Prosím o preventivku po nákaze

[Márty84]

Tyto soubory mi prosim zkontrolujte na virustotal, pripadne jotti. Zde navod http://viry.cz/forum/viewtopic.php?f=29&t=5846
Kdyby na virustotal hlasil, ze soubor uz byl testovan, nechte ho otestovat znovu (reanalyse)

C:\Program Files\P4P\P4P.exe
C:\Windows\system32\DRIVERS\58594522.sys
C:\Windows\system32\drivers\80387875.sys
C:\Windows\system32\dffsetup_d3dx9_27.exe

V pripade pozitivniho nalezu sem vlozte vysledky (pripadne odkazy)
Pokud budou ciste, staci to rict

[raskar89]

vsechno je ciste

[Márty84]

Vyborne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte.

Ted uz budu muset od pc pryc. Zitra to zkontroluju a dorazime to

[raskar89]

mockrat Vam dekuju

[Márty84]

Neni vubec zac
Preji hezky vecer a dobrou noc

[raskar89]

OTL Extras logfile created on: 29.11.2011 23:04:48 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Home\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,72% Memory free
6,00 Gb Paging File | 4,16 Gb Available in Paging File | 69,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 153,22 Gb Free Space | 68,08% Space Free | Partition Type: NTFS
Drive D: | 7,81 Gb Total Space | 7,74 Gb Free Space | 99,03% Space Free | Partition Type: NTFS
Drive G: | 3,78 Gb Total Space | 2,70 Gb Free Space | 71,27% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1215533648-3091073881-1506664534-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A7C4C5C-6DF9-48D5-BEF4-E5E6FB868EAF}_is1" = F.E.A.R. Plantinum
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{31423F74-36B2-4d24-B10D-CD00BFB7C118}" = Intel® Turbo Memory
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CFEBE9C-F29F-4C49-80E0-7106970F8734}" = Power4Gear eXtreme
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager a Intel® Turbo Memory
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Czech
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0FC1C14-4824-4A73-87A6-9E888C9C3102}" = ASUS Splendid Video Enhancement Technology
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"2EFF310ED3BF3BFB24E6CC25AEB5491813E56803" = Balíček ovladače systému Windows - ITE Tech.Inc. (itecir) HIDClass (06/20/2007 5.0.0004.2)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v1.85
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"F.E.A.R. 3_is1" = F.E.A.R. 3
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware verze 1.51.2.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Mozilla Firefox 8.0 (x86 cs)" = Mozilla Firefox 8.0 (x86 cs)
"NVIDIA Drivers" = NVIDIA Drivers
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.11.2011 13:30:12 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Client application bug: DNSServiceResolve(dc:2b:61:85:2e:c8@fe80::de2b:61ff:fe85:2ec8._apple-mobdev._tcp.local.)
active for over two minutes. This places considerable burden on the network.

Error - 28.11.2011 19:10:32 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28.11.2011 19:10:32 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1201

Error - 28.11.2011 19:10:32 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1201

Error - 28.11.2011 19:10:33 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 28.11.2011 19:10:33 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2215

Error - 28.11.2011 19:10:33 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2215

Error - 29.11.2011 7:19:33 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 29.11.2011 7:19:34 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 43742868

Error - 29.11.2011 7:19:34 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 43742868

[ System Events ]
Error - 17.11.2011 8:21:12 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7032
Description = Správce služeb se pokusil o opravnou akci (Restartovat službu) po
nečekaném ukončení služby Apple Mobile Device, ale tato akce selhala kvůli následující
chybě: %%1056

Error - 17.11.2011 17:13:09 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby WinDefend bylo dosaženo časového
limitu (30000 ms).

Error - 22.11.2011 7:19:14 | Computer Name = Home-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (12:17:02, ?22.?11.?2011) bylo neočekávané.

Error - 28.11.2011 15:58:28 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní
chyby: 10

Error - 28.11.2011 15:58:48 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní
chyby: 10

Error - 28.11.2011 15:58:57 | Computer Name = Home-PC | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 10. Stav interní
chyby: 10

Error - 28.11.2011 16:31:17 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7030
Description = Služba NVMSLVRNBHFNECS je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 28.11.2011 16:31:47 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby NVMSLVRNBHFNECS bylo dosaženo časového
limitu (30000 ms).

Error - 28.11.2011 16:31:47 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7000
Description = Služba NVMSLVRNBHFNECS neuspěla při spuštění v důsledku následující
chyby: %%1053

Error - 29.11.2011 7:19:33 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby Netman bylo dosaženo časového
limitu (30000 ms).


