startpins.com

Zpráva

cokolad · #1 Příspěvek od **cokolad** » 11 srp 2012 22:07

na Mozzile aj na Exploreri sa mi ani neviem kedy nastavila ako hlavna stranka startpins.com (ja ich velmi nepouzivam)..je to nebezpecne? ako to odstranit? niesom ziaden expert takze sa vopred ospravedlnujem ak je to hlupa otazka ..dik

#2 Příspěvek od **vyosek** » 11 srp 2012 22:14

Zdravim a pekny vecer preji

Jelikoz nevime o Vasem PC nic a z kristalove koule se spatne vesti, navic pri zatazenem pocasi jake ted v okrese Zlin panuje, neni nic videt

Ale dosti legracek, kouknem na to

RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895 a dejte log z nej - navod Vas povede...

btw, hloupa otazka to urcite neni, pro laika urcite neprijemna vec a my radi poradime

cokolad · #3 Příspěvek od **cokolad** » 11 srp 2012 22:19

Logfile of random's system information tool 1.09 (written by random/random)
Run by TonyX at 2012-08-11 23:16:04
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (55%) free of 40 GB
Total RAM: 511 MB (7% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:16:55, on 11.8.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\zHotkey.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMODO\Unite\EzVpnSvc.exe
C:\Program Files\COMODO\Unite\crdphService.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\TonyX\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\TonyX.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [CHotkey] zHotkey.exe
O4 - HKLM\..\Run: [ShowWnd] ShowWnd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: COMODO Unite MultiLogin Service (EzVpnSvc) - COMODO - C:\Program Files\COMODO\Unite\EzVpnSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe

--
End of file - 7910 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default

prefs.js - "browser.startup.homepage" - "http://startsear.ch/?aff=1"
prefs.js - "keyword.URL" - "http://startsear.ch/?aff=1&src=sp&cf=f5 ... ce8dcb3&q="

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@comodo.com/EasyvpnLvn]
"Description"=comodo VpnLVN 1.0
"Path"=C:\Program Files\COMODO\Unite\npEasyVpnLVN.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@comodo.com/EasyvpnRdp]
"Description"=comodo rdp 1.0
"Path"=C:\Program Files\COMODO\Unite\NpRdpView.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@comodo.com/EasyvpnVnc]
"Description"=comodo vnc 1.0
"Path"=C:\Program Files\COMODO\Unite\NpVncView.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}

C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\searchplugins\
startsear.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03 599680]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CHotkey"=C:\WINDOWS\zHotkey.exe [2003-07-29 515584]
"ShowWnd"=C:\WINDOWS\ShowWnd.exe [2003-09-19 36864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2005-08-17 90112]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-12-05 81920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-04-21 281768]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-11-03 738944]
"ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2011-11-09 73360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-07-02 136176]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TonyX^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk]
C:\Documents and Settings\TonyX\Local Settings\Temp\{1FE3BDA4-9697-4323-A6E3-3E509F0F92DF}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe /remind /language=SKY /PRNM=RollerCoaster Tycoon 3/PRMP=RCT3/SKUN=PCXX/GTYP=STRY []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\NHL gpc\Winamp\winamp.exe"="D:\NHL gpc\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\hry\FM 2010\fm.exe"="D:\hry\FM 2010\fm.exe:*:Enabled:Football Manager 2010"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe"="C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe:*:Enabled:XChat IRC Client"
"D:\hry\NHL 2009\nhl2009.exe"="D:\hry\NHL 2009\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\LMabcoms.exe"="C:\WINDOWS\system32\LMabcoms.exe:*:Enabled:Lexmark Enhanced TCP/IP"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\COMODO\Unite\Unite.exe"="C:\Program Files\COMODO\Unite\Unite.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\EzVpnSvc.exe"="C:\Program Files\COMODO\Unite\EzVpnSvc.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\crdphAppShare.exe"="C:\Program Files\COMODO\Unite\crdphAppShare.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\crdphService.exe"="C:\Program Files\COMODO\Unite\crdphService.exe:*:Enabled:COMODO Unite"
"C:\Program Files\COMODO\Unite\UniteCAM.exe"="C:\Program Files\COMODO\Unite\UniteCAM.exe:*:Enabled:COMODO Unite"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2012-08-11 23:16:11 ----D---- C:\Program Files\trend micro
2012-08-11 23:16:04 ----D---- C:\rsit
2012-08-11 15:29:57 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-08-11 15:29:57 ----A---- C:\WINDOWS\system32\drivers\cmdatp.sys
2012-08-11 15:29:43 ----D---- C:\Program Files\COMODO
2012-08-11 15:29:43 ----D---- C:\Documents and Settings\TonyX\Data aplikací\COMODO
2012-08-11 15:28:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\COMODO
2012-08-11 15:09:12 ----D---- C:\WINDOWS\LastGood
2012-07-25 13:57:29 ----D---- C:\Program Files\Lexmark
2012-07-25 13:56:54 ----A---- C:\WINDOWS\system32\LMabusb1.dll
2012-07-25 13:56:54 ----A---- C:\WINDOWS\system32\LMabpmui.dll
2012-07-25 13:56:53 ----A---- C:\WINDOWS\system32\LMabserv.dll
2012-07-25 13:56:53 ----A---- C:\WINDOWS\system32\LMabprox.dll
2012-07-25 13:56:52 ----A---- C:\WINDOWS\system32\LMabppls.exe
2012-07-25 13:56:52 ----A---- C:\WINDOWS\system32\LMabpplc.dll
2012-07-25 13:56:52 ----A---- C:\WINDOWS\system32\LMabpar1.dll
2012-07-25 13:56:52 ----A---- C:\WINDOWS\system32\LMablmpm.dll
2012-07-25 13:56:52 ----A---- C:\WINDOWS\system32\LMabip1.dll
2012-07-25 13:56:51 ----A---- C:\WINDOWS\system32\LMabcoms.exe
2012-07-25 13:56:51 ----A---- C:\WINDOWS\system32\LMabcomm.dll
2012-07-25 13:56:50 ----A---- C:\WINDOWS\system32\LMabcomc.dll

