v poslednom case mi pocitac hocikedy tak na 30s zamrzne a mam pocit, ze mu aj dlhsie trva kym sa zapne. rozmyslal som ci nejde o virus. tak vam tu hodim log.prosim skontrolujte ho niekto. dakujem
Logfile of random's system information tool 1.09 (written by random/random)
Run by David at 2012-01-04 09:01:31
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 51 GB (63%) free of 80 GB
Total RAM: 1791 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:01:52, on 4. 1. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\RALINK\Common\RaUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Opera\opera.exe
C:\Users\David\Desktop\RSIT.exe
C:\Program Files\trend micro\David.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe
O23 - Service: STI Simulator - Unknown owner - C:\Windows\System32\PAStiSvc.exe
--
End of file - 6367 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\tasks\SymInstallStub.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-12-26 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-12-26 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-04-21 281768]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-12-05 2216960]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-12-05 2216960]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-12-05 3318784]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-09 343168]
"4StoryPrePatch"=C:\Program Files\Gameforge4D\4Story_CZ\PrePatch.exe [2012-01-01 327680]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-12-05 3318784]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Ralink Wireless Utility.lnk - C:\Program Files\RALINK\Common\RaUI.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-01-04 08:54:58 ----D---- C:\rsit
2012-01-04 08:54:58 ----D---- C:\Program Files\trend micro
2012-01-03 08:26:05 ----D---- C:\Program Files\OCCTPT
2012-01-03 08:26:05 ----A---- C:\Windows\system32\XAudio2_7.dll
2012-01-03 08:26:05 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\XAudio2_6.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\xactengine3_7.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\xactengine3_6.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\D3DX9_43.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\d3dx11_43.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\d3dx10_43.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\d3dcsx_43.dll
2012-01-03 08:26:04 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\XAudio2_5.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\xactengine3_5.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\D3DX9_42.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\d3dx11_42.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\d3dx10_42.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\d3dx10_41.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\d3dcsx_42.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2012-01-03 08:26:03 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\XAudio2_4.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\xactengine3_4.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\D3DX9_41.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-01-03 08:26:02 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-01-03 08:26:01 ----A---- C:\Windows\system32\XAudio2_3.dll
2012-01-03 08:26:01 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2012-01-03 08:26:01 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-01-03 08:26:00 ----A---- C:\Windows\system32\XAudio2_2.dll
2012-01-03 08:26:00 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2012-01-03 08:26:00 ----A---- C:\Windows\system32\xactengine3_3.dll
2012-01-03 08:26:00 ----A---- C:\Windows\system32\xactengine3_2.dll
2012-01-03 08:26:00 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\XAudio2_1.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\xactengine3_1.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\D3DX9_39.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\D3DX9_38.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\d3dx10_39.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\d3dx10_38.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2012-01-03 08:25:59 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\XAudio2_0.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\xactengine3_0.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\D3DX9_37.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\d3dx10_37.dll
2012-01-03 08:25:58 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\xactengine2_9.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\d3dx9_36.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\d3dx9_35.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\d3dx10_35.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2012-01-03 08:25:57 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\xinput1_3.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\xactengine2_8.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\xactengine2_7.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\d3dx9_34.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\d3dx9_33.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\d3dx10_34.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\d3dx10_33.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2012-01-03 08:25:56 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\xactengine2_6.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\xactengine2_5.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\xactengine2_3.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\d3dx9_31.dll
2012-01-03 08:25:55 ----A---- C:\Windows\system32\d3dx10.dll
2012-01-03 08:25:54 ----A---- C:\Windows\system32\xinput1_2.dll
2012-01-03 08:25:54 ----A---- C:\Windows\system32\xinput1_1.dll
2012-01-03 08:25:54 ----A---- C:\Windows\system32\xactengine2_2.dll
2012-01-03 08:25:54 ----A---- C:\Windows\system32\xactengine2_1.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\xactengine2_0.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\x3daudio1_0.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\d3dx9_30.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\d3dx9_29.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\d3dx9_28.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2012-01-03 08:25:52 ----A---- C:\Windows\system32\d3dx9_26.dll
2012-01-03 08:25:51 ----A---- C:\Windows\system32\d3dx9_25.dll
2012-01-03 08:25:51 ----A---- C:\Windows\system32\d3dx9_24.dll
2012-01-03 08:21:38 ----D---- C:\Windows\system32\directx
2012-01-02 14:32:01 ----D---- C:\Program Files\CPUID
2012-01-02 14:32:01 ----A---- C:\Windows\system32\drivers\cpuz135_x32.sys
2012-01-01 16:54:08 ----D---- C:\Program Files\Gameforge4D
2011-12-30 15:57:56 ----D---- C:\ProgramData\ATI
2011-12-30 15:57:54 ----D---- C:\Program Files\AMD APP
2011-12-29 12:02:12 ----D---- C:\Program Files\GRETECH
2011-12-26 15:15:23 ----D---- C:\ProgramData\Sun
2011-12-26 15:15:23 ----D---- C:\Program Files\Common Files\Java
2011-12-26 15:15:12 ----A---- C:\Windows\system32\javaws.exe
2011-12-26 15:15:12 ----A---- C:\Windows\system32\javaw.exe