< End of report >

[raskar89]

OTL logfile created on: 29.11.2011 23:04:48 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Home\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,72% Memory free
6,00 Gb Paging File | 4,16 Gb Available in Paging File | 69,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 225,07 Gb Total Space | 153,22 Gb Free Space | 68,08% Space Free | Partition Type: NTFS
Drive D: | 7,81 Gb Total Space | 7,74 Gb Free Space | 99,03% Space Free | Partition Type: NTFS
Drive G: | 3,78 Gb Total Space | 2,70 Gb Free Space | 71,27% Space Free | Partition Type: FAT32

Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.11.29 20:43:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
PRC - [2011.11.09 19:33:36 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.10.20 12:58:40 | 002,497,352 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.10.09 10:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011.10.07 18:47:13 | 001,883,328 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.09.06 21:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.09.05 18:31:55 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.05.21 20:21:18 | 000,890,368 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe
PRC - [2008.01.15 12:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.11.28 17:39:42 | 002,465,792 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.11.28 17:39:36 | 000,229,376 | ---- | M] (ATK0100) -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.11.04 19:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.17 19:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.10.02 21:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.31 17:38:12 | 000,180,224 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2007.08.15 11:38:30 | 000,147,456 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.08.15 11:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.07.10 10:59:56 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2006.12.20 23:03:38 | 001,036,288 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2005.07.06 15:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe


========== Modules (No Company Name) ==========

MOD - [2011.11.22 19:12:35 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011.11.09 19:33:36 | 001,989,592 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.10.13 19:33:53 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\32f68764be7200d3796b55e377311245\Microsoft.VisualBasic.ni.dll
MOD - [2011.10.13 19:28:44 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.13 19:28:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.13 19:28:33 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.13 19:28:23 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.01.08 00:56:28 | 000,008,704 | ---- | M] () -- C:\Users\Home\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.3.gadget\GetCoreTempInfoNET.dll
MOD - [2011.01.08 00:56:28 | 000,007,680 | ---- | M] () -- C:\Users\Home\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.3.gadget\SystemInfo.dll
MOD - [2011.01.08 00:56:28 | 000,006,144 | ---- | M] () -- C:\Users\Home\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.3.gadget\CoreTempReader.dll
MOD - [2010.11.13 02:54:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.05.21 20:21:18 | 000,140,288 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\libexpatw.dll
MOD - [2009.05.14 06:22:34 | 000,260,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\ShortcutUIRes.dll
MOD - [2009.05.14 06:22:34 | 000,028,160 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\SCMNRES.dll
MOD - [2009.05.14 06:22:30 | 000,039,424 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\KYGRPRes.dll
MOD - [2007.10.17 19:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe


========== Win32 Services (SafeList) ==========

SRV - [2011.11.28 21:31:17 | 000,387,968 | ---- | M] (Sysinternals - www.sysinternals.com) [On_Demand | Stopped] -- C:\Users\Home\AppData\Local\Temp\NVMSLVRNBHFNECS.exe -- (NVMSLVRNBHFNECS)
SRV - [2011.10.07 18:47:13 | 001,883,328 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011.09.06 21:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.09.05 18:31:55 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.08 01:04:40 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.10.02 21:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)


========== Driver Services (SafeList) ==========

DRV - [2011.11.13 11:56:03 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\80387875.sys -- (80387875)
DRV - [2011.11.12 13:21:39 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.10.07 18:47:53 | 000,082,400 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.10.07 18:47:52 | 000,039,640 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.10.07 18:47:51 | 000,488,208 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011.09.25 12:12:32 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\58594522.sys -- (58594522)
DRV - [2011.09.06 21:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.09.06 21:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.09.06 21:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.09.06 21:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.09.06 21:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.09.06 21:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.09.05 18:31:50 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.09.05 18:31:50 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.09.28 09:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)
DRV - [2009.07.02 00:59:00 | 009,786,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.07.01 18:05:10 | 000,232,472 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaNvStor.sys -- (iaNvStor) Intel(R)
DRV - [2009.05.05 12:15:58 | 001,095,808 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2007.10.01 14:59:46 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007.08.08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.07.31 02:39:00 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2007.07.30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 11:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.20 13:49:06 | 000,049,664 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.04.12 01:18:34 | 000,048,000 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.01.24 19:08:40 | 000,005,632 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2006.02.07 20:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\JGOGO.sys -- (JGOGO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1215533648-3091073881-1506664534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1215533648-3091073881-1506664534-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://news.google.cz/nwshp?client=fire ... =cs&tab=wn"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9
FF - prefs.js..extensions.enabledItems: {582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4
FF - prefs.js..extensions.enabledItems: {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 0
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.10 00:29:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.09 19:33:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.10.27 12:21:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.10 00:29:57 | 000,000,000 | ---D | M]