======List of files/folders modified in the last 1 month======

2012-08-11 23:16:34 ----D---- C:\WINDOWS\Prefetch
2012-08-11 23:16:11 ----RD---- C:\Program Files
2012-08-11 22:57:21 ----D---- C:\WINDOWS
2012-08-11 15:40:03 ----D---- C:\WINDOWS\Temp
2012-08-11 15:38:08 ----SHD---- C:\WINDOWS\Installer
2012-08-11 15:37:51 ----D---- C:\WINDOWS\system32\drivers
2012-08-11 15:37:44 ----HD---- C:\WINDOWS\inf
2012-08-11 15:29:57 ----D---- C:\WINDOWS\system32
2012-08-11 15:25:36 ----D---- C:\Documents and Settings\TonyX\Data aplikací\Hamachi
2012-08-11 12:10:53 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-11 12:10:38 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-11 00:33:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-08-10 23:25:57 ----D---- C:\Program Files\Mozilla Firefox
2012-08-03 15:07:50 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-02 23:53:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-07-26 21:06:16 ----D---- C:\Documents and Settings\TonyX\Data aplikací\TeamViewer
2012-07-25 14:10:21 ----D---- C:\WINDOWS\system32\CatRoot
2012-07-25 13:57:28 ----D---- C:\Program Files\Lexmark_HostCD
2012-07-21 20:29:10 ----D---- C:\Documents and Settings\TonyX\Data aplikací\X-Chat 2
2012-07-12 11:38:45 ----D---- C:\Documents and Settings\TonyX\Data aplikací\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-07-04 138192]
R1 BIOS;BIOS; \??\C:\WINDOWS\System32\drivers\BIOS.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-02-22 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2011-11-09 525840]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-07-04 66616]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-19 3644800]
R3 ATP;Comodo Unite Miniport Driver; C:\WINDOWS\system32\DRIVERS\cmdatp.sys [2011-04-14 17816]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-10-20 25280]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-04-06 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-04-06 12928]
R3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2012-07-02 25088]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2005-04-13 53376]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2005-04-13 414464]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-07-04 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
R2 EzVpnSvc;COMODO Unite MultiLogin Service; C:\Program Files\COMODO\Unite\EzVpnSvc.exe [2011-08-22 360752]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-11-03 497280]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-12-05 155716]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2005-01-28 38912]
R2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2011-11-09 2420616]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-01 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 lmab_device;lmab_device; C:\WINDOWS\system32\LMabcoms.exe [2005-06-14 491520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-10 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-07-16 75136]

-----------------EOF-----------------

#4 Příspěvek od **vyosek** » 11 srp 2012 22:21

Total RAM: 511 MB (7% free) nic moc zrovna

james008 píše:Na dane mnozstvi ram se nehodi zadny (ani uplne holy bez antibiru a programu) ze soucasnymch
funkcnich a podporovanych os vyjma minimalizovanych verzi linuxu, jako jsou ZenWalk ci ArchLinux..
popr DSL..Damn small linux
Pokud chcete provozovat win system s av tak jedine a nejblize system XP sp3 a i presto budete muset
doplnit ram alespon na hodnotu 1Gb.

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukoncete vsechny programy
Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
Pockejte na dokonceni PreScanu
Zvolte moznost Prohledat (scan)
Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

cokolad · #5 Příspěvek od **cokolad** » 11 srp 2012 22:27

je to uz hooodne stara masina ale pokial sluzi tak si na notebook este pockam

RogueKiller V7.6.6 [08/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: TonyX [Práva správce]
Mód: Kontrola -- Datum: 08/11/2012 23:25:23

¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] HKNTDLL.dll -- C:\WINDOWS\HKNTDLL.dll -> UNLOADED

¤¤¤ Záznamy Registrů: 1 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805B1D78 -> HOOKED (Unknown @ 0xF8DA4B34)
SSDT[41] : NtCreateKey @ 0x8061ABE2 -> HOOKED (Unknown @ 0xF8DA4AEE)
SSDT[53] : NtCreateThread @ 0x805C735E -> HOOKED (Unknown @ 0xF8DA4AE4)
SSDT[63] : NtDeleteKey @ 0x8061B07E -> HOOKED (Unknown @ 0xF8DA4AF3)
SSDT[65] : NtDeleteValueKey @ 0x8061B24E -> HOOKED (Unknown @ 0xF8DA4AFD)
SSDT[98] : NtLoadKey @ 0x8061CE06 -> HOOKED (Unknown @ 0xF8DA4B02)
SSDT[193] : NtReplaceKey @ 0x8061CCB6 -> HOOKED (Unknown @ 0xF8DA4B0C)
SSDT[204] : NtRestoreKey @ 0x8061C5C2 -> HOOKED (Unknown @ 0xF8DA4B07)
SSDT[213] : NtSetContextThread @ 0x805C8FB6 -> HOOKED (Unknown @ 0xF8DA4B43)
SSDT[247] : NtSetValueKey @ 0x80619154 -> HOOKED (Unknown @ 0xF8DA4AF8)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xF8DA4B48)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xF8DA4B4D)

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3500413AS +++++
--- User ---
[MBR] 13f3f5beb341707cc09ea1175af8916d
[BSP] 53aec8fd96176b5e5ea919b1ce4f3e60 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39997 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 81915435 | Size: 436931 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1].txt >>
RKreport[1].txt

#6 Příspěvek od **vyosek** » 11 srp 2012 22:30

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

C:\WINDOWS\HKNTDLL.dll
Kliknete na Choose file
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Kliknete na Scan It
Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
Vysledek analyzy sem vlozte (jako odkaz)

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Kliknete na volbu Change parametrs
V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
Kliknete na OK
Utilite prikazte, at skenuje - klik na Start Scan
Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
Pokud mate vsude Skip, kliknete na Continue
Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