2011-12-26 15:15:12 ----A---- C:\Windows\system32\java.exe
2011-12-26 15:15:12 ----A---- C:\Windows\system32\deployJava1.dll
2011-12-26 15:15:00 ----D---- C:\Program Files\Java
2011-12-20 20:37:18 ----D---- C:\Users\David\AppData\Roaming\Mumble
2011-12-20 20:36:58 ----D---- C:\Program Files\Mumble
2011-12-15 17:29:54 ----A---- C:\Windows\system32\mshtmled.dll
2011-12-15 17:29:53 ----A---- C:\Windows\system32\jsproxy.dll
2011-12-15 17:29:53 ----A---- C:\Windows\system32\jscript9.dll
2011-12-15 17:29:53 ----A---- C:\Windows\system32\jscript.dll
2011-12-15 17:29:53 ----A---- C:\Windows\system32\iertutil.dll
2011-12-15 17:29:52 ----A---- C:\Windows\system32\wininet.dll
2011-12-15 17:29:52 ----A---- C:\Windows\system32\url.dll
2011-12-15 17:29:52 ----A---- C:\Windows\system32\ieui.dll
2011-12-15 17:29:51 ----A---- C:\Windows\system32\urlmon.dll
2011-12-15 17:29:51 ----A---- C:\Windows\system32\mshtml.dll
2011-12-15 17:29:50 ----A---- C:\Windows\system32\ieframe.dll
2011-12-15 14:05:19 ----A---- C:\Windows\system32\win32k.sys
2011-12-15 14:05:16 ----A---- C:\Windows\system32\tzres.dll
2011-12-15 14:05:08 ----A---- C:\Windows\system32\EncDec.dll
2011-12-15 14:05:07 ----A---- C:\Windows\system32\csrsrv.dll
2011-12-15 14:05:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-12-15 14:05:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-12-05 19:43:11 ----D---- C:\ProgramData\Spyware Terminator
2011-12-05 19:43:11 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2011-12-05 19:43:10 ----D---- C:\Users\David\AppData\Roaming\Spyware Terminator
======List of files/folders modified in the last 1 month======
2012-01-04 09:01:34 ----D---- C:\Windows\Temp
2012-01-04 08:54:58 ----RD---- C:\Program Files
2012-01-04 08:54:16 ----D---- C:\Windows\system32\config
2012-01-04 08:50:15 ----D---- C:\Windows\Tasks
2012-01-04 08:50:09 ----D---- C:\Windows
2012-01-04 08:50:09 ----A---- C:\Windows\KMSEmulator.exe
2012-01-03 19:36:19 ----D---- C:\Windows\system32\drivers
2012-01-03 09:40:03 ----SHD---- C:\System Volume Information
2012-01-03 08:41:22 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2012-01-03 08:26:05 ----D---- C:\Windows\System32
2012-01-03 08:25:54 ----RSD---- C:\Windows\assembly
2012-01-03 08:25:49 ----D---- C:\Windows\Microsoft.NET
2012-01-03 08:21:38 ----D---- C:\Windows\Logs
2012-01-03 07:09:58 ----D---- C:\Windows\system32\catroot2
2011-12-31 18:05:10 ----D---- C:\Windows\Prefetch
2011-12-30 23:45:38 ----D---- C:\Windows\system32\catroot
2011-12-30 15:57:56 ----HD---- C:\ProgramData
2011-12-30 15:57:55 ----SHD---- C:\Windows\Installer
2011-12-30 15:57:40 ----D---- C:\Program Files\ATI Technologies
2011-12-30 15:57:06 ----SHD---- C:\$Recycle.Bin
2011-12-30 15:56:37 ----D---- C:\Windows\system32\DriverStore
2011-12-30 15:56:37 ----D---- C:\Windows\inf
2011-12-26 23:36:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-26 16:07:00 ----D---- C:\Windows\rescache
2011-12-26 15:15:23 ----D---- C:\Program Files\Common Files
2011-12-15 18:12:39 ----D---- C:\Windows\winsxs
2011-12-15 18:11:14 ----D---- C:\Windows\system32\sk-SK
2011-12-15 18:11:14 ----D---- C:\Windows\system32\migration
2011-12-15 18:11:14 ----D---- C:\Program Files\Internet Explorer
2011-12-15 17:31:26 ----D---- C:\ProgramData\Microsoft Help
2011-12-15 17:30:11 ----A---- C:\Windows\system32\MRT.exe
2011-12-12 17:34:55 ----D---- C:\Program Files\Opera
2011-12-12 15:45:46 ----D---- C:\Users\David\AppData\Roaming\vlc
2011-12-05 19:45:01 ----D---- C:\Program Files\Spyware Terminator
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-08-10 138192]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-12 232512]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-12-05 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\Windows\system32\DRIVERS\AegisP.sys [2011-08-10 21275]
R2 AODDriver4.01;AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [2011-06-24 39424]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2011-08-10 66616]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-11-10 263680]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-10-17 85520]
R3 PAC207;VideoCAM GF112; C:\Windows\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
R3 rt61x86;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr61.sys [2010-04-07 376160]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-11-10 8913920]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 15872]
S3 RT61;Ralink RT61 Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2006-05-04 380928]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-11-09 291840]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-08-10 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 KMService;KMService; C:\Windows\system32\srvany.exe [2003-04-18 8192]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-12-05 496128]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-11-22 482992]
R2 STI Simulator;STI Simulator; C:\Windows\System32\PAStiSvc.exe [2005-01-14 53248]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-12 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim a pekny den preji 
Mate legalni system = zakoupena licence na verzi Ultimate 
Mate legalni system = zakoupena licence na verzi Ultimate "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
zdravim. ano win mam legalny. uz to je asi OK. dnes som to vycistil CCleanerom (odstranilo asi 5GB) potom som defragmentoval disk (nerobil som to asi rok) a PC zatial ani raz nesekol vdaka za prezretie
vdaka za prezretieRe: Prosím o kontrolu
A Microsoft Office jste si tez koupil
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
nie office som nekupil. moze to byt nim? ked ano tak ho vymazem len som chcel na skusku 2010 ale ide v pohode tak neviem ci to je tym.
Re: Prosím o kontrolu
Odistalujte nelegalni Office - pravidla fora hovori jasne Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org
Verzia databázy: v2012.01.05.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
David :: DAVID-PC [administrátor]
5. 1. 2012 15:19:43
mbam-log-2012-01-05 (15-47-49).txt
Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 249792
Uplynutý čas: 23 min, 45 sek
Detegované služby pamäte: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 364 -> Žiadna úloha nevykonaná.
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 2
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
(koniec)
www.malwarebytes.org
Verzia databázy: v2012.01.05.02
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
David :: DAVID-PC [administrátor]
5. 1. 2012 15:19:43
mbam-log-2012-01-05 (15-47-49).txt
Typ kontroly: Úplná kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 249792
Uplynutý čas: 23 min, 45 sek
Detegované služby pamäte: 1
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> 364 -> Žiadna úloha nevykonaná.
Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)
Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)
Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)
Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)
Detegované priečinky: 0
(Škodlivé položky neboli zistené)
Detegované súbory: 2
C:\Windows\KMService.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Žiadna úloha nevykonaná.
