
zprávy: 478bf4f2-ca84-11e0-9da4-0019dba5960b

Error - 19.8.2011 12:59:49 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: exeHelper.com, verze: 0.0.0.0, časové razítko:
0x4bc5b7a7 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x0000df7a ID chybujícího procesu:
0x11fc Čas spuštění chybující aplikace: 0x01cc5e91662a36a5 Cesta k chybující aplikaci:
C:\Users\Stana\Downloads\exeHelper.com Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID
zprávy: a5cf653f-ca84-11e0-9da4-0019dba5960b

Error - 19.8.2011 13:07:58 | Computer Name = Stana-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: exeHelper.scr, verze: 0.0.0.0, časové razítko:
0x4bc5b7a7 Název chybujícího modulu: msvcrt.dll, verze: 7.0.7600.16385, časové razítko:
0x4a5bda6f Kód výjimky: 0xc0000005 Posun chyby: 0x0000df7a ID chybujícího procesu:
0x13ec Čas spuštění chybující aplikace: 0x01cc5e92894f3a58 Cesta k chybující aplikaci:
C:\Users\Stana\Downloads\exeHelper.scr Cesta k chybujícímu modulu: C:\Windows\system32\msvcrt.dll
ID
zprávy: c947f05e-ca85-11e0-9da4-0019dba5960b

Error - 19.8.2011 14:45:13 | Computer Name = Stana-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 19.8.2011 16:07:32 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 19.8.2011 16:11:16 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 19.8.2011 16:14:29 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 19.8.2011 16:17:00 | Computer Name = Stana-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (22:14:53, ?19.?8.?2011) bylo neočekávané.

Error - 19.8.2011 16:16:34 | Computer Name = Stana-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error - 19.8.2011 16:17:02 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7000
Description = Služba Avira AntiVir Scheduler neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 19.8.2011 16:17:04 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7000
Description = Služba Avira AntiVir Guard neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 20.8.2011 6:36:23 | Computer Name = Stana-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Některé funkce řízení napájení při činnosti procesoru byly zakázány
z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error - 20.8.2011 6:36:32 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7000
Description = Služba Avira AntiVir Scheduler neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 20.8.2011 6:36:33 | Computer Name = Stana-PC | Source = Service Control Manager | ID = 7000
Description = Služba Avira AntiVir Guard neuspěla při spuštění v důsledku následující
chyby: %%2


< End of report >

[Caroprd111]

Máte tam nějak moc antivirů, odstraňte je pomocí http://www.viry.cz/forum/viewtopic.php?f=29&t=42886 Poté si jeden vyberte a znovu ho nainstalujte.


Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter



Stáhněte T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
Záložka Čistič

• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.

OK Zavřít


Dejte nový log z RSIT.

[Pug]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Stana at 2011-08-21 12:04:58
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 41 GB (27%) free of 153 GB
Total RAM: 2046 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:20, on 21.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Stana\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stana\Downloads\RSIT.exe
C:\Program Files\trend micro\Stana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=101916
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-21-2450630174-3625044855-554241015-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2450630174-3625044855-554241015-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 6061 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2011-07-06 449584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Program Files\BitTorrent\BitTorrent.exe [2011-06-09 400760]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\update.tray-2-0-lnk\svchost.exe"="C:\Windows\update.tray-2-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0-lnk\svchost.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-21 12:04:58 ----D---- C:\rsit
2011-08-21 12:04:58 ----D---- C:\Program Files\trend micro
2011-08-20 16:03:08 ----A---- C:\Windows\rafazon.bat
2011-08-20 15:45:57 ----D---- C:\Windows\system32\log
2011-08-20 15:40:52 ----AD---- C:\rafazon
2011-08-19 22:21:19 ----D---- C:\Windows\temp
2011-08-19 22:17:19 ----D---- C:\$RECYCLE.BIN
2011-08-19 20:02:10 ----D---- C:\Users\Stana\AppData\Roaming\Malwarebytes
2011-08-19 20:02:03 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-08-19 20:02:02 ----D---- C:\ProgramData\Malwarebytes
2011-08-19 20:01:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-19 20:01:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-08-19 18:11:32 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2011-08-19 18:11:31 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-08-19 18:11:31 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-08-18 18:21:40 ----D---- C:\Users\Stana\AppData\Roaming\.minecraft
2011-08-10 06:53:51 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 06:53:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 06:53:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 06:53:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 06:53:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 06:53:35 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 06:53:31 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 06:53:30 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\url.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 06:53:25 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-09 20:27:19 ----D---- C:\Program Files\Acoustica Shared Effects
2011-08-09 20:27:07 ----D---- C:\Program Files\Acoustica Beatcraft
2011-08-09 20:19:34 ----D---- C:\Program Files\HammerHead
2011-07-30 16:51:15 ----D---- C:\Users\Stana\AppData\Roaming\InstallShield
2011-07-25 19:42:17 ----D---- C:\Program Files\Game Prelauncher
2011-07-25 17:40:51 ----D---- C:\Users\Stana\AppData\Roaming\NVIDIA
2011-07-25 17:40:47 ----SHD---- C:\ProgramData\SecuROM
2011-07-25 17:39:31 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-07-25 17:39:19 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-07-25 17:39:19 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-07-25 17:39:18 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-07-25 17:39:15 ----A---- C:\Windows\system32\xinput1_3.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-07-25 17:39:13 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-07-25 17:39:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-07-25 17:39:11 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-07-25 17:39:11 ----A---- C:\Windows\system32\d3dx10.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-07-25 17:39:09 ----A---- C:\Windows\system32\xinput1_2.dll
2011-07-25 17:39:09 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xinput1_1.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-07-25 17:39:00 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-07-25 17:39:00 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-07-25 17:38:59 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-07-25 17:38:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of files/folders modified in the last 1 month======