cokolad · #7 Příspěvek od **cokolad** » 11 srp 2012 22:34

https://www.virustotal.com/file/1e00006 ... 344720807/

cokolad · #8 Příspěvek od **cokolad** » 11 srp 2012 22:38

23:35:29.0984 2952 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
23:35:32.0000 2952 ============================================================
23:35:32.0000 2952 Current date / time: 2012/08/11 23:35:32.0000
23:35:32.0000 2952 SystemInfo:
23:35:32.0000 2952
23:35:32.0000 2952 OS Version: 5.1.2600 ServicePack: 3.0
23:35:32.0000 2952 Product type: Workstation
23:35:32.0000 2952 ComputerName: COKOLAD
23:35:32.0000 2952 UserName: TonyX
23:35:32.0000 2952 Windows directory: C:\WINDOWS
23:35:32.0000 2952 System windows directory: C:\WINDOWS
23:35:32.0000 2952 Processor architecture: Intel x86
23:35:32.0000 2952 Number of processors: 1
23:35:32.0000 2952 Page size: 0x1000
23:35:32.0000 2952 Boot type: Normal boot
23:35:32.0000 2952 ============================================================
23:35:33.0937 2952 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:35:33.0953 2952 ============================================================
23:35:33.0953 2952 \Device\Harddisk0\DR0:
23:35:33.0953 2952 MBR partitions:
23:35:33.0953 2952 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4E1EDEC
23:35:33.0953 2952 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4E1EE6A, BlocksNum 0x35561F16
23:35:33.0953 2952 ============================================================
23:35:33.0968 2952 C: <-> \Device\Harddisk0\DR0\Partition0
23:35:34.0015 2952 D: <-> \Device\Harddisk0\DR0\Partition1
23:35:34.0015 2952 ============================================================
23:35:34.0015 2952 Initialize success
23:35:34.0015 2952 ============================================================
23:36:10.0500 1016 ============================================================
23:36:10.0500 1016 Scan started
23:36:10.0500 1016 Mode: Manual; SigCheck; TDLFS;
23:36:10.0500 1016 ============================================================
23:36:10.0734 1016 Abiosdsk - ok
23:36:10.0750 1016 abp480n5 - ok
23:36:10.0812 1016 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:36:12.0203 1016 ACPI - ok
23:36:12.0218 1016 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
23:36:12.0375 1016 ACPIEC - ok
23:36:12.0453 1016 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:36:12.0500 1016 AdobeFlashPlayerUpdateSvc - ok
23:36:12.0515 1016 adpu160m - ok
23:36:12.0546 1016 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
23:36:12.0781 1016 aec - ok
23:36:12.0812 1016 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
23:36:12.0875 1016 AFD - ok
23:36:12.0890 1016 Aha154x - ok
23:36:12.0890 1016 aic78u2 - ok
23:36:12.0906 1016 aic78xx - ok
23:36:13.0359 1016 ALCXWDM (92ae420be14b0d97d14dac4aba22a702) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
23:36:14.0328 1016 ALCXWDM - ok
23:36:14.0453 1016 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\WINDOWS\system32\alrsvc.dll
23:36:14.0625 1016 Alerter - ok
23:36:14.0640 1016 ALG (88842de939a827577bf24243699ac80a) C:\WINDOWS\System32\alg.exe
23:36:14.0812 1016 ALG - ok
23:36:14.0828 1016 AliIde - ok
23:36:14.0828 1016 amsint - ok
23:36:14.0906 1016 AntiVirSchedulerService (b4837fe56d76b2e9ea90e5365cf6a2be) C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:36:14.0937 1016 AntiVirSchedulerService - ok
23:36:14.0984 1016 AntiVirService (df5a3016052755c910a206058b4a1729) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:36:15.0015 1016 AntiVirService - ok
23:36:15.0062 1016 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\WINDOWS\System32\appmgmts.dll
23:36:15.0281 1016 AppMgmt - ok
23:36:15.0281 1016 asc - ok
23:36:15.0281 1016 asc3350p - ok
23:36:15.0296 1016 asc3550 - ok
23:36:15.0390 1016 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:36:15.0437 1016 aspnet_state - ok
23:36:15.0453 1016 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:36:15.0593 1016 AsyncMac - ok
23:36:15.0625 1016 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
23:36:15.0765 1016 atapi - ok
23:36:15.0781 1016 Atdisk - ok
23:36:15.0796 1016 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:36:15.0953 1016 Atmarpc - ok
23:36:15.0984 1016 ATP (a8abf9ca3b8781a69ca5025bcda42706) C:\WINDOWS\system32\DRIVERS\cmdatp.sys
23:36:16.0093 1016 ATP - ok
23:36:16.0125 1016 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\WINDOWS\System32\audiosrv.dll
23:36:16.0281 1016 AudioSrv - ok
23:36:16.0312 1016 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
23:36:16.0468 1016 audstub - ok
23:36:16.0484 1016 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys
23:36:16.0531 1016 avgio - ok
23:36:16.0546 1016 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
23:36:16.0562 1016 avgntflt - ok
23:36:16.0593 1016 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\WINDOWS\system32\DRIVERS\avipbb.sys
23:36:16.0625 1016 avipbb - ok
23:36:16.0656 1016 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
23:36:16.0828 1016 Beep - ok
23:36:16.0843 1016 BIOS (be5d50529799b9bab6be879ec768b6cf) C:\WINDOWS\System32\drivers\BIOS.sys
23:36:16.0859 1016 BIOS ( UnsignedFile.Multi.Generic ) - warning
23:36:16.0859 1016 BIOS - detected UnsignedFile.Multi.Generic (1)
23:36:16.0937 1016 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\WINDOWS\system32\qmgr.dll
23:36:17.0234 1016 BITS - ok
23:36:17.0265 1016 Browser (249276d3ef1e74b992299cb96099e4d7) C:\WINDOWS\System32\browser.dll
23:36:17.0421 1016 Browser - ok
23:36:17.0453 1016 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
23:36:17.0625 1016 cbidf2k - ok
23:36:17.0625 1016 cd20xrnt - ok
23:36:17.0656 1016 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
23:36:17.0828 1016 Cdaudio - ok
23:36:17.0843 1016 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
23:36:18.0000 1016 Cdfs - ok
23:36:18.0031 1016 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:36:18.0156 1016 Cdrom - ok
23:36:18.0171 1016 Changer - ok
23:36:18.0187 1016 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\WINDOWS\system32\cisvc.exe
23:36:18.0312 1016 CiSvc - ok
23:36:18.0328 1016 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\WINDOWS\system32\clipsrv.exe
23:36:18.0468 1016 ClipSrv - ok
23:36:18.0546 1016 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:18.0609 1016 clr_optimization_v2.0.50727_32 - ok
23:36:18.0609 1016 CmdIde - ok
23:36:18.0609 1016 COMSysApp - ok
23:36:18.0625 1016 Cpqarray - ok
23:36:18.0656 1016 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\WINDOWS\System32\cryptsvc.dll
23:36:18.0828 1016 CryptSvc - ok
23:36:18.0843 1016 dac2w2k - ok
23:36:18.0859 1016 dac960nt - ok
23:36:18.0921 1016 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
23:36:19.0046 1016 DcomLaunch - ok
23:36:19.0093 1016 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\WINDOWS\System32\dhcpcsvc.dll
23:36:19.0250 1016 Dhcp - ok
23:36:19.0281 1016 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
23:36:19.0421 1016 Disk - ok
23:36:19.0437 1016 dmadmin - ok
23:36:19.0531 1016 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
23:36:20.0031 1016 dmboot - ok
23:36:20.0062 1016 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
23:36:20.0218 1016 dmio - ok
23:36:20.0234 1016 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
23:36:20.0406 1016 dmload - ok
23:36:20.0437 1016 dmserver (2bfefe9e865655a76982f050450b9591) C:\WINDOWS\System32\dmserver.dll
23:36:20.0593 1016 dmserver - ok
23:36:20.0625 1016 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
23:36:20.0765 1016 DMusic - ok
23:36:20.0796 1016 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\WINDOWS\System32\dnsrslvr.dll
23:36:20.0937 1016 Dnscache - ok
23:36:20.0984 1016 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\WINDOWS\System32\dot3svc.dll
23:36:21.0156 1016 Dot3svc - ok
23:36:21.0156 1016 dpti2o - ok