(koniec)
Re: Prosím o kontrolu
Nalezy MBAMu smazte Stahnete OTL (viz muj podpis) a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c type c:\boot.ini >> test.txt /c %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
asi po 10 minutach mi vypisalo toto
Re: Prosím o kontrolu
Jopa, vim o co jde, je to bug OTL...Pouzijte tento (upraveny) skript, jinak postup stejny
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
OTL logfile created on: 5. 1. 2012 17:52:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\David\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,00% Memory free
3,50 Gb Paging File | 2,20 Gb Available in Paging File | 62,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 54,86 Gb Free Space | 70,31% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 370,82 Gb Free Space | 95,66% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 15:58:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2012/01/04 12:47:59 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/12/09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/12/05 19:43:11 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2011/11/10 04:11:50 | 000,417,792 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/10 09:49:59 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/21 06:54:05 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/04/21 06:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 06:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2006/05/16 10:22:58 | 000,614,400 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () -- C:\Windows\System32\PAStiSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 15:56:18 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/01/05 15:56:18 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/01/04 11:17:06 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/01/04 11:17:06 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/12 18:51:15 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/09 22:10:38 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/09 22:07:50 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011/10/16 15:28:09 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\273292e88c7b60ecbae9d85e94cd097e\WindowsFormsIntegration.ni.dll
MOD - [2011/10/14 11:58:03 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/10/14 11:55:13 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/14 11:55:08 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/14 11:54:56 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MOD - [2011/10/14 11:54:55 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/14 11:54:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 11:54:41 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 11:54:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/10/14 11:54:22 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/10/14 11:54:16 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 11:54:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 11:54:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 11:54:04 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 11:53:59 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/03/30 15:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/12/05 19:43:11 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011/08/12 11:49:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/10 09:49:59 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/21 06:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PAStiSvc.exe -- (STI Simulator)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
========== Driver Services (SafeList) ==========
DRV - [2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/12/05 19:43:11 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011/11/10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/11/10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/11/10 03:12:20 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/10/17 18:40:44 | 000,085,520 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/08/10 09:50:00 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/10 09:50:00 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/24 06:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2010/12/07 13:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 13:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 13:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 13:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/07 11:16:16 | 000,376,160 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2010/02/18 08:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2006/05/04 18:02:58 | 000,380,928 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
DRV - [2005/04/08 09:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc027.sys -- (PAC207)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 43 D9 E6 25 57 CC 01 [binary data]
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslať do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.10 20.20.20.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D300E28-FB5D-48C6-984F-D0B4DA681B0E}: DhcpNameServer = 10.10.10.10 20.20.20.20
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell - "" = AutoRun
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/01/05 15:57:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/01/05 15:16:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012/01/05 15:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/05 15:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/05 15:15:56 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/05 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/05 15:14:11 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/04 11:17:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
[2012/01/04 11:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/01/04 11:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/01/04 11:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/01/04 11:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/01/04 11:14:15 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/01/04 11:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012/01/04 11:12:07 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 11:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012/01/04 11:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/01/04 10:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012/01/04 10:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012/01/04 09:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/04 09:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/04 09:21:33 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google
[2012/01/04 09:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/01/04 08:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/04 08:54:58 | 000,000,000 | ---D | C] -- C:\rsit
[2012/01/03 08:41:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\OCCT
[2012/01/03 08:26:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012/01/03 08:26:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012/01/03 08:26:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012/01/03 08:26:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012/01/03 08:26:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012/01/03 08:26:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012/01/03 08:26:04 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012/01/03 08:26:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012/01/03 08:26:04 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012/01/03 08:26:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012/01/03 08:26:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012/01/03 08:26:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012/01/03 08:26:03 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012/01/03 08:26:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012/01/03 08:26:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012/01/03 08:26:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012/01/03 08:26:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012/01/03 08:26:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012/01/03 08:26:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012/01/03 08:26:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012/01/03 08:26:03 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012/01/03 08:26:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012/01/03 08:26:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012/01/03 08:26:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012/01/03 08:26:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012/01/03 08:26:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012/01/03 08:26:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012/01/03 08:26:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012/01/03 08:26:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012/01/03 08:26:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012/01/03 08:26:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012/01/03 08:26:00 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012/01/03 08:26:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012/01/03 08:26:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012/01/03 08:26:00 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012/01/03 08:26:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012/01/03 08:25:59 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012/01/03 08:25:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012/01/03 08:25:59 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012/01/03 08:25:59 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012/01/03 08:25:59 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012/01/03 08:25:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012/01/03 08:25:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012/01/03 08:25:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012/01/03 08:25:59 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012/01/03 08:25:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012/01/03 08:25:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012/01/03 08:25:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012/01/03 08:25:58 