[2011.01.08 01:32:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Extensions
[2011.11.29 14:16:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\njqu423u.default\extensions
[2011.11.12 18:30:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.11.12 18:30:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NJQU423U.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NJQU423U.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NJQU423U.DEFAULT\EXTENSIONS\{C50CA3C4-5656-43C2-A061-13E717F73FC8}.XPI
() (No name found) -- C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NJQU423U.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.11.09 19:33:36 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.05 20:12:44 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2011.10.05 20:12:44 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.03.05 19:40:53 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.10.05 20:12:44 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.10.05 20:12:44 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.10.05 20:12:44 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2011.11.14 00:47:35 | 000,438,443 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15078 more lines...
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1215533648-3091073881-1506664534-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2527AB-DADD-4CBC-80C3-E5CF0392AF2D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA2527AB-DADD-4CBC-80C3-E5CF0392AF2D}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D938884C-EA82-4484-BFE9-091073B46E0E}: DhcpNameServer = 217.77.165.81 217.77.161.131
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBB461A5-3A64-464D-9B14-96961794DF7A}: NameServer = 156.154.70.25,156.154.71.25
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) -C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)
Unable to save MBR. Invalid drive designation: 0

========== Files/Folders - Created Within 30 Days ==========

[2011.11.29 23:00:52 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2011.11.29 20:43:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011.11.28 21:21:44 | 000,401,720 | ---- | C] (Trend Micro Inc.) -- C:\Users\Home\Desktop\HijackThis.exe
[2011.11.24 15:39:17 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Woodstock 69_1970_DVDrip_XviD-Ekolb
[2011.11.23 22:17:31 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Diskuze islamizace Praha
[2011.11.22 19:21:27 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\BIBS
[2011.11.21 20:03:07 | 000,133,208 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\80387875.sys
[2011.11.21 18:22:03 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011.11.20 19:45:37 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Day 1 Studios
[2011.11.20 19:45:31 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\SKIDROW
[2011.11.20 19:37:21 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_43.dll
[2011.11.20 19:34:53 | 000,068,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011.11.20 19:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
[2011.11.20 19:27:28 | 000,000,000 | ---D | C] -- C:\Program Files\WB Games
[2011.11.20 17:30:32 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\F.E.A.R.3-SKIDROW
[2011.11.19 21:52:18 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_5.dll
[2011.11.17 13:24:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.11.17 13:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.11.17 13:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.11.14 16:40:19 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.11.14 15:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.14 15:41:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.14 15:41:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.11.14 15:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.11.14 01:32:23 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011.11.13 22:52:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Monolith Productions
[2011.11.13 22:51:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011.11.13 22:44:19 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011.11.13 22:42:37 | 004,179,848 | ---- | C] (Dll-Files.com ) -- C:\Windows\System32\dffsetup_d3dx9_27.exe
[2011.11.13 21:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F.E.A.R. Platinum
[2011.11.13 21:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra
[2011.11.13 21:08:46 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\F.E.A.R
[2011.11.13 15:31:19 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\HpUpdate
[2011.11.12 23:56:45 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011.11.12 18:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.11.12 18:30:32 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.11.12 18:30:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.11.12 18:30:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.11.12 18:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2011.11.12 18:28:11 | 000,000,000 | ---D | C] -- C:\Users\Home\SystemRequirementsLab
[2011.11.12 13:24:52 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.11.12 13:21:39 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.11.12 13:21:19 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.11.12 13:15:40 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Warcraft II Battle NET Edition
[2011.11.12 00:07:44 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2011.11.12 00:07:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.11.09 18:26:31 | 002,341,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.11.06 20:39:28 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Into the Wild[2007]DvDrip[Eng]-FXG
[2011.11.05 20:09:12 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.11.05 20:08:46 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011.11.05 20:08:46 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\uTorrent
[2011.11.04 22:14:07 | 000,000,000 | ---D | C] -- C:\Users\Home\Desktop\Plakáty
[2011.01.08 01:45:11 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Users\Home\Desktop\*.tmp files -> C:\Users\Home\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.11.29 23:05:46 | 002,103,951 | ---- | M] () -- C:\Users\Home\Desktop\skenování0002.jpg