23:36:21.0171 1016 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
23:36:21.0328 1016 drmkaud - ok
23:36:21.0375 1016 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
23:36:21.0421 1016 dtsoftbus01 - ok
23:36:21.0453 1016 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\WINDOWS\System32\eapsvc.dll
23:36:21.0609 1016 EapHost - ok
23:36:21.0640 1016 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\WINDOWS\System32\ersvc.dll
23:36:21.0796 1016 ERSvc - ok
23:36:21.0843 1016 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
23:36:21.0937 1016 Eventlog - ok
23:36:22.0015 1016 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\System32\es.dll
23:36:22.0125 1016 EventSystem - ok
23:36:22.0281 1016 EzVpnSvc (2d5ed81e5a8a2b77768ba724e3f8e538) C:\Program Files\COMODO\Unite\EzVpnSvc.exe
23:36:22.0406 1016 EzVpnSvc - ok
23:36:22.0453 1016 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
23:36:22.0625 1016 Fastfat - ok
23:36:22.0671 1016 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:36:22.0750 1016 FastUserSwitchingCompatibility - ok
23:36:22.0781 1016 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
23:36:22.0937 1016 Fdc - ok
23:36:22.0968 1016 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
23:36:23.0109 1016 Fips - ok
23:36:23.0125 1016 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:36:23.0265 1016 Flpydisk - ok
23:36:23.0312 1016 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
23:36:23.0468 1016 FltMgr - ok
23:36:23.0531 1016 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:36:23.0562 1016 FontCache3.0.0.0 - ok
23:36:23.0578 1016 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:36:23.0734 1016 Fs_Rec - ok
23:36:23.0781 1016 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:36:24.0015 1016 Ftdisk - ok
23:36:24.0062 1016 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:36:24.0187 1016 Gpc - ok
23:36:24.0234 1016 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:36:24.0265 1016 gupdate - ok
23:36:24.0281 1016 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
23:36:24.0296 1016 gupdatem - ok
23:36:24.0312 1016 hamachi (7929a161f9951d173ca9900fe7067391) C:\WINDOWS\system32\DRIVERS\hamachi.sys
23:36:24.0343 1016 hamachi - ok
23:36:24.0375 1016 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:36:24.0562 1016 helpsvc - ok
23:36:24.0578 1016 HidServ - ok
23:36:24.0609 1016 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:36:24.0750 1016 hidusb - ok
23:36:24.0781 1016 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\WINDOWS\System32\kmsvc.dll
23:36:24.0953 1016 hkmsvc - ok
23:36:24.0968 1016 hpn - ok
23:36:25.0031 1016 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
23:36:25.0078 1016 HTTP - ok
23:36:25.0109 1016 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\WINDOWS\System32\w3ssl.dll
23:36:25.0265 1016 HTTPFilter - ok
23:36:25.0281 1016 i2omgmt - ok
23:36:25.0281 1016 i2omp - ok
23:36:25.0312 1016 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:36:25.0453 1016 i8042prt - ok
23:36:25.0640 1016 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:36:25.0859 1016 idsvc - ok
23:36:25.0890 1016 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
23:36:26.0046 1016 Imapi - ok
23:36:26.0093 1016 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\WINDOWS\System32\imapi.exe
23:36:26.0250 1016 ImapiService - ok
23:36:26.0250 1016 ini910u - ok
23:36:26.0265 1016 IntelIde - ok
23:36:26.0296 1016 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
23:36:26.0421 1016 ip6fw - ok
23:36:26.0468 1016 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:36:26.0640 1016 IpFilterDriver - ok
23:36:26.0656 1016 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:36:26.0781 1016 IpInIp - ok
23:36:26.0828 1016 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:36:26.0984 1016 IpNat - ok
23:36:27.0000 1016 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:36:27.0140 1016 IPSec - ok
23:36:27.0171 1016 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
23:36:27.0312 1016 IRENUM - ok
23:36:27.0343 1016 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:36:27.0484 1016 isapnp - ok
23:36:27.0546 1016 ISWKL (08a811bfd207dfdec588881c18bacbaa) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
23:36:27.0578 1016 ISWKL - ok
23:36:27.0656 1016 IswSvc (5b2ccef06f96dfb22893ab8f0b3f891d) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
23:36:27.0750 1016 IswSvc - ok
23:36:27.0765 1016 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:36:27.0906 1016 Kbdclass - ok
23:36:27.0937 1016 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:36:28.0078 1016 kbdhid - ok
23:36:28.0109 1016 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
23:36:28.0250 1016 kmixer - ok
23:36:28.0281 1016 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
23:36:28.0359 1016 KSecDD - ok
23:36:28.0406 1016 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\WINDOWS\System32\srvsvc.dll
23:36:28.0468 1016 lanmanserver - ok
23:36:28.0531 1016 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\WINDOWS\System32\wkssvc.dll
23:36:28.0625 1016 lanmanworkstation - ok
23:36:28.0640 1016 lbrtfdc - ok
23:36:28.0656 1016 lmab_device - ok
23:36:28.0687 1016 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\WINDOWS\System32\lmhsvc.dll
23:36:28.0843 1016 LmHosts - ok
23:36:28.0875 1016 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\WINDOWS\System32\msgsvc.dll
23:36:29.0031 1016 Messenger - ok
23:36:29.0078 1016 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:36:29.0109 1016 Microsoft Office Groove Audit Service - ok
23:36:29.0140 1016 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
23:36:29.0296 1016 mnmdd - ok
23:36:29.0328 1016 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\System32\mnmsrvc.exe
23:36:29.0453 1016 mnmsrvc - ok
23:36:29.0484 1016 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
23:36:29.0640 1016 Modem - ok
23:36:29.0656 1016 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:36:29.0796 1016 Mouclass - ok
23:36:29.0812 1016 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:36:30.0015 1016 mouhid - ok
23:36:30.0031 1016 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
23:36:30.0171 1016 MountMgr - ok
23:36:30.0203 1016 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:36:30.0250 1016 MozillaMaintenance - ok
23:36:30.0265 1016 mraid35x - ok
23:36:30.0296 1016 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:36:30.0468 1016 MRxDAV - ok
23:36:30.0546 1016 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:36:30.0671 1016 MRxSmb - ok
23:36:30.0703 1016 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\System32\msdtc.exe
23:36:30.0843 1016 MSDTC - ok
23:36:30.0859 1016 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
23:36:31.0000 1016 Msfs - ok
23:36:31.0015 1016 MSIServer - ok
23:36:31.0031 1016 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:36:31.0156 1016 MSKSSRV - ok
23:36:31.0171 1016 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:36:31.0312 1016 MSPCLOCK - ok
23:36:31.0328 1016 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
23:36:31.0453 1016 MSPQM - ok
23:36:31.0468 1016 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:36:31.0593 1016 mssmbios - ok
23:36:31.0640 1016 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
23:36:31.0671 1016 Mup - ok
23:36:31.0734 1016 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\WINDOWS\System32\qagentrt.dll
23:36:31.0968 1016 napagent - ok
23:36:32.0015 1016 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
23:36:32.0171 1016 NDIS - ok
23:36:32.0203 1016 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:36:32.0234 1016 NdisTapi - ok
23:36:32.0250 1016 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:36:32.0406 1016 Ndisuio - ok
23:36:32.0421 1016 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:36:32.0593 1016 NdisWan - ok
23:36:32.0656 1016 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