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012/01/03 08:25:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012/01/03 08:25:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012/01/03 08:25:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012/01/03 08:25:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012/01/03 08:25:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012/01/03 08:25:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012/01/03 08:25:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012/01/03 08:25:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012/01/03 08:25:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012/01/03 08:25:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012/01/03 08:25:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012/01/03 08:25:56 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012/01/03 08:25:56 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012/01/03 08:25:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012/01/03 08:25:56 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012/01/03 08:25:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012/01/03 08:25:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012/01/03 08:25:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012/01/03 08:25:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012/01/03 08:25:56 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012/01/03 08:25:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012/01/03 08:25:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012/01/03 08:25:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012/01/03 08:25:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012/01/03 08:25:55 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012/01/03 08:25:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012/01/03 08:25:55 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012/01/03 08:25:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012/01/03 08:25:55 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012/01/03 08:25:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012/01/03 08:25:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012/01/03 08:25:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012/01/03 08:25:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012/01/03 08:25:52 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012/01/03 08:25:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012/01/03 08:25:52 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012/01/03 08:25:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012/01/03 08:25:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012/01/03 08:25:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012/01/03 08:25:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012/01/03 08:25:51 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012/01/03 08:25:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012/01/03 08:21:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012/01/02 14:32:01 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2012/01/02 14:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012/01/02 14:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012/01/01 16:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story_CZ
[2012/01/01 16:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge4D
[2011/12/30 15:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/12/30 15:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011/12/30 15:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
========== Files - Modified Within 7 Days ==========
[2012/01/05 17:54:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 15:58:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012/01/05 15:56:10 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2012/01/05 15:55:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/05 15:55:51 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 15:15:58 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/05 15:15:15 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/05 14:56:19 | 004,921,344 | ---- | M] () -- C:\Users\David\Desktop\Coldplay - Clocks.mp3
[2012/01/05 14:49:41 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/05 14:49:41 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/01/04 11:04:24 | 000,001,915 | ---- | M] () -- C:\Users\David\Desktop\Update Checker.lnk
[2012/01/04 10:45:18 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/01/04 09:23:35 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/04 08:54:07 | 000,781,383 | ---- | M] () -- C:\Users\David\Desktop\RSIT.exe
[2012/01/02 14:32:02 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/01/01 16:56:00 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\4Story.lnk
[2011/12/30 23:40:24 | 000,000,322 | ---- | M] () -- C:\Users\David\Desktop\MusicJet.appref-ms
========== Files Created - No Company Name ==========
[2012/01/05 16:01:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/05 15:56:10 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012/01/05 15:15:58 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/05 14:55:26 | 004,921,344 | ---- | C] () -- C:\Users\David\Desktop\Coldplay - Clocks.mp3
[2012/01/04 12:48:00 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012/01/04 11:04:24 | 000,001,945 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/01/04 11:04:24 | 000,001,915 | ---- | C] () -- C:\Users\David\Desktop\Update Checker.lnk
[2012/01/04 10:45:18 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/01/04 09:23:35 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/04 08:54:06 | 000,781,383 | ---- | C] () -- C:\Users\David\Desktop\RSIT.exe
[2012/01/02 14:32:02 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/01/01 16:56:00 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\4Story.lnk
[2011/12/05 19:43:11 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011/11/10 03:28:32 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2011/11/10 03:28:32 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/10/21 20:30:14 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/25 10:12:20 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2011/09/25 10:12:20 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/08/12 11:44:35 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2011/08/12 09:00:02 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/08/12 08:58:44 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/08/11 09:40:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/08/11 09:40:58 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/08/10 07:39:33 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PAStiSvc.exe
[2011/08/10 07:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/10 07:11:24 | 000,315,392 | ---- | C] () -- C:\Windows\System32\AegisI5.exe
[2011/08/10 07:11:24 | 000,295,028 | ---- | C] () -- C:\Windows\System32\Install6x.dll
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2661.bin
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2561s.bin
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2561.bin
[2011/06/10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,495,944 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,651,450 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,120,382 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/04/08 09:46:18 | 000,162,176 | ---- | C] () -- C:\Windows\System32\drivers\pfc027.sys
[2005/01/25 14:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\PA207Usd.dll
[1993/07/23 18:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
========== LOP Check ==========
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2012/01/04 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mumble
[2012/01/04 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2012/01/04 11:12:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2011/09/14 15:05:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Zoner
[2011/10/08 11:24:56 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Spyware Terminator
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011/12/06 07:06:01 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/02 17:35:00 | 000,000,624 | ---- | M] () -- C:\Windows\Tasks\SymInstallStub.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/08/10 08:05:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe
[2011/08/10 07:39:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ATI
[2011/08/10 07:43:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Avira
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2011/08/10 07:08:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Identities
[2011/08/10 07:49:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Macromedia
[2012/01/05 15:16:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2009/07/14 08:50:20 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2012/01/03 08:41:22 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Microsoft
[2012/01/04 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mumble
[2011/08/11 18:32:42 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\NCH Software
[2012/01/04 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2011/09/13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PSpad
[2012/01/04 11:12:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 11:17:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2011/12/12 15:45:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\vlc
[2011/08/11 10:47:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\WinRAR
[2011/09/14 15:05:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2007/11/27 07:41:32 | 000,405,504 | ---- | M] () -- C:\Users\David\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/10 04:12:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %systemroot%\Tasks\*.job >
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011/09/02 17:35:00 | 000,000,624 | ---- | M] () -- C:\Windows\Tasks\SymInstallStub.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/10 04:12:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %systemroot%\system32\drivers\*.sys /3 >
[2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\system32\drivers\dtsoftbus01.sys
< %systemroot%\system32\*.* /3 >