[2011.11.29 23:05:14 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.29 23:05:14 | 000,013,440 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.29 23:03:25 | 001,947,302 | ---- | M] () -- C:\Users\Home\Desktop\skenování0001.jpg
[2011.11.29 23:01:25 | 000,631,292 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.11.29 23:01:25 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.11.29 23:01:25 | 000,121,914 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.11.29 23:01:25 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.11.29 20:43:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Desktop\OTL.exe
[2011.11.29 12:20:38 | 000,781,383 | ---- | M] () -- C:\Users\Home\Desktop\RSIT.exe
[2011.11.29 12:19:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.28 21:21:43 | 000,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Users\Home\Desktop\HijackThis.exe
[2011.11.28 20:34:13 | 000,048,475 | ---- | M] () -- C:\Users\Home\Desktop\313629_173424802752869_100002560527201_291314_600065183_n.jpg
[2011.11.28 19:14:57 | 725,690,620 | ---- | M] () -- C:\Users\Home\Desktop\Objekt-mé-touhy-CZ-dabing-1998.avi
[2011.11.27 18:48:39 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.27 12:29:05 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2011.11.24 17:04:48 | 1167,382,528 | ---- | M] () -- C:\Users\Home\Desktop\zid-suss.avi
[2011.11.23 18:43:56 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2011.11.22 19:12:35 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011.11.20 19:37:26 | 002,106,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3dcompiler_43.dll
[2011.11.20 19:34:58 | 000,068,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2011.11.14 16:40:19 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.11.14 00:47:35 | 000,438,443 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.11.14 00:46:34 | 000,438,443 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20111114-004734.backup
[2011.11.13 22:42:53 | 004,179,848 | ---- | M] (Dll-Files.com ) -- C:\Windows\System32\dffsetup_d3dx9_27.exe
[2011.11.13 11:56:03 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\System32\drivers\80387875.sys
[2011.11.12 13:21:39 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.11.11 20:00:35 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.11.11 20:00:35 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.11.10 10:35:21 | 000,309,064 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.11.06 12:07:50 | 262,435,521 | ---- | M] () -- C:\Users\Home\Desktop\zazraky.flv
[2011.11.01 12:29:04 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.10.31 15:21:46 | 248,806,520 | ---- | M] () -- C:\Users\Home\Desktop\KOLAPS - alarmujc dokument o konci vku ropy USA 2009 - (480 x 360).mp4
[1 C:\Users\Home\Desktop\*.tmp files -> C:\Users\Home\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.11.29 23:05:46 | 002,103,951 | ---- | C] () -- C:\Users\Home\Desktop\skenování0002.jpg
[2011.11.29 23:03:25 | 001,947,302 | ---- | C] () -- C:\Users\Home\Desktop\skenování0001.jpg
[2011.11.29 12:20:39 | 000,781,383 | ---- | C] () -- C:\Users\Home\Desktop\RSIT.exe
[2011.11.28 20:34:14 | 000,048,475 | ---- | C] () -- C:\Users\Home\Desktop\313629_173424802752869_100002560527201_291314_600065183_n.jpg
[2011.11.28 18:34:21 | 725,690,620 | ---- | C] () -- C:\Users\Home\Desktop\Objekt-mé-touhy-CZ-dabing-1998.avi
[2011.11.24 15:57:20 | 1167,382,528 | ---- | C] () -- C:\Users\Home\Desktop\zid-suss.avi
[2011.11.11 20:00:35 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.11.11 20:00:35 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.11.06 11:09:58 | 262,435,521 | ---- | C] () -- C:\Users\Home\Desktop\zazraky.flv
[2011.10.31 15:11:38 | 248,806,520 | ---- | C] () -- C:\Users\Home\Desktop\KOLAPS - alarmujc dokument o konci vku ropy USA 2009 - (480 x 360).mp4
[2011.03.08 09:31:01 | 000,000,036 | ---- | C] () -- C:\Users\Home\AppData\Local\housecall.guid.cache
[2011.02.25 13:09:34 | 000,003,584 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.07 00:17:02 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.02.07 00:17:02 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.01.10 13:55:05 | 000,000,023 | -HS- | C] () -- C:\Windows\System32\edacded0.dat
[2011.01.10 00:25:38 | 000,179,195 | ---- | C] () -- C:\Windows\hpoins29.dat
[2011.01.10 00:25:38 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2011.01.08 09:51:44 | 000,045,056 | ---- | C] () -- C:\Windows\System32\acovcnt.exe
[2011.01.08 01:45:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2009.07.14 09:44:22 | 000,631,292 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 09:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 09:44:22 | 000,121,914 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 09:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 05:33:53 | 000,309,064 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 03:05:48 | 000,616,008 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 03:05:48 | 000,106,388 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:09 | 001,332,736 | ---- | C] () -- C:\Windows\System32\hpotiop1.dll
[2009.07.14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

========== LOP Check ==========

[2011.11.23 17:48:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2011.11.20 19:45:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Day 1 Studios
[2011.03.09 10:49:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\f-secure
[2011.10.08 16:10:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\MaskMyIP
[2011.11.24 16:32:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011.11.07 18:26:40 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< >


< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\System32\cryptsvc.dll
[2010.11.20 13:18:24 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTOR.SYS >
[2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009.06.04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009.06.04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009.06.04 18:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_633476a5a8eb44de\iaStor.sys