23:36:32.0703 1016 NDProxy - ok
23:36:32.0750 1016 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
23:36:32.0937 1016 NetBIOS - ok
23:36:32.0984 1016 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
23:36:33.0125 1016 NetBT - ok
23:36:33.0156 1016 NetDDE (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
23:36:33.0312 1016 NetDDE - ok
23:36:33.0312 1016 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\WINDOWS\system32\netdde.exe
23:36:33.0453 1016 NetDDEdsdm - ok
23:36:33.0468 1016 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:36:33.0609 1016 Netlogon - ok
23:36:33.0671 1016 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\WINDOWS\System32\netman.dll
23:36:33.0828 1016 Netman - ok
23:36:33.0937 1016 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:36:33.0968 1016 NetTcpPortSharing - ok
23:36:34.0015 1016 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\WINDOWS\System32\mswsock.dll
23:36:34.0093 1016 Nla - ok
23:36:34.0109 1016 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
23:36:34.0250 1016 Npfs - ok
23:36:34.0328 1016 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
23:36:34.0562 1016 Ntfs - ok
23:36:34.0562 1016 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:36:34.0703 1016 NtLmSsp - ok
23:36:34.0781 1016 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\WINDOWS\system32\ntmssvc.dll
23:36:35.0046 1016 NtmsSvc - ok
23:36:35.0062 1016 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
23:36:35.0250 1016 Null - ok
23:36:36.0187 1016 nv (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:36:37.0843 1016 nv - ok
23:36:37.0968 1016 nvax (fb8595ef3ceb81f0da3f6f211b2df932) C:\WINDOWS\system32\drivers\nvax.sys
23:36:38.0046 1016 nvax - ok
23:36:38.0062 1016 NVENETFD (720cc533eecb65553bd86b139ca04433) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
23:36:38.0109 1016 NVENETFD - ok
23:36:38.0125 1016 nvnetbus (5f9f545cc5904dd8765f84ee1d056406) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
23:36:38.0140 1016 nvnetbus - ok
23:36:38.0218 1016 nvnforce (d2315cd3053fc3b4250dc2dbd0ac49e4) C:\WINDOWS\system32\drivers\nvapu.sys
23:36:38.0312 1016 nvnforce - ok
23:36:38.0359 1016 NVSvc (472a00d2183c9e5edb3e076272741812) C:\WINDOWS\System32\nvsvc32.exe
23:36:38.0390 1016 NVSvc - ok
23:36:38.0421 1016 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:36:38.0578 1016 NwlnkFlt - ok
23:36:38.0593 1016 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:36:38.0765 1016 NwlnkFwd - ok
23:36:38.0906 1016 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:36:39.0015 1016 odserv - ok
23:36:39.0078 1016 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:36:39.0109 1016 ose - ok
23:36:39.0140 1016 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
23:36:39.0281 1016 Parport - ok
23:36:39.0312 1016 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
23:36:39.0437 1016 PartMgr - ok
23:36:39.0468 1016 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
23:36:39.0625 1016 ParVdm - ok
23:36:39.0640 1016 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
23:36:39.0796 1016 PCI - ok
23:36:39.0796 1016 PCIDump - ok
23:36:39.0812 1016 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
23:36:39.0984 1016 PCIIde - ok
23:36:40.0031 1016 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
23:36:40.0171 1016 Pcmcia - ok
23:36:40.0187 1016 PDCOMP - ok
23:36:40.0187 1016 PDFRAME - ok
23:36:40.0203 1016 PDRELI - ok
23:36:40.0218 1016 PDRFRAME - ok
23:36:40.0218 1016 perc2 - ok
23:36:40.0234 1016 perc2hib - ok
23:36:40.0296 1016 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\WINDOWS\system32\services.exe
23:36:40.0312 1016 PlugPlay - ok
23:36:40.0343 1016 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\WINDOWS\system32\PnkBstrA.exe
23:36:40.0375 1016 PnkBstrA - ok
23:36:40.0390 1016 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\System32\lsass.exe
23:36:40.0515 1016 PolicyAgent - ok
23:36:40.0531 1016 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:36:40.0656 1016 PptpMiniport - ok
23:36:40.0671 1016 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
23:36:40.0812 1016 Processor - ok
23:36:40.0828 1016 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
23:36:40.0953 1016 ProtectedStorage - ok
23:36:40.0968 1016 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
23:36:41.0109 1016 PSched - ok
23:36:41.0140 1016 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:36:41.0312 1016 Ptilink - ok
23:36:41.0343 1016 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:36:41.0359 1016 PxHelp20 - ok
23:36:41.0375 1016 ql1080 - ok
23:36:41.0375 1016 Ql10wnt - ok
23:36:41.0390 1016 ql12160 - ok
23:36:41.0406 1016 ql1240 - ok
23:36:41.0406 1016 ql1280 - ok
23:36:41.0437 1016 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:36:41.0593 1016 RasAcd - ok
23:36:41.0625 1016 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\WINDOWS\System32\rasauto.dll
23:36:41.0796 1016 RasAuto - ok
23:36:41.0812 1016 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:36:41.0953 1016 Rasl2tp - ok
23:36:41.0984 1016 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\WINDOWS\System32\rasmans.dll
23:36:42.0171 1016 RasMan - ok
23:36:42.0187 1016 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:36:42.0312 1016 RasPppoe - ok
23:36:42.0328 1016 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
23:36:42.0500 1016 Raspti - ok
23:36:42.0546 1016 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:36:42.0687 1016 Rdbss - ok
23:36:42.0703 1016 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:36:42.0859 1016 RDPCDD - ok
23:36:42.0906 1016 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:36:43.0062 1016 rdpdr - ok
23:36:43.0109 1016 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
23:36:43.0171 1016 RDPWD - ok
23:36:43.0203 1016 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
23:36:43.0359 1016 RDSessMgr - ok
23:36:43.0375 1016 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
23:36:43.0515 1016 redbook - ok
23:36:43.0546 1016 RemoteAccess (127c26b5371651043450e52542099aba) C:\WINDOWS\System32\mprdim.dll
23:36:43.0703 1016 RemoteAccess - ok
23:36:43.0718 1016 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\WINDOWS\system32\regsvc.dll
23:36:43.0921 1016 RemoteRegistry - ok
23:36:43.0953 1016 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\WINDOWS\System32\locator.exe
23:36:44.0109 1016 RpcLocator - ok
23:36:44.0171 1016 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\WINDOWS\system32\rpcss.dll
23:36:44.0234 1016 RpcSs - ok
23:36:44.0265 1016 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\WINDOWS\System32\rsvp.exe
23:36:44.0437 1016 RSVP - ok
23:36:44.0468 1016 SamSs (ed0a176354487ceed65b80a7148ab739) C:\WINDOWS\system32\lsass.exe
23:36:44.0578 1016 SamSs - ok
23:36:44.0609 1016 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\WINDOWS\System32\SCardSvr.exe
23:36:44.0765 1016 SCardSvr - ok
23:36:44.0812 1016 Schedule (3ff232a7731621b8902d81d42418c93c) C:\WINDOWS\system32\schedsvc.dll
23:36:45.0000 1016 Schedule - ok
23:36:45.0031 1016 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:36:45.0156 1016 Secdrv - ok
23:36:45.0187 1016 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\WINDOWS\System32\seclogon.dll
23:36:45.0343 1016 seclogon - ok
23:36:45.0375 1016 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\WINDOWS\system32\sens.dll
23:36:45.0531 1016 SENS - ok
23:36:45.0546 1016 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
23:36:45.0671 1016 serenum - ok
23:36:45.0687 1016 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
23:36:45.0828 1016 Serial - ok
23:36:45.0859 1016 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
23:36:45.0984 1016 Sfloppy - ok
23:36:46.0046 1016 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\WINDOWS\System32\ipnathlp.dll
23:36:46.0281 1016 SharedAccess - ok