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 14:49:41 | 000,120,382 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/01/05 14:49:41 | 000,651,450 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/01/05 14:49:41 | 000,778,150 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2011/12/09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com)
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/05 17:54:00 | 000,000,512 | ---- | M] () MD5=0089C18C5D9F567EEE77F644883103B1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2011/08/10 09:49:59 | 000,034,664 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloader.dll
[2011/08/10 09:49:59 | 000,343,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloadergui.dll
[2011/08/10 09:49:59 | 000,214,184 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2009/10/22 00:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009/10/22 00:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/01/01 17:10:33 | 000,032,768 | ---- | M] () -- \Program Files\Gameforge4D\4Story_CZ\TLoader.exe
[2012/01/04 14:06:48 | 000,002,977 | ---- | M] () -- \Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D808KEE1\canvas-loader-bright[1].gif
[2012/01/04 14:06:47 | 000,002,977 | ---- | M] () -- \Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D808KEE1\canvas-loader[1].gif
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/15 12:32:40 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 08:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 08:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 08:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/09/02 09:45:24 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/09/02 09:45:24 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/09/02 09:45:24 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 08:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\David\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,00% Memory free
3,50 Gb Paging File | 2,20 Gb Available in Paging File | 62,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 54,86 Gb Free Space | 70,31% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 370,82 Gb Free Space | 95,66% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Processes (SafeList) ==========
PRC - [2012/01/05 15:58:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
PRC - [2012/01/04 12:47:59 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/12/09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/12/05 19:43:11 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2011/11/10 04:11:50 | 000,417,792 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
PRC - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/10 09:49:59 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/06/24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/04/21 06:54:05 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011/04/21 06:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/21 06:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2006/05/16 10:22:58 | 000,614,400 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\RALINK\Common\RaUI.exe
PRC - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () -- C:\Windows\System32\PAStiSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/05 15:56:18 | 000,063,488 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/01/05 15:56:18 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/01/04 11:17:06 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/01/04 11:17:06 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/11/12 18:51:15 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/11/09 22:10:38 | 000,369,152 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2011/11/09 22:07:50 | 000,095,232 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
MOD - [2011/10/16 15:28:09 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\273292e88c7b60ecbae9d85e94cd097e\WindowsFormsIntegration.ni.dll
MOD - [2011/10/14 11:58:03 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dd56ffc9d534de278c79420dcce058a4\System.Core.ni.dll
MOD - [2011/10/14 11:55:13 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll
MOD - [2011/10/14 11:55:08 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll
MOD - [2011/10/14 11:54:56 | 000,060,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\bb1d36ae26e7cadf563061596682e747\UIAutomationProvider.ni.dll
MOD - [2011/10/14 11:54:55 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll
MOD - [2011/10/14 11:54:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/14 11:54:41 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/14 11:54:28 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/10/14 11:54:22 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/10/14 11:54:16 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/14 11:54:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/14 11:54:09 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/14 11:54:04 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/14 11:53:59 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2008/03/30 15:22:42 | 000,070,144 | ---- | M] () -- C:\Program Files\PSPad editor\PSPadShell.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/12/05 19:43:11 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011/11/10 04:11:20 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/11/09 22:07:44 | 000,291,840 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011/08/12 11:49:46 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/08/12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/10 09:49:59 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/21 06:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/01/21 16:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2005/01/14 08:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PAStiSvc.exe -- (STI Simulator)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
========== Driver Services (SafeList) ==========
DRV - [2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/12/05 19:43:11 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011/11/10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/11/10 04:44:12 | 008,913,920 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/11/10 03:12:20 | 000,263,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/10/17 18:40:44 | 000,085,520 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2011/08/10 09:50:00 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/10 09:50:00 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/06/24 06:25:26 | 000,039,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\aoddriver2.sys -- (AODDriver4.01)
DRV - [2010/12/07 13:23:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2010/12/07 13:23:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2010/12/07 13:23:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2010/12/07 13:22:58 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 11:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/07 11:16:16 | 000,376,160 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2010/02/18 08:18:22 | 000,037,944 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\amdiox86.sys -- (amdiox86)
DRV - [2006/05/04 18:02:58 | 000,380,928 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt61.sys -- (RT61)
DRV - [2005/04/08 09:46:18 | 000,162,176 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc027.sys -- (PAC207)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 43 D9 E6 25 57 CC 01 [binary data]
IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslať do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.10.10 20.20.20.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D300E28-FB5D-48C6-984F-D0B4DA681B0E}: DhcpNameServer = 10.10.10.10 20.20.20.20
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell - "" = AutoRun
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 7 Days ==========
[2012/01/05 15:57:59 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/01/05 15:16:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2012/01/05 15:15:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/05 15:15:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/01/05 15:15:56 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/01/05 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/05 15:14:11 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/04 11:17:01 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
[2012/01/04 11:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/01/04 11:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/01/04 11:16:25 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/01/04 11:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012/01/04 11:14:15 | 000,239,168 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/01/04 11:14:11 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012/01/04 11:12:07 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 11:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012/01/04 11:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/01/04 10:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012/01/04 10:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012/01/04 09:23:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/04 09:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/04 09:21:33 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\Google
[2012/01/04 09:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/01/04 08:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012/01/04 08:54:58 | 000,000,000 | ---D | C] -- C:\rsit
[2012/01/03 08:41:21 | 000,000,000 | ---D | C] -- C:\Users\David\AppData\Local\OCCT