< MD5 for: IASTORV.SYS >
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\System32\drivers\ndis.sys
[2010.11.20 13:30:06 | 000,712,576 | ---- | M] (Microsoft Corporation) MD5=E7C54812A2AAF43316EB6930C1FFA108 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_a9ce95b27a512623\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.20 13:30:06 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=AF2EEC9580C1D32FB7EAF105D9784061 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\drivers\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 06:39:00 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=B3E25EE28883877076E0E1FF877D02E0 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvraid.sys
[2011.03.11 06:28:10 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=E3B840350A72CA6F39BD2BEF85A2BCFB -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvraid.sys
[2011.03.11 06:44:01 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=F1B0BED906F97E16F6D0C3629D2F21C6 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvraid.sys
[2011.03.11 06:52:25 | 000,117,120 | ---- | M] (NVIDIA Corporation) MD5=FCD5C3542A85EEBA7D0833B7E5086C10 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.06.21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011.06.21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011.06.21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011.06.21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\System32\ws2_32.dll
[2010.11.20 13:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp files -> C:\Windows\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C}\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\060b3af45f004d753d99c6fca6b3757d\*.tmp files -> C:\Windows\SoftwareDistribution\Download\060b3af45f004d753d99c6fca6b3757d\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0a9b919235864cb6f1a5336ba12cc39b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0a9b919235864cb6f1a5336ba12cc39b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0ca856cc21d83df5cc56331251974534\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0ca856cc21d83df5cc56331251974534\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0ea65e7a6aa516c946fb35f4722c1586\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0ea65e7a6aa516c946fb35f4722c1586\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\32e3c96aec696728a03bd5548f4a62ca\*.tmp files -> C:\Windows\SoftwareDistribution\Download\32e3c96aec696728a03bd5548f4a62ca\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\73cab97062555582add5e107f4a4f1f5\*.tmp files -> C:\Windows\SoftwareDistribution\Download\73cab97062555582add5e107f4a4f1f5\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7514e3c1841427aeada0689132e6e82b\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7514e3c1841427aeada0689132e6e82b\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\82510dd63d57e9e04c283bc8a3ba0e60\*.tmp files -> C:\Windows\SoftwareDistribution\Download\82510dd63d57e9e04c283bc8a3ba0e60\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\93aa5536e2553b525dae96f443d62e56\*.tmp files -> C:\Windows\SoftwareDistribution\Download\93aa5536e2553b525dae96f443d62e56\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\da9762ee5e3d94f26afaebf466aeef96\*.tmp files -> C:\Windows\SoftwareDistribution\Download\da9762ee5e3d94f26afaebf466aeef96\*.tmp -> ]
[16 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[1 C:\Windows\twain_32\*.tmp files -> C:\Windows\twain_32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.01.08 16:07:34 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Adobe
[2011.11.23 18:44:10 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Apple Computer
[2011.11.23 17:48:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2011.11.20 19:45:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Day 1 Studios
[2011.02.07 00:16:17 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Download Manager
[2011.03.09 10:49:15 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\f-secure
[2011.01.11 00:48:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\HP
[2011.11.13 15:53:58 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\HpUpdate
[2011.01.08 00:47:10 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Identities
[2011.01.08 01:57:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\InstallShield
[2011.01.08 09:45:32 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Macromedia
[2011.01.09 13:32:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2011.10.08 16:10:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\MaskMyIP
[2009.07.14 10:19:24 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Media Center Programs
[2011.03.28 23:54:06 | 000,000,000 | --SD | M] -- C:\Users\Home\AppData\Roaming\Microsoft
[2011.01.08 01:32:50 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Mozilla
[2011.01.21 22:00:50 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SUPERAntiSpyware.com
[2011.11.24 16:32:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\uTorrent
[2011.11.28 18:54:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\vlc
[2011.01.08 01:43:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.11.29 23:05:14 | 000,013,440 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.29 23:05:14 | 000,013,440 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.27 12:29:05 | 000,045,056 | ---- | M] () -- C:\Windows\system32\acovcnt.exe
[2011.11.29 23:01:25 | 000,121,914 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2011.11.29 23:01:25 | 000,106,388 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2011.11.29 23:01:25 | 000,631,292 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2011.11.29 23:01:25 | 000,616,008 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2011.11.29 23:01:25 | 001,470,062 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 13:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2009.05.21 20:21:18 | 000,007,507 | ---- | M] () -- \Program Files\HP\Digital Imaging\HelpViewer\Resources\Loader.swf
[2009.09.20 12:15:26 | 000,030,776 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\RsrcLoaderLib.dll
[2009.09.20 12:15:26 | 000,002,713 | ---- | M] () -- \Program Files\HP\Digital Imaging\smart web printing\MozillaAddOn3\xre\components\uriloader.xpt
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2011.01.08 02:21:44 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2011.01.08 01:59:35 | 000,082,784 | ---- | M] () -- \Windows\assembly\tmp\9Z61OLZ0\IALoader.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009.07.14 09:43:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 09:43:57 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winload.exe.mui_3bc5b827
[2009.07.14 09:43:57 | 000,030,272 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86_winresume.exe.mui_ff8b5358
[2011.02.23 15:59:56 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011.02.23 15:59:56 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011.02.23 15:59:56 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009.07.14 09:42:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