2011-08-21 12:05:10 ----D---- C:\Windows\Prefetch
2011-08-21 12:05:00 ----D---- C:\Users\Stana\AppData\Roaming\BitTorrent
2011-08-21 12:04:58 ----RD---- C:\Program Files
2011-08-21 12:02:36 ----D---- C:\Windows\SoftwareDistribution
2011-08-21 12:02:28 ----D---- C:\Users\Stana\AppData\Roaming\Skype
2011-08-21 12:02:22 ----D---- C:\Windows\system32\LogFiles
2011-08-21 12:02:21 ----D---- C:\Windows
2011-08-21 11:59:49 ----D---- C:\Windows\system32\config
2011-08-21 11:59:32 ----D---- C:\ProgramData\NVIDIA
2011-08-21 11:51:46 ----D---- C:\Windows\system32\Tasks
2011-08-20 15:45:57 ----D---- C:\Windows\System32
2011-08-20 15:37:05 ----D---- C:\Users\Stana\AppData\Roaming\DAEMON Tools Lite
2011-08-20 15:36:19 ----D---- C:\Windows\Logs
2011-08-20 15:36:19 ----D---- C:\Windows\debug
2011-08-20 15:34:58 ----D---- C:\Program Files\CCleaner
2011-08-20 15:19:10 ----D---- C:\Windows\system32\drivers
2011-08-19 22:17:23 ----A---- C:\Windows\system.ini
2011-08-19 22:17:11 ----D---- C:\Windows\system32\drivers\etc
2011-08-19 22:14:34 ----D---- C:\Program Files\Steam
2011-08-19 22:11:26 ----D---- C:\Windows\AppPatch
2011-08-19 22:11:23 ----D---- C:\Program Files\Common Files
2011-08-19 21:51:43 ----D---- C:\Windows\inf
2011-08-19 21:51:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-19 21:15:29 ----SHD---- C:\System Volume Information
2011-08-19 20:40:51 ----SHD---- C:\Windows\Installer
2011-08-19 20:02:02 ----D---- C:\ProgramData
2011-08-19 19:10:03 ----D---- C:\Windows\system32\restore
2011-08-19 18:48:11 ----D---- C:\Windows\system32\NDF
2011-08-18 18:20:55 ----D---- C:\Hrej
2011-08-18 18:14:30 ----D---- C:\ProgramData\Blizzard Entertainment
2011-08-15 00:01:56 ----D---- C:\Windows\system32\catroot2
2011-08-10 19:18:45 ----D---- C:\Windows\system32\wdi
2011-08-10 18:47:15 ----D---- C:\Windows\Microsoft.NET
2011-08-10 18:47:13 ----RSD---- C:\Windows\assembly
2011-08-10 17:09:56 ----D---- C:\Windows\winsxs
2011-08-10 17:08:23 ----D---- C:\Windows\system32\migration
2011-08-10 17:08:23 ----D---- C:\Program Files\Internet Explorer
2011-08-10 07:14:07 ----D---- C:\Windows\system32\catroot
2011-08-10 07:12:34 ----A---- C:\Windows\system32\MRT.exe
2011-08-03 16:02:53 ----D---- C:\Program Files\Common Files\Steam
2011-08-01 15:09:10 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-07-30 16:51:44 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-25 19:13:18 ----D---- C:\Program Files\WinRAR
2011-07-22 19:59:01 ----A---- C:\Users\Stana\AppData\Roaming\myMPQ.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-06-27 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-08-02 126856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-20 218688]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-08-02 60936]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-14 44032]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-07-06 22712]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aqea1cjr;aqea1cjr; C:\Windows\system32\drivers\aqea1cjr.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2011-07-06 41272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 3576320]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe []
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-02 411432]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-09 1343400]

-----------------EOF-----------------

[Caroprd111]

Doporučuji odinstalovat vše od IObit a DAEMON Tools Toolbar


Přeinstalujte Aviru.


Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\update.tray-2-0-lnk\svchost.exe"=-
"C:\Windows\update.1\svchost.exe"=-
"C:\Windows\update.2\svchost.exe"=-

Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.

[Pug]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Stana at 2011-08-21 19:18:24
Vše splněno pro jistotu posílám log


Microsoft Windows 7 Professional Service Pack 1
System drive C: has 42 GB (28%) free of 153 GB
Total RAM: 2046 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:50, on 21.8.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\BitTorrent\BitTorrent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
c:\program files\avira\antivir desktop\avcenter.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\program files\avira\antivir desktop\avscan.exe
C:\Users\Stana\Downloads\RSIT.exe
C:\Program Files\trend micro\Stana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=101916
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

--
End of file - 5178 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2450630174-3625044855-554241015-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Program Files\BitTorrent\BitTorrent.exe [2011-06-09 400760]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

C:\Users\Stana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\update.tray-2-0-lnk\svchost.exe"="C:\Windows\update.tray-2-0-lnk\svchost.exe:*:Enabled:C:\Windows\update.tray-2-0-lnk\svchost.exe"
"C:\Windows\update.1\svchost.exe"="C:\Windows\update.1\svchost.exe:*:Enabled:C:\Windows\update.1\svchost.exe"
"C:\Windows\update.2\svchost.exe"="C:\Windows\update.2\svchost.exe:*:Enabled:C:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-21 19:17:52 ----A---- C:\james.bat
2011-08-21 19:11:54 ----D---- C:\ProgramData\Avira
2011-08-21 19:11:54 ----D---- C:\Program Files\Avira
2011-08-21 12:04:58 ----D---- C:\rsit
2011-08-21 12:04:58 ----D---- C:\Program Files\trend micro
2011-08-20 16:03:08 ----A---- C:\Windows\rafazon.bat
2011-08-20 15:45:57 ----D---- C:\Windows\system32\log
2011-08-20 15:40:52 ----AD---- C:\rafazon
2011-08-19 22:21:19 ----D---- C:\Windows\temp
2011-08-19 22:17:19 ----D---- C:\$RECYCLE.BIN
2011-08-19 20:02:10 ----D---- C:\Users\Stana\AppData\Roaming\Malwarebytes
2011-08-19 20:02:02 ----D---- C:\ProgramData\Malwarebytes
2011-08-19 18:11:32 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2011-08-19 18:11:31 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-08-19 18:11:31 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2011-08-18 18:21:40 ----D---- C:\Users\Stana\AppData\Roaming\.minecraft
2011-08-10 06:53:51 ----A---- C:\Windows\system32\xmllite.dll
2011-08-10 06:53:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-10 06:53:48 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-08-10 06:53:46 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 06:53:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-10 06:53:35 ----A---- C:\Windows\system32\iertutil.dll
2011-08-10 06:53:31 ----A---- C:\Windows\system32\mshtml.dll
2011-08-10 06:53:30 ----A---- C:\Windows\system32\ieframe.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\wininet.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\urlmon.dll
2011-08-10 06:53:29 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\url.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-10 06:53:28 ----A---- C:\Windows\system32\ieui.dll
2011-08-10 06:53:25 ----A---- C:\Windows\system32\kernel32.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 06:53:24 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\winsrv.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-10 06:53:24 ----A---- C:\Windows\system32\conhost.exe
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 06:53:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbcjt32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-10 06:53:21 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-09 20:27:19 ----D---- C:\Program Files\Acoustica Shared Effects
2011-08-09 20:27:07 ----D---- C:\Program Files\Acoustica Beatcraft
2011-08-09 20:19:34 ----D---- C:\Program Files\HammerHead
2011-07-30 16:51:15 ----D---- C:\Users\Stana\AppData\Roaming\InstallShield
2011-07-25 19:42:17 ----D---- C:\Program Files\Game Prelauncher
2011-07-25 17:40:51 ----D---- C:\Users\Stana\AppData\Roaming\NVIDIA
2011-07-25 17:40:47 ----SHD---- C:\ProgramData\SecuROM
2011-07-25 17:39:31 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-07-25 17:39:31 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-07-25 17:39:30 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-07-25 17:39:29 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-07-25 17:39:28 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-07-25 17:39:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-07-25 17:39:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-07-25 17:39:25 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-07-25 17:39:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-07-25 17:39:23 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-07-25 17:39:22 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-07-25 17:39:21 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-07-25 17:39:20 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-07-25 17:39:19 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-07-25 17:39:19 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-07-25 17:39:18 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-07-25 17:39:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-07-25 17:39:15 ----A---- C:\Windows\system32\xinput1_3.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-07-25 17:39:14 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-07-25 17:39:13 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-07-25 17:39:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-07-25 17:39:11 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-07-25 17:39:11 ----A---- C:\Windows\system32\d3dx10.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-07-25 17:39:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-07-25 17:39:09 ----A---- C:\Windows\system32\xinput1_2.dll
2011-07-25 17:39:09 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xinput1_1.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-07-25 17:39:08 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-07-25 17:39:01 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-07-25 17:39:00 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-07-25 17:39:00 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-07-25 17:38:59 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-07-25 17:38:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