[2012/01/03 08:26:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2012/01/03 08:26:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2012/01/03 08:26:04 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012/01/03 08:26:04 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012/01/03 08:26:04 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012/01/03 08:26:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2012/01/03 08:26:04 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012/01/03 08:26:04 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012/01/03 08:26:04 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2012/01/03 08:26:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2012/01/03 08:26:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2012/01/03 08:26:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2012/01/03 08:26:03 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2012/01/03 08:26:03 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2012/01/03 08:26:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2012/01/03 08:26:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2012/01/03 08:26:03 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2012/01/03 08:26:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2012/01/03 08:26:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2012/01/03 08:26:03 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2012/01/03 08:26:03 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2012/01/03 08:26:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2012/01/03 08:26:02 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2012/01/03 08:26:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2012/01/03 08:26:02 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012/01/03 08:26:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2012/01/03 08:26:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2012/01/03 08:26:02 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2012/01/03 08:26:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2012/01/03 08:26:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2012/01/03 08:26:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2012/01/03 08:26:00 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2012/01/03 08:26:00 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2012/01/03 08:26:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2012/01/03 08:26:00 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2012/01/03 08:26:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2012/01/03 08:25:59 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2012/01/03 08:25:59 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2012/01/03 08:25:59 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2012/01/03 08:25:59 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2012/01/03 08:25:59 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2012/01/03 08:25:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2012/01/03 08:25:59 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2012/01/03 08:25:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2012/01/03 08:25:59 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2012/01/03 08:25:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2012/01/03 08:25:58 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2012/01/03 08:25:58 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2012/01/03 08:25:58 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2012/01/03 08:25:58 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2012/01/03 08:25:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2012/01/03 08:25:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2012/01/03 08:25:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2012/01/03 08:25:57 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2012/01/03 08:25:57 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2012/01/03 08:25:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2012/01/03 08:25:57 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2012/01/03 08:25:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2012/01/03 08:25:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2012/01/03 08:25:57 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2012/01/03 08:25:56 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2012/01/03 08:25:56 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2012/01/03 08:25:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2012/01/03 08:25:56 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2012/01/03 08:25:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2012/01/03 08:25:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2012/01/03 08:25:56 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2012/01/03 08:25:56 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2012/01/03 08:25:56 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2012/01/03 08:25:56 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2012/01/03 08:25:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2012/01/03 08:25:55 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2012/01/03 08:25:55 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2012/01/03 08:25:55 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2012/01/03 08:25:55 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2012/01/03 08:25:55 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2012/01/03 08:25:55 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2012/01/03 08:25:55 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2012/01/03 08:25:54 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2012/01/03 08:25:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2012/01/03 08:25:54 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2012/01/03 08:25:54 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2012/01/03 08:25:52 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2012/01/03 08:25:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2012/01/03 08:25:52 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2012/01/03 08:25:52 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2012/01/03 08:25:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2012/01/03 08:25:52 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2012/01/03 08:25:52 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2012/01/03 08:25:51 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2012/01/03 08:25:51 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2012/01/03 08:21:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2012/01/02 14:32:01 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2012/01/02 14:32:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2012/01/02 14:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2012/01/01 16:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4Story_CZ
[2012/01/01 16:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Gameforge4D
[2011/12/30 15:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/12/30 15:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011/12/30 15:57:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
========== Files - Modified Within 7 Days ==========
[2012/01/05 17:54:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 15:58:00 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\David\Desktop\OTL.exe
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job
[2012/01/05 15:56:10 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe
[2012/01/05 15:55:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/05 15:55:51 | 1408,638,976 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/05 15:15:58 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/05 15:15:15 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\David\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/05 14:56:19 | 004,921,344 | ---- | M] () -- C:\Users\David\Desktop\Coldplay - Clocks.mp3
[2012/01/05 14:49:41 | 000,651,450 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/05 14:49:41 | 000,120,382 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012/01/04 11:04:24 | 000,001,915 | ---- | M] () -- C:\Users\David\Desktop\Update Checker.lnk
[2012/01/04 10:45:18 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/01/04 09:23:35 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/04 08:54:07 | 000,781,383 | ---- | M] () -- C:\Users\David\Desktop\RSIT.exe
[2012/01/02 14:32:02 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/01/01 16:56:00 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\4Story.lnk
[2011/12/30 23:40:24 | 000,000,322 | ---- | M] () -- C:\Users\David\Desktop\MusicJet.appref-ms
========== Files Created - No Company Name ==========
[2012/01/05 16:01:48 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012/01/05 15:56:10 | 000,078,848 | ---- | C] () -- C:\Windows\KMSEmulator.exe
[2012/01/05 15:15:58 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/05 14:55:26 | 004,921,344 | ---- | C] () -- C:\Users\David\Desktop\Coldplay - Clocks.mp3
[2012/01/04 12:48:00 | 000,001,787 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012/01/04 11:04:24 | 000,001,945 | ---- | C] () -- C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/01/04 11:04:24 | 000,001,915 | ---- | C] () -- C:\Users\David\Desktop\Update Checker.lnk
[2012/01/04 10:45:18 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012/01/04 09:23:35 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/04 08:54:06 | 000,781,383 | ---- | C] () -- C:\Users\David\Desktop\RSIT.exe
[2012/01/02 14:32:02 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2012/01/01 16:56:00 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\4Story.lnk
[2011/12/05 19:43:11 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
[2011/11/10 03:28:32 | 000,204,960 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2011/11/10 03:28:32 | 000,157,152 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011/10/21 20:30:14 | 000,243,168 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011/09/25 10:12:20 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe
[2011/09/25 10:12:20 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/08/12 11:44:35 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
[2011/08/12 09:00:02 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/08/12 08:58:44 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/08/11 09:40:58 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011/08/11 09:40:58 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011/08/10 07:39:33 | 000,053,248 | ---- | C] () -- C:\Windows\System32\PAStiSvc.exe
[2011/08/10 07:39:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/08/10 07:11:24 | 000,315,392 | ---- | C] () -- C:\Windows\System32\AegisI5.exe
[2011/08/10 07:11:24 | 000,295,028 | ---- | C] () -- C:\Windows\System32\Install6x.dll
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2661.bin
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2561s.bin