[Márty84]

Aktualizujte Internet Explorer na verzi 9. I kdyz jej treba nepouzivate, mel by byt aktualizovany.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

:otl
DRV - [2011.11.13 11:56:03 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\80387875.sys -- (80387875)
DRV - [2011.09.25 12:12:32 | 000,133,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\58594522.sys -- (58594522)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34897157.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\34897157.sys]

:services
NVMSLVRNBHFNECS

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na Opravit
Pokud se Vas zepta na restart, souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[raskar89]

All processes killed
========== OTL ==========
Error: Unable to stop service 80387875!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\80387875 deleted successfully.
C:\Windows\System32\drivers\80387875.sys moved successfully.
Error: Unable to stop service 58594522!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\58594522 deleted successfully.
C:\Windows\System32\drivers\58594522.sys moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\34897157.sys\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\34897157.sys\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service NVMSLVRNBHFNECS stopped successfully!
Service NVMSLVRNBHFNECS deleted successfully!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 148414 bytes
->Temporary Internet Files folder emptied: 15884241 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Home
->Temp folder emptied: 14655086 bytes
->Temporary Internet Files folder emptied: 19691349 bytes
->Java cache emptied: 1994402 bytes
->FireFox cache emptied: 44396807 bytes
->Flash cache emptied: 493 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13717486 bytes
RecycleBin emptied: 348910 bytes

Total Files Cleaned = 106,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Home
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11302011_182018

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Márty84]

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

:services
80387875
58594522

:commands
[EMPTYTEMP]

Kliknete na Opravit
Pokud se Vas zepta na restart, souhlaste.
Po restartu se objevi novy log, ten sem dejte.


Vsechny tyto programy, vcetne instalace, spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Stahnete si OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a ulozte.
Pri instalaci pozor na Yahoo toolbar, ten nepotrebujete, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Jak vidite v odkazu, je vlevo spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vysype ho
Dale smaze vsechna hesla ulozene na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Oprevit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows, takze muzete pouzit take

Muzete defragmentovat disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na Yahoo toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci


Az vsechno provedete, dejte jeste jeden log z RSIT a napiste, jak je na tom pc

Bohuzel mam dnes nabity program, takze kontrolu provedu az zitra

[raskar89]

All processes killed
========== SERVICES/DRIVERS ==========
Error: No service named 80387875 was found to stop!
Service\Driver key 80387875 not found.
Error: No service named 58594522 was found to stop!
Service\Driver key 58594522 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Home
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 58948608 bytes
->Flash cache emptied: 1035 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1518466 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 58,00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 11302011_220805

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[raskar89]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Home at 2011-11-30 22:24:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 160 GB (70%) free of 230 GB
Total RAM: 3071 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:24:23, on 30.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Home\Desktop\RSIT.exe
C:\Program Files\trend micro\Home.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IaNvSrv] C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA2527AB-DADD-4CBC-80C3-E5CF0392AF2D}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{DBB461A5-3A64-464D-9B14-96961794DF7A}: NameServer = 156.154.70.25,156.154.71.25
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

--
End of file - 6076 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\njqu423u.default