23:36:46.0328 1016 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:36:46.0343 1016 ShellHWDetection - ok
23:36:46.0343 1016 Simbad - ok
23:36:46.0421 1016 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe
23:36:46.0453 1016 SkypeUpdate - ok
23:36:46.0468 1016 Sparrow - ok
23:36:46.0484 1016 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
23:36:46.0609 1016 splitter - ok
23:36:46.0640 1016 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
23:36:46.0687 1016 Spooler - ok
23:36:46.0703 1016 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
23:36:46.0843 1016 sr - ok
23:36:46.0875 1016 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\WINDOWS\System32\srsvc.dll
23:36:47.0062 1016 srservice - ok
23:36:47.0125 1016 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
23:36:47.0250 1016 Srv - ok
23:36:47.0296 1016 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\WINDOWS\System32\ssdpsrv.dll
23:36:47.0453 1016 SSDPSRV - ok
23:36:47.0484 1016 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
23:36:47.0500 1016 ssmdrv - ok
23:36:47.0546 1016 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\WINDOWS\system32\wiaservc.dll
23:36:47.0781 1016 stisvc - ok
23:36:47.0796 1016 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
23:36:47.0921 1016 swenum - ok
23:36:47.0953 1016 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
23:36:48.0078 1016 swmidi - ok
23:36:48.0093 1016 SwPrv - ok
23:36:48.0109 1016 symc810 - ok
23:36:48.0109 1016 symc8xx - ok
23:36:48.0125 1016 sym_hi - ok
23:36:48.0140 1016 sym_u3 - ok
23:36:48.0156 1016 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
23:36:48.0296 1016 sysaudio - ok
23:36:48.0328 1016 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\WINDOWS\system32\smlogsvc.exe
23:36:48.0468 1016 SysmonLog - ok
23:36:48.0515 1016 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\WINDOWS\System32\tapisrv.dll
23:36:48.0703 1016 TapiSrv - ok
23:36:48.0781 1016 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:36:48.0890 1016 Tcpip - ok
23:36:48.0921 1016 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
23:36:49.0062 1016 TDPIPE - ok
23:36:49.0078 1016 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
23:36:49.0218 1016 TDTCP - ok
23:36:49.0250 1016 teamviewervpn (9101fffcfccd1a30e870a5b8a9091b10) C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys
23:36:49.0296 1016 teamviewervpn - ok
23:36:49.0312 1016 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
23:36:49.0453 1016 TermDD - ok
23:36:49.0500 1016 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\WINDOWS\System32\termsrv.dll
23:36:49.0703 1016 TermService - ok
23:36:49.0765 1016 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\WINDOWS\System32\shsvcs.dll
23:36:49.0781 1016 Themes - ok
23:36:49.0828 1016 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\System32\tlntsvr.exe
23:36:49.0984 1016 TlntSvr - ok
23:36:50.0000 1016 TosIde - ok
23:36:50.0031 1016 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\WINDOWS\system32\trkwks.dll
23:36:50.0203 1016 TrkWks - ok
23:36:50.0218 1016 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
23:36:50.0250 1016 TrueSight ( UnsignedFile.Multi.Generic ) - warning
23:36:50.0250 1016 TrueSight - detected UnsignedFile.Multi.Generic (1)
23:36:50.0296 1016 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
23:36:50.0437 1016 Udfs - ok
23:36:50.0453 1016 ultra - ok
23:36:50.0515 1016 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\System32\wdfmgr.exe
23:36:50.0734 1016 UMWdf - ok
23:36:51.0390 1016 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
23:36:51.0593 1016 Update - ok
23:36:51.0625 1016 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\WINDOWS\System32\upnphost.dll
23:36:51.0812 1016 upnphost - ok
23:36:51.0828 1016 UPS (20a0f6a11959e92908717d09e87d670d) C:\WINDOWS\System32\ups.exe
23:36:51.0968 1016 UPS - ok
23:36:51.0984 1016 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:36:52.0125 1016 usbccgp - ok
23:36:52.0156 1016 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:36:52.0281 1016 usbehci - ok
23:36:52.0312 1016 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:36:52.0437 1016 usbhub - ok
23:36:52.0484 1016 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:36:52.0609 1016 usbohci - ok
23:36:52.0625 1016 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:36:52.0750 1016 usbprint - ok
23:36:52.0781 1016 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:36:52.0906 1016 usbscan - ok
23:36:52.0937 1016 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:36:53.0062 1016 USBSTOR - ok
23:36:53.0093 1016 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
23:36:53.0218 1016 VgaSave - ok
23:36:53.0218 1016 ViaIde - ok
23:36:53.0234 1016 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
23:36:53.0375 1016 VolSnap - ok
23:36:53.0468 1016 Vsdatant (558cee3d9c470651f1843d51b42d761b) C:\WINDOWS\system32\vsdatant.sys
23:36:53.0562 1016 Vsdatant - ok
23:36:53.0578 1016 vsmon - ok
23:36:53.0656 1016 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\WINDOWS\System32\vssvc.exe
23:36:53.0812 1016 VSS - ok
23:36:53.0843 1016 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\WINDOWS\System32\w32time.dll
23:36:54.0000 1016 W32Time - ok
23:36:54.0015 1016 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:36:54.0156 1016 Wanarp - ok
23:36:54.0156 1016 WDICA - ok
23:36:54.0203 1016 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
23:36:54.0328 1016 wdmaud - ok
23:36:54.0343 1016 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\WINDOWS\System32\webclnt.dll
23:36:54.0515 1016 WebClient - ok
23:36:54.0578 1016 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\WINDOWS\system32\wbem\WMIsvc.dll
23:36:54.0765 1016 winmgmt - ok
23:36:54.0796 1016 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\mspmsnsv.dll
23:36:54.0859 1016 WmdmPmSN - ok
23:36:54.0968 1016 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\WINDOWS\System32\advapi32.dll
23:36:55.0109 1016 Wmi - ok
23:36:55.0156 1016 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\System32\wbem\wmiapsrv.exe
23:36:55.0296 1016 WmiApSrv - ok
23:36:55.0312 1016 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\Drivers\wpdusb.sys
23:36:55.0328 1016 WpdUsb - ok
23:36:55.0375 1016 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:36:55.0546 1016 WS2IFSL - ok
23:36:55.0578 1016 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\WINDOWS\system32\wscsvc.dll
23:36:55.0750 1016 wscsvc - ok
23:36:55.0781 1016 wuauserv (c1364564800ee9784192145324a23308) C:\WINDOWS\System32\wuauserv.dll
23:36:55.0937 1016 wuauserv - ok
23:36:56.0015 1016 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\WINDOWS\System32\wzcsvc.dll
23:36:56.0250 1016 WZCSVC - ok
23:36:56.0281 1016 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\WINDOWS\System32\xmlprov.dll
23:36:56.0468 1016 xmlprov - ok
23:36:56.0500 1016 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
23:36:57.0000 1016 \Device\Harddisk0\DR0 - ok
23:36:57.0015 1016 Boot (0x1200) (355415038fb036c18a1cc0396057f677) \Device\Harddisk0\DR0\Partition0
23:36:57.0015 1016 \Device\Harddisk0\DR0\Partition0 - ok
23:36:57.0015 1016 Boot (0x1200) (06c8a3a16d877cd6d77b83e1300ffc1b) \Device\Harddisk0\DR0\Partition1
23:36:57.0015 1016 \Device\Harddisk0\DR0\Partition1 - ok
23:36:57.0015 1016 ============================================================
23:36:57.0015 1016 Scan finished
23:36:57.0015 1016 ============================================================
23:36:57.0140 0968 Detected object count: 2
23:36:57.0140 0968 Actual detected object count: 2
23:37:34.0921 0968 BIOS ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:34.0921 0968 BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:37:34.0921 0968 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:34.0921 0968 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