[2011/08/10 07:11:24 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\RT2561.bin
[2011/06/10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,495,944 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,651,450 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,120,382 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/04/08 09:46:18 | 000,162,176 | ---- | C] () -- C:\Windows\System32\drivers\pfc027.sys
[2005/01/25 14:15:42 | 000,010,240 | ---- | C] () -- C:\Windows\System32\PA207Usd.dll
[1993/07/23 18:31:02 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
========== LOP Check ==========
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2012/01/04 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mumble
[2012/01/04 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2012/01/04 11:12:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2011/09/14 15:05:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Zoner
[2011/10/08 11:24:56 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Spyware Terminator
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011/12/06 07:06:01 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/02 17:35:00 | 000,000,624 | ---- | M] () -- C:\Windows\Tasks\SymInstallStub.job
========== Purity Check ==========
========== Custom Scans ==========
< >
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/21 06:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2011/09/29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\System32\drivers\tcpip.sys
[2011/09/29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2011/06/21 06:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2011/06/21 06:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/21 07:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2011/12/24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011/08/10 08:05:13 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Adobe
[2011/08/10 07:39:41 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\ATI
[2011/08/10 07:43:26 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Avira
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
[2011/08/10 07:08:21 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Identities
[2011/08/10 07:49:58 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Macromedia
[2012/01/05 15:16:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Malwarebytes
[2009/07/14 08:50:20 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Media Center Programs
[2012/01/03 08:41:22 | 000,000,000 | --SD | M] -- C:\Users\David\AppData\Roaming\Microsoft
[2012/01/04 20:22:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Mumble
[2011/08/11 18:32:42 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\NCH Software
[2012/01/04 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Opera
[2011/09/13 14:57:36 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\PSpad
[2012/01/04 11:12:07 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Spyware Terminator
[2012/01/04 11:17:01 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\SUPERAntiSpyware.com
[2012/01/04 09:27:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\uTorrent
[2011/12/12 15:45:46 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\vlc
[2011/08/11 10:47:22 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\WinRAR
[2011/09/14 15:05:27 | 000,000,000 | ---D | M] -- C:\Users\David\AppData\Roaming\Zoner
< %APPDATA%\*.exe /s >
[2007/11/27 07:41:32 | 000,405,504 | ---- | M] () -- C:\Users\David\AppData\Roaming\NCH Software\Components\mp3el2\lame.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/10 04:12:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %systemroot%\Tasks\*.job >
[2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job
[2011/09/02 17:35:00 | 000,000,624 | ---- | M] () -- C:\Windows\Tasks\SymInstallStub.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[2011/11/10 04:12:24 | 000,466,944 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
< %systemroot%\system32\drivers\*.sys /3 >
[2012/01/04 11:14:15 | 000,239,168 | ---- | M] (DT Soft Ltd) -- C:\Windows\system32\drivers\dtsoftbus01.sys
< %systemroot%\system32\*.* /3 >
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 16:03:12 | 000,014,544 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/05 14:49:41 | 000,120,382 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2012/01/05 14:49:41 | 000,651,450 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2012/01/05 14:49:41 | 000,778,150 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"SUPERAntiSpyware" = C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe -- [2011/12/09 01:44:22 | 004,616,064 | ---- | M] (SUPERAntiSpyware.com)
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012/01/05 17:54:00 | 000,000,512 | ---- | M] () MD5=0089C18C5D9F567EEE77F644883103B1 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2011/08/10 09:49:59 | 000,034,664 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloader.dll
[2011/08/10 09:49:59 | 000,343,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloadergui.dll
[2011/08/10 09:49:59 | 000,214,184 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2009/10/22 00:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009/10/22 00:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/01/01 17:10:33 | 000,032,768 | ---- | M] () -- \Program Files\Gameforge4D\4Story_CZ\TLoader.exe
[2012/01/04 14:06:48 | 000,002,977 | ---- | M] () -- \Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D808KEE1\canvas-loader-bright[1].gif
[2012/01/04 14:06:47 | 000,002,977 | ---- | M] () -- \Users\David\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\D808KEE1\canvas-loader[1].gif
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2011/07/15 12:32:40 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2009/07/14 08:42:17 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 08:42:17 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winload.exe.mui_3bc5b827
[2009/07/14 08:42:17 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4_winresume.exe.mui_ff8b5358
[2011/09/02 09:45:24 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2011/09/02 09:45:24 | 000,508,904 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winload.exe_75835076
[2011/09/02 09:45:24 | 000,442,720 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2009/07/14 08:41:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: Prosím o kontrolu
OTL Extras logfile created on: 5. 1. 2012 17:52:52 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\David\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,00% Memory free
3,50 Gb Paging File | 2,20 Gb Available in Paging File | 62,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 54,86 Gb Free Space | 70,31% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 370,82 Gb Free Space | 95,66% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05CAF469-9765-8FBF-10AD-FD621091824A}" = CCC Help English
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26D4FB2E-BA55-3E2C-CC6F-97D6A0A74306}" = AMD Fuel
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F2E5BB1-33E8-B06B-E965-19EE7117A445}" = AMD Drag and Drop Transcoding
"{6F64A42C-6D93-6788-EB4F-07CC066DE194}" = Catalyst Control Center Graphics Previews Common
"{76D1FBEB-FBBF-0D1E-BB0A-CAA0D19E2C7F}" = ccc-utility
"{8D8B8115-40C1-A707-B7DA-599514076A81}" = AMD VISION Engine Control Center
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Slovak
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F48756D1-A348-2DA5-B59B-DF39F293F750}" = AMD Media Foundation Decoders
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"4Story_CZ_is1" = 4Story CZ 3.6.66
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"FileHippo.com" = FileHippo.com Update Checker
"FormatFactory" = FormatFactory 2.60
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 11.60.1185" = Opera 11.60
"PSPad editor_is1" = PSPad editor
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26. 12. 2011 18:36:19 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 29. 12. 2011 5:55:39 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program RepairVideo.exe version 1.8.2.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 888 Start
Time: 01ccc60fd302bbfd Termination Time: 8 Application Path: C:\Program Files\ASF-AVI-RM-WMV
Repair\RepairVideo.exe Report Id: 41c05423-3203-11e1-a45a-4061862a0316
Error - 29. 12. 2011 5:56:51 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program DivFix.exe version 1.1.2.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: ea8 Start Time:
01ccc60ffc39b8ea Termination Time: 2 Application Path: C:\Users\David\Desktop\DivFix.exe
Report
Id: 6b12a1a7-3203-11e1-a45a-4061862a0316
Error - 30. 12. 2011 10:55:38 | Computer Name = David-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\ATI\CIM\Bin\SetACL.exe".
Dependent
Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3. 1. 2012 3:25:34 | Computer Name = David-PC | Source = VSS | ID = 8194
Description =
Error - 4. 1. 2012 6:15:59 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 4. 1. 2012 6:15:59 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 9:49:40 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 9:49:41 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 12:52:38 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: ad4 Start Time:
01cccbca5c84e600 Termination Time: 2 Application Path: C:\Users\David\Desktop\OTL.exe
Report
Id: aa9643dc-37bd-11e1-8457-4061862a0316
[ System Events ]
Error - 22. 10. 2011 17:08:21 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 8:29:09 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 12:53:51 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 16:38:09 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 24. 10. 2011 1:41:06 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 24. 10. 2011 16:45:17 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 10. 2011 4:25:54 | Computer Name = David-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.115.502.0).
Error - 25. 10. 2011 6:46:36 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 10. 2011 16:38:50 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 26. 10. 2011 7:45:30 | Computer Name = David-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.115.502.0).