prefs.js - "browser.startup.homepage" - "http://news.google.cz/nwshp?client=fire ... =cs&tab=wn"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.9, {582195F5-92E7-40a0-A127-DB71295901D7}:0.6.4, {c50ca3c4-5656-43c2-a061-13e717f73fc8}:4.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2011-10-20 2497352]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-11-28 3744552]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-12-06 1029416]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2007-03-20 36864]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"IaNvSrv"=C:\Program Files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe [2009-07-13 33304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-10-06 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-11-13 421736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-11-20 1826816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_44276743.lnk]
C:\Users\Home\AppData\Local\Temp\_uninst_44276743.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_80387875.lnk]
C:\Users\Home\AppData\Local\Temp\_uninst_80387875.bat []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-09-05 113024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=serwvdrv.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-30 22:20:55 ----D---- C:\rsit
2011-11-30 22:19:21 ----D---- C:\Program Files\Defraggler
2011-11-30 18:02:22 ----A---- C:\Windows\system32\wininet.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\urlmon.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\url.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-11-30 18:02:22 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-11-30 18:02:22 ----A---- C:\Windows\system32\msrating.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\msls31.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\mshtmler.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\msfeedssync.exe
2011-11-30 18:02:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\jsproxy.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ieui.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\iesysprep.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\iesetup.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\iertutil.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\iernonce.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ieframe.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ieapfltr.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ieapfltr.dat
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ieakeng.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\ie4uinit.exe
2011-11-30 18:02:22 ----A---- C:\Windows\system32\icardie.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\dxtrans.dll
2011-11-30 18:02:22 ----A---- C:\Windows\system32\dxtmsft.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\wextract.exe
2011-11-30 18:02:21 ----A---- C:\Windows\system32\webcheck.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\vbscript.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\pngfilt.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\occache.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\mshtml.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\mshta.exe
2011-11-30 18:02:21 ----A---- C:\Windows\system32\msfeeds.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\licmgr10.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\jscript9.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\jscript.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\inseng.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\imgutil.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\iexpress.exe
2011-11-30 18:02:21 ----A---- C:\Windows\system32\ieUnatt.exe
2011-11-30 18:02:21 ----A---- C:\Windows\system32\iepeers.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\iedkcs32.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\ieakui.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\ieaksie.dll
2011-11-30 18:02:21 ----A---- C:\Windows\system32\admparse.dll
2011-11-21 21:52:02 ----A---- C:\XoristDecryptor.2.2.16.0_21.11.2011_21.52.02_log.txt
2011-11-21 18:22:03 ----D---- C:\TDSSKiller_Quarantine
2011-11-20 19:45:37 ----D---- C:\Users\Home\AppData\Roaming\Day 1 Studios
2011-11-20 19:37:21 ----A---- C:\Windows\system32\d3dcompiler_43.dll
2011-11-20 19:34:53 ----A---- C:\Windows\system32\xinput1_3.dll
2011-11-19 21:52:18 ----A---- C:\Windows\system32\x3daudio1_5.dll
2011-11-17 13:23:35 ----D---- C:\Program Files\iPod
2011-11-17 13:23:27 ----D---- C:\Program Files\iTunes
2011-11-14 16:40:19 ----A---- C:\Windows\system32\CmdLineExt.dll
2011-11-14 15:41:38 ----D---- C:\ProgramData\Malwarebytes
2011-11-14 15:41:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-11-14 15:41:34 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-11-14 01:32:23 ----SHD---- C:\Windows\system32\%APPDATA%
2011-11-14 01:27:05 ----A---- C:\Windows\system32\shell32.dll
2011-11-13 22:51:56 ----D---- C:\ProgramData\Trymedia
2011-11-13 22:44:19 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-11-13 22:42:37 ----A---- C:\Windows\system32\dffsetup_d3dx9_27.exe
2011-11-13 21:18:22 ----D---- C:\Program Files\Sierra
2011-11-13 15:31:19 ----D---- C:\Users\Home\AppData\Roaming\HpUpdate
2011-11-12 23:56:45 ----SHD---- C:\Windows\ftpcache
2011-11-12 18:30:45 ----D---- C:\Program Files\Common Files\Java
2011-11-12 18:30:32 ----A---- C:\Windows\system32\javaws.exe
2011-11-12 18:30:32 ----A---- C:\Windows\system32\javaw.exe
2011-11-12 18:30:32 ----A---- C:\Windows\system32\java.exe
2011-11-12 18:28:34 ----D---- C:\Program Files\SystemRequirementsLab
2011-11-12 13:21:39 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-11-12 13:21:19 ----D---- C:\Program Files\DAEMON Tools Lite
2011-11-12 00:07:44 ----D---- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
2011-11-12 00:07:37 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-11-11 20:00:35 ----RASH---- C:\MSDOS.SYS
2011-11-11 20:00:35 ----RASH---- C:\IO.SYS
2011-11-09 18:26:33 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 18:26:31 ----A---- C:\Windows\system32\win32k.sys
2011-11-05 20:09:12 ----D---- C:\Program Files\uTorrent
2011-11-05 20:08:46 ----D---- C:\Users\Home\AppData\Roaming\uTorrent