#9 Příspěvek od **vyosek** » 11 srp 2012 22:39

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

cokolad · #10 Příspěvek od **cokolad** » 11 srp 2012 23:03

teraz som vsimol ze som zabudol na:Zaskrtnete okenko Pro vsechny uzivatele

je to problem? nemam v PC ziadne ine konta..ak ano tak todam samozrejme odzaciatku

cokolad · #11 Příspěvek od **cokolad** » 11 srp 2012 23:11

OTL logfile created on: 11.8.2012 23:43:29 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\TonyX\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 186,91 Mb Available Physical Memory | 36,54% Memory free
1,97 Gb Paging File | 1,24 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 21,58 Gb Free Space | 55,24% Space Free | Partition Type: NTFS
Drive D: | 426,69 Gb Total Space | 378,73 Gb Free Space | 88,76% Space Free | Partition Type: NTFS

Computer Name: COKOLAD | User Name: TonyX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2012.08.11 23:39:44 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TonyX\Plocha\OTL.exe
PRC - [2012.08.11 23:23:44 | 001,558,528 | ---- | M] () -- C:\Documents and Settings\TonyX\Dokumenty\Downloads\RogueKiller.exe
PRC - [2012.08.07 08:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
PRC - [2011.11.09 21:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2011.11.09 21:01:38 | 000,073,360 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2011.11.03 16:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2011.11.03 16:44:24 | 000,738,944 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2011.08.22 07:48:18 | 000,504,112 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Unite\crdphService.exe
PRC - [2011.08.22 07:48:18 | 000,360,752 | ---- | M] (COMODO) -- C:\Program Files\COMODO\Unite\EzVpnSvc.exe
PRC - [2011.07.04 15:26:07 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.21 07:54:05 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:53:33 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.08.17 18:39:58 | 000,090,112 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2003.07.29 18:06:32 | 000,515,584 | ---- | M] (Chicony) -- C:\WINDOWS\zHotkey.exe

========== Modules (No Company Name) ==========

MOD - [2012.08.07 08:43:40 | 000,442,392 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012.08.07 08:43:39 | 012,235,800 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012.08.07 08:43:37 | 003,997,720 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012.08.07 08:42:09 | 000,144,424 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012.08.07 08:42:08 | 000,266,792 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012.08.07 08:42:07 | 002,480,680 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012.06.30 17:42:30 | 004,051,456 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.0.3\libGLESv2.dll
MOD - [2012.06.30 17:42:30 | 000,100,864 | ---- | M] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\User Data\SwiftShader\1.0.0.3\libEGL.dll
MOD - [2011.08.22 07:48:18 | 001,126,704 | ---- | M] () -- C:\Program Files\COMODO\Unite\EngineServiceBridge.dll
MOD - [2011.06.16 00:14:48 | 000,331,776 | ---- | M] () -- D:\WinRar\rarlng.dll
MOD - [2011.05.28 22:04:58 | 000,140,288 | ---- | M] () -- D:\WinRar\RarExt.dll
MOD - [2010.06.17 15:27:22 | 000,355,688 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.04.14 05:21:47 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.06.14 22:43:26 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\LMablmpm.dll
MOD - [2003.05.26 19:19:18 | 000,532,544 | ---- | M] () -- C:\WINDOWS\PIC.dll
MOD - [2001.07.02 20:36:30 | 000,024,576 | ---- | M] () -- C:\WINDOWS\HKNTDLL.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2012.08.10 23:25:30 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.03 15:07:55 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.11.09 21:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011.11.03 16:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2011.08.22 07:48:18 | 000,360,752 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\Unite\EzVpnSvc.exe -- (EzVpnSvc)
SRV - [2011.07.04 15:26:07 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 07:53:48 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2005.06.14 22:40:54 | 000,491,520 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\system32\LMabcoms.exe -- (lmab_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.08.11 23:23:55 | 000,014,080 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2012.07.02 12:23:05 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012.02.22 19:57:25 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.11.09 21:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011.11.03 16:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011.10.20 20:38:38 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.07.04 15:26:08 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.04 15:26:08 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.04.14 11:01:46 | 000,017,816 | ---- | M] (Comodo, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmdatp.sys -- (ATP)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.17 15:27:12 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2005.08.19 17:31:52 | 003,644,800 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005.04.13 12:34:02 | 000,414,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2005.04.13 12:32:42 | 000,053,376 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2005.04.06 03:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.06 03:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.03.16 08:23:54 | 000,013,696 | R--- | M] (BIOSTAR Group) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BIOS.sys -- (BIOS)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={ ... rer:source?}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f5 ... earchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f5 ... earchTerms}
IE - HKCU\..\SearchScopes\{D75969B3-0815-4D23-AC66-B1EEC96E5F5C}: "URL" = http://search.conduit.com/ResultsExt.as ... =CT2645238
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=f5 ... ce8dcb3&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnLvn: C:\Program Files\COMODO\Unite\npEasyVpnLVN.dll (COMODO)
FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnRdp: C:\Program Files\COMODO\Unite\NpRdpView.dll ( )
FF - HKLM\Software\MozillaPlugins\@comodo.com/EasyvpnVnc: C:\Program Files\COMODO\Unite\NpVncView.dll ( )
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012.03.10 13:25:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.27 15:13:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.08.10 23:25:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.11 17:14:08 | 000,000,000 | ---D | M]

[2011.07.03 19:09:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Extensions
[2012.07.29 16:09:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions
[2012.07.19 11:33:45 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\searchplugins\startsear.xml
[2011.11.26 20:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.05.02 10:38:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012.08.10 23:25:32 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.06.30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.08.10 23:25:24 | 000,002,208 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\heureka-cz.xml
[2012.08.10 23:25:24 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2012.08.10 23:25:24 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2012.08.10 23:25:24 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2012.08.10 23:25:24 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\TonyX\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\TonyX\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\TonyX\Local Settings\Data aplikac\u00ED\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\TonyX\Local Settings\Data aplikac\u00ED\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\TonyX\Local Settings\Data aplikac\u00ED\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AdBlock = C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