< End of report >
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\David\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
1,75 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 66,00% Memory free
3,50 Gb Paging File | 2,20 Gb Available in Paging File | 62,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 78,03 Gb Total Space | 54,86 Gb Free Space | 70,31% Space Free | Partition Type: NTFS
Drive D: | 387,63 Gb Total Space | 370,82 Gb Free Space | 95,66% Space Free | Partition Type: NTFS
Computer Name: DAVID-PC | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05CAF469-9765-8FBF-10AD-FD621091824A}" = CCC Help English
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26D4FB2E-BA55-3E2C-CC6F-97D6A0A74306}" = AMD Fuel
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1D0591-14F7-736E-143A-62DC3E552A1A}" = Catalyst Control Center InstallProxy
"{4F62B1AE-E778-49E2-9C57-C1C65A122098}" = Zoner Callisto 5
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F2E5BB1-33E8-B06B-E965-19EE7117A445}" = AMD Drag and Drop Transcoding
"{6F64A42C-6D93-6788-EB4F-07CC066DE194}" = Catalyst Control Center Graphics Previews Common
"{76D1FBEB-FBBF-0D1E-BB0A-CAA0D19E2C7F}" = ccc-utility
"{8D8B8115-40C1-A707-B7DA-599514076A81}" = AMD VISION Engine Control Center
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2010
"{90140000-0015-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2010
"{90140000-0016-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2010
"{90140000-0018-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2010
"{90140000-0019-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2010
"{90140000-001A-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2010
"{90140000-001B-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2304F942-79D2-46F7-A512-269A7F5B7EFC}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2010
"{90140000-001F-040E-0000-0000000FF1CE}_Office14.PROPLUS_{71431694-851E-4BC7-92A9-4BB9D196E24F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{A162C5E6-7778-4D5B-9F0A-38F0122DD859}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2010
"{90140000-002C-041B-0000-0000000FF1CE}_Office14.PROPLUS_{93F2D01D-F7E6-46E5-9A7C-316262461F9F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2010
"{90140000-0044-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2010
"{90140000-006E-041B-0000-0000000FF1CE}_Office14.PROPLUS_{56405E5D-9583-4644-B183-AFB3E19D80B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-041B-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovak) 2010
"{90140000-00A1-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-041B-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovak) 2010
"{90140000-00BA-041B-0000-0000000FF1CE}_Office14.PROPLUS_{9C5E0700-7189-470B-A02E-7FFE75C8BD43}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A942958E-AF92-7901-861B-7F373A1B6ABA}" = AMD Catalyst Install Manager
"{AC76BA86-7AD7-1051-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Slovak
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{F48756D1-A348-2DA5-B59B-DF39F293F750}" = AMD Media Foundation Decoders
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Ralink Wireless LAN Card
"4Story_CZ_is1" = 4Story CZ 3.6.66
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"FileHippo.com" = FileHippo.com Update Checker
"FormatFactory" = FormatFactory 2.60
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verzia 1.60.0.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 11.60.1185" = Opera 11.60
"PSPad editor_is1" = PSPad editor
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"76f4758ca7e15dc6" = MusicJet
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 26. 12. 2011 18:36:19 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 29. 12. 2011 5:55:39 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program RepairVideo.exe version 1.8.2.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 888 Start
Time: 01ccc60fd302bbfd Termination Time: 8 Application Path: C:\Program Files\ASF-AVI-RM-WMV
Repair\RepairVideo.exe Report Id: 41c05423-3203-11e1-a45a-4061862a0316
Error - 29. 12. 2011 5:56:51 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program DivFix.exe version 1.1.2.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: ea8 Start Time:
01ccc60ffc39b8ea Termination Time: 2 Application Path: C:\Users\David\Desktop\DivFix.exe
Report
Id: 6b12a1a7-3203-11e1-a45a-4061862a0316
Error - 30. 12. 2011 10:55:38 | Computer Name = David-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\ATI\CIM\Bin\SetACL.exe".
Dependent
Assembly Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 3. 1. 2012 3:25:34 | Computer Name = David-PC | Source = VSS | ID = 8194
Description =
Error - 4. 1. 2012 6:15:59 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 4. 1. 2012 6:15:59 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 9:49:40 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 9:49:41 | Computer Name = David-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.
Error - 5. 1. 2012 12:52:38 | Computer Name = David-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: ad4 Start Time:
01cccbca5c84e600 Termination Time: 2 Application Path: C:\Users\David\Desktop\OTL.exe
Report
Id: aa9643dc-37bd-11e1-8457-4061862a0316
[ System Events ]
Error - 22. 10. 2011 17:08:21 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 8:29:09 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 12:53:51 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 23. 10. 2011 16:38:09 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 24. 10. 2011 1:41:06 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 24. 10. 2011 16:45:17 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 10. 2011 4:25:54 | Computer Name = David-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.115.502.0).
Error - 25. 10. 2011 6:46:36 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 25. 10. 2011 16:38:50 | Computer Name = David-PC | Source = DCOM | ID = 10010
Description =
Error - 26. 10. 2011 7:45:30 | Computer Name = David-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu
aktualizáciu. Vyskytla sa chyba 0x80070643: Definition Update for Windows Defender
- KB915597 (Definition 1.115.502.0).
< End of report >
Re: Prosím o kontrolu
Spustte znovu OTL
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
:otl O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found IE - HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AF 43 D9 E6 25 57 CC 01 [binary data] O13 - gopher Prefix: missing O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O33 - MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\Shell - "" = AutoRun [2012/01/05 15:56:17 | 000,000,200 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job [2012/01/05 15:56:16 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job [2012/01/05 15:56:10 | 000,078,848 | ---- | M] () -- C:\Windows\KMSEmulator.exe [9 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ] :reg [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"=- "SpywareTerminator"=- "SpywareTerminatorShield"=- "SpywareTerminatorUpdater"=- "SunJavaUpdateSched"=- "StartCCC"=- "4StoryPrePatch"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "SpywareTerminatorUpdate"=- :files C:\Windows\tasks\SymInstallStub.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Nasledne kliknete na Opravit
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\ not found.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job moved successfully.
C:\Windows\KMSEmulator.exe moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP452A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP501.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP693E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9665.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1B1.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1B1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD9BB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF0E3.tmp folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate not found.
========== FILES ==========
C:\Windows\tasks\SymInstallStub.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 4324154 bytes
->Temporary Internet Files folder emptied: 11911586 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 6699227 bytes
->Flash cache emptied: 484 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 296905 bytes
->Temporary Internet Files folder emptied: 279610 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1440 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 22,00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Guest
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01052012_191117
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
HKU\S-1-5-21-744494415-1361340334-2037145302-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4c9186d2-c4ab-11e0-b98f-000e2ec587e4}\ not found.
C:\Windows\Tasks\AutoKMS.job moved successfully.
C:\Windows\Tasks\AutoKMSDaily.job moved successfully.
C:\Windows\KMSEmulator.exe moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP452A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP501.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP693E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9665.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1B1.tmp\mscorlib.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB1B1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD9BB.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF0E3.tmp folder deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4StoryPrePatch not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate not found.
========== FILES ==========
C:\Windows\tasks\SymInstallStub.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: David
->Temp folder emptied: 4324154 bytes
->Temporary Internet Files folder emptied: 11911586 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 6699227 bytes
->Flash cache emptied: 484 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 296905 bytes
->Temporary Internet Files folder emptied: 279610 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1440 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 22,00 mb
[EMPTYFLASH]
User: All Users
User: David
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Guest
User: Public
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.31.0 log created on 01052012_191117
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Re: Prosím o kontrolu
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?