======List of files/folders modified in the last 1 month======

2011-08-21 19:18:35 ----D---- C:\Users\Stana\AppData\Roaming\BitTorrent
2011-08-21 19:18:05 ----D---- C:\Windows\Prefetch
2011-08-21 19:17:55 ----SHD---- C:\System Volume Information
2011-08-21 19:17:38 ----D---- C:\Users\Stana\AppData\Roaming\Skype
2011-08-21 19:17:11 ----D---- C:\Windows\system32\config
2011-08-21 19:16:43 ----D---- C:\ProgramData\NVIDIA
2011-08-21 19:13:24 ----RD---- C:\Program Files
2011-08-21 19:12:15 ----D---- C:\Windows\system32\drivers
2011-08-21 19:11:54 ----D---- C:\ProgramData
2011-08-21 19:07:25 ----D---- C:\Windows\System32
2011-08-21 19:04:51 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-08-21 14:47:10 ----D---- C:\Windows
2011-08-21 12:29:16 ----D---- C:\Windows\system32\LogFiles
2011-08-21 12:02:36 ----D---- C:\Windows\SoftwareDistribution
2011-08-21 11:51:46 ----D---- C:\Windows\system32\Tasks
2011-08-20 15:37:05 ----D---- C:\Users\Stana\AppData\Roaming\DAEMON Tools Lite
2011-08-20 15:36:19 ----D---- C:\Windows\Logs
2011-08-20 15:36:19 ----D---- C:\Windows\debug
2011-08-20 15:34:58 ----D---- C:\Program Files\CCleaner
2011-08-19 22:17:23 ----A---- C:\Windows\system.ini
2011-08-19 22:17:11 ----D---- C:\Windows\system32\drivers\etc
2011-08-19 22:14:34 ----D---- C:\Program Files\Steam
2011-08-19 22:11:26 ----D---- C:\Windows\AppPatch
2011-08-19 22:11:23 ----D---- C:\Program Files\Common Files
2011-08-19 21:51:43 ----D---- C:\Windows\inf
2011-08-19 21:51:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-19 20:40:51 ----SHD---- C:\Windows\Installer
2011-08-19 19:10:03 ----D---- C:\Windows\system32\restore
2011-08-19 18:48:11 ----D---- C:\Windows\system32\NDF
2011-08-18 18:20:55 ----D---- C:\Hrej
2011-08-18 18:14:30 ----D---- C:\ProgramData\Blizzard Entertainment
2011-08-15 00:01:56 ----D---- C:\Windows\system32\catroot2
2011-08-10 19:18:45 ----D---- C:\Windows\system32\wdi
2011-08-10 18:47:15 ----D---- C:\Windows\Microsoft.NET
2011-08-10 18:47:13 ----RSD---- C:\Windows\assembly
2011-08-10 17:09:56 ----D---- C:\Windows\winsxs
2011-08-10 17:08:23 ----D---- C:\Windows\system32\migration
2011-08-10 17:08:23 ----D---- C:\Program Files\Internet Explorer
2011-08-10 07:14:07 ----D---- C:\Windows\system32\catroot
2011-08-10 07:12:34 ----A---- C:\Windows\system32\MRT.exe
2011-08-03 16:02:53 ----D---- C:\Program Files\Common Files\Steam
2011-08-01 15:09:10 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-07-30 16:51:44 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-25 19:13:18 ----D---- C:\Program Files\WinRAR
2011-07-22 19:59:01 ----A---- C:\Users\Stana\AppData\Roaming\myMPQ.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-06-27 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-08-02 126856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-20 218688]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-08-02 60936]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-12-21 95384]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-14 44032]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 augfaglt;augfaglt; C:\Windows\system32\drivers\augfaglt.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-08-02 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
R2 NIHardwareService;NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-07-17 3576320]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-25 615528]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-20 378472]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-02 411432]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-09 1343400]

-----------------EOF-----------------

[Caroprd111]

Log je v pořádku.

[Pug]

To je super děkuji moc za pomoc, opravdu jste mi pomohl.

[Caroprd111]

Není zač.