======List of files/folders modified in the last 1 month======

2011-11-30 22:24:09 ----D---- C:\Windows\Temp
2011-11-30 22:24:09 ----D---- C:\Program Files\trend micro
2011-11-30 22:23:48 ----D---- C:\Windows\Panther
2011-11-30 22:23:48 ----D---- C:\Windows\inf
2011-11-30 22:23:47 ----D---- C:\Windows\Logs
2011-11-30 22:23:47 ----D---- C:\Windows
2011-11-30 22:22:18 ----D---- C:\Windows\Prefetch
2011-11-30 22:22:13 ----RD---- C:\Program Files
2011-11-30 22:20:20 ----D---- C:\Windows\system32\config
2011-11-30 22:17:20 ----A---- C:\Windows\system32\acovcnt.exe
2011-11-30 18:31:23 ----D---- C:\Windows\System32
2011-11-30 18:31:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-30 18:22:35 ----D---- C:\Windows\system32\drivers\etc
2011-11-30 18:22:24 ----D---- C:\Windows\system32\drivers
2011-11-30 18:18:53 ----D---- C:\Windows\winsxs
2011-11-30 18:17:09 ----D---- C:\Windows\system32\cs-CZ
2011-11-30 18:17:08 ----D---- C:\Program Files\Internet Explorer
2011-11-30 18:17:07 ----D---- C:\Windows\system32\migration
2011-11-30 18:17:07 ----D---- C:\Windows\PolicyDefinitions
2011-11-30 18:17:06 ----D---- C:\Windows\system32\en-US
2011-11-30 18:02:54 ----D---- C:\Windows\system32\catroot
2011-11-30 18:02:53 ----D---- C:\Windows\system32\catroot2
2011-11-30 18:00:56 ----SHD---- C:\System Volume Information
2011-11-29 23:01:14 ----A---- C:\Windows\win.ini
2011-11-29 23:00:55 ----D---- C:\Windows\twain_32
2011-11-28 19:01:23 ----A---- C:\Windows\system32\aswBoot.exe
2011-11-28 18:54:38 ----D---- C:\Users\Home\AppData\Roaming\vlc
2011-11-23 18:47:47 ----HD---- C:\ProgramData
2011-11-23 18:44:11 ----SHD---- C:\Windows\Installer
2011-11-23 18:44:11 ----SHD---- C:\Config.Msi
2011-11-23 18:44:10 ----D---- C:\Users\Home\AppData\Roaming\Apple Computer
2011-11-23 18:44:10 ----D---- C:\Program Files\Common Files\Apple
2011-11-23 17:35:19 ----D---- C:\Windows\pss
2011-11-20 17:30:32 ----D---- C:\Windows\system32\Tasks
2011-11-20 17:30:31 ----D---- C:\Windows\Tasks
2011-11-14 01:36:07 ----D---- C:\ProgramData\Microsoft Help
2011-11-14 01:36:05 ----RSD---- C:\Windows\assembly
2011-11-14 01:35:01 ----D---- C:\Program Files\Common Files\microsoft shared
2011-11-13 14:51:22 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-12 23:51:13 ----D---- C:\Program Files\Common Files\InstallShield
2011-11-12 18:30:45 ----D---- C:\Program Files\Common Files
2011-11-12 18:30:13 ----D---- C:\Program Files\Java
2011-11-12 13:21:53 ----D---- C:\Windows\system32\DriverStore
2011-11-12 00:30:44 ----D---- C:\Windows\debug
2011-11-11 21:02:39 ----D---- C:\Program Files\SUPERAntiSpyware
2011-11-10 10:34:01 ----D---- C:\Program Files\Common Files\System
2011-11-09 19:38:39 ----A---- C:\Windows\system32\MRT.exe
2011-11-09 19:33:37 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaNvStor;Intel(R) Turbo Memory Controller; C:\Windows\system32\DRIVERS\iaNvStor.sys [2009-07-01 232472]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2007-04-12 48000]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2011-10-07 488208]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2011-10-07 39640]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-12 239168]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2011-10-07 82400]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-09-05 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-09-05 67664]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-15 2047576]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-06-20 49664]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-12-06 196400]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-09-05 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-02 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2011-10-07 1883328]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 211488]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 821608]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-01-08 1343400]

-----------------EOF-----------------

[Márty84]

Jeste jedna vec.

1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi, pripadne kliknete na plochu pravym mysidlem a zvolte Novy - Textovy dokument)
2) Zkopirujte do nej ten zeleny text
3) Vlevo nahore kliknete na napis Soubor
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) No a na to, co jste prave ulozil, pak 2x kliknete, ono se to spusti a pak to jen potvrdte

Kód: Vybrat vše

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_44276743.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Home^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_80387875.lnk]

Jak je na tom pocitac?

[raskar89]

pocitac je v pohode, zadne znatelne zmeny nejsou. Spise mne slo o to, jestli nezustaly nejake zbytky po odstraneni toho predchoziho viru v pc. I online aktivita je v pohode (odesilani dat v dobe necinnosti)

[Márty84]

Spise mne slo o to, jestli nezustaly nejake zbytky po odstraneni toho predchoziho viru v pc

No proto jsme ho projeli tolika skenery Zadna havet tam neni, alespon aktivni, logy jsou ciste. Zbavili jsme se nekolika zbytecnosti a trochu uklidili. Jeste muzete udelat uplnou kontrolu s MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=115222 , abychom vedeli, jestli tam nekde neco nespi, co nejde videt v logu.
Pokud to udelate, dejte vysledky sem, nic nemazte. MBAM miva obcas falesny poplach