O1 HOSTS File: ([2001.10.25 14:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CHotkey] C:\WINDOWS\zHotkey.exe (Chicony)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ShowWnd] C:\WINDOWS\ShowWnd.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [DAEMON Tools Lite] D:\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3E410177-CAB2-40AE-8464-3CE60BBAF03C}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.07.01 17:13:52 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2012.08.11 23:39:42 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\TonyX\Plocha\OTL.exe
[2012.08.11 23:23:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TonyX\Plocha\RK_Quarantine
[2012.08.11 23:16:11 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2012.08.11 23:16:04 | 000,000,000 | ---D | C] -- C:\rsit
[2012.08.11 23:03:18 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\TonyX\Recent
[2012.08.11 15:37:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\COMODO
[2012.08.11 15:29:57 | 000,017,816 | ---- | C] (Comodo, Inc.) -- C:\WINDOWS\System32\drivers\cmdatp.sys
[2012.08.11 15:29:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2012.08.11 15:29:43 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.08.11 15:29:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\TonyX\Data aplikací\COMODO
[2012.08.11 15:28:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\COMODO
[2012.08.11 15:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TeamViewer 7
[2012.08.11 15:09:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2012.08.11 23:46:01 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2012.08.11 23:45:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.11 23:45:02 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.11 23:39:44 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\TonyX\Plocha\OTL.exe
[2012.08.11 23:23:55 | 000,014,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012.08.11 23:07:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.08.11 22:51:09 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003UA.job
[2012.08.11 17:51:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003Core.job
[2012.08.11 15:37:58 | 000,000,733 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\COMODO Unite.lnk
[2012.08.11 15:09:16 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 7.lnk
[2012.08.11 12:10:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.08.11 12:10:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.08.09 20:06:58 | 000,002,257 | ---- | M] () -- C:\Documents and Settings\TonyX\Plocha\Google Chrome.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.08.11 23:46:01 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2012.08.11 23:23:55 | 000,014,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2012.08.11 15:37:58 | 000,000,733 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\COMODO Unite.lnk
[2012.08.11 15:09:16 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TeamViewer 7.lnk
[2012.07.25 13:56:54 | 001,134,592 | ---- | C] () -- C:\WINDOWS\System32\LMabusb1.dll
[2012.07.25 13:56:54 | 000,630,784 | ---- | C] () -- C:\WINDOWS\System32\LMabpmui.dll
[2012.07.25 13:56:53 | 001,183,744 | ---- | C] () -- C:\WINDOWS\System32\LMabserv.dll
[2012.07.25 13:56:53 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\LMabprox.dll
[2012.07.25 13:56:52 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\LMabip1.dll
[2012.07.25 13:56:52 | 000,507,904 | ---- | C] () -- C:\WINDOWS\System32\LMabpar1.dll
[2012.07.25 13:56:52 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\LMablmpm.dll
[2012.07.25 13:56:52 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\LMabppls.exe
[2012.07.25 13:56:52 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\LMabpplc.dll
[2012.07.25 13:56:51 | 000,491,520 | ---- | C] () -- C:\WINDOWS\System32\LMabcoms.exe
[2012.07.25 13:56:51 | 000,413,696 | ---- | C] () -- C:\WINDOWS\System32\LMabcomm.dll
[2012.07.25 13:56:50 | 000,704,512 | ---- | C] () -- C:\WINDOWS\System32\LMabcomc.dll
[2012.02.16 15:01:11 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.07.05 13:45:15 | 000,051,712 | ---- | C] () -- C:\Documents and Settings\TonyX\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.05 13:35:38 | 000,000,507 | ---- | C] () -- C:\WINDOWS\LMABB2DD.ini
[2011.07.05 13:34:13 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lexlog.dll
[2011.07.04 14:41:41 | 000,138,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.07.04 14:41:40 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\TonyX\Data aplikací\PnkBstrK.sys
[2011.07.04 14:41:23 | 000,271,200 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.07.04 14:41:22 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.07.04 14:41:19 | 000,000,281 | ---- | C] () -- C:\WINDOWS\game.ini
[2011.07.02 17:57:05 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011.07.01 19:06:12 | 000,004,265 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.07.01 19:04:44 | 000,294,864 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.01 17:28:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.07.01 17:21:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.07.01 17:21:12 | 000,001,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2011.07.01 17:21:06 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2011.07.01 17:21:04 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.07.01 17:18:33 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2011.07.01 17:18:33 | 000,036,864 | ---- | C] () -- C:\WINDOWS\ShowWnd.exe
[2011.07.01 17:18:33 | 000,024,576 | ---- | C] () -- C:\WINDOWS\HKNTDLL.dll
[2011.07.01 17:16:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.07.01 17:11:00 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== LOP Check ==========

[2011.07.02 19:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2011.11.12 15:06:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CheckPoint
[2012.01.26 13:21:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
[2011.08.27 17:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MGS
[2011.07.07 20:18:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Sports Interactive
[2012.04.30 13:04:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\StatSoft
[2012.04.06 23:52:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.03.17 17:29:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Z-Software
[2012.01.22 20:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Ashampoo
[2011.09.20 17:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Atari
[2011.07.02 21:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\CheckPoint
[2012.05.01 22:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite
[2011.07.02 19:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Leadertech
[2011.11.10 18:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Microgaming
[2011.07.08 16:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\OpenOffice.org
[2011.07.02 21:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\PriceGong
[2012.04.30 13:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Softland
[2011.07.07 20:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Sports Interactive
[2012.04.30 13:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\StatSoft
[2012.07.26 21:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\TeamViewer
[2012.05.01 22:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\uTorrent
[2012.07.21 20:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\X-Chat 2
[2012.01.23 15:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Z-Software

========== Purity Check ==========

========== Custom Scans ==========

< >

< >

< MD5 for: ATAPI.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
[2002.08.29 01:27:50 | 000,086,912 | ---- | M] (Microsoft Corporation) MD5=95B858761A00E1D4F81F79A0DA019ACA -- C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\ServicePackFiles\i386\autochk.exe
[2008.04.14 05:22:10 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=C7A9FF12C63E2E448722B02C71A8C431 -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 15:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\$NtServicePackUninstall$\autochk.exe

< MD5 for: CDROM.SYS >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:cdrom.sys
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\ServicePackFiles\i386\cdrom.sys
[2008.04.13 20:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004.08.03 22:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtServicePackUninstall$\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.17 15:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

< MD5 for: HAL.DLL >
[2002.09.20 18:17:54 | 010,174,968 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp1.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2004.08.17 15:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2011.07.10 20:33:54 | 023,890,583 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:hal.dll
[2008.04.13 20:31:32 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2008.04.13 20:31:28 | 000,131,840 | ---- | M] (Microsoft Corporation) MD5=6F61D3287A6A15A08A9433222C09D17F -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll

< MD5 for: SCECLI.DLL >
[2004.08.17 15:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 05:21:54 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SVCHOST.EXE >
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2008.04.14 05:22:48 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
[2004.08.17 15:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe

< MD5 for: TCPIP.SYS >
[2006.04.20 13:51:50 | 000,359,808 | ---- | M] (Microsoft Corporation) MD5=1DBF125862891817F374F407626967F4 -- C:\WINDOWS\$NtUninstallKB951748_0$\tcpip.sys
[2008.06.20 12:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
[2008.06.20 12:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008.04.13 21:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008.06.20 13:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\system32\drivers\tcpip.sys
[2004.08.03 23:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[2008.06.20 13:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[2006.04.20 14:18:35 | 000,360,576 | ---- | M] (Microsoft Corporation) MD5=B2220C618B42A2212A59D91EBD6FC4B4 -- C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 05:22:50 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
[2004.08.17 15:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 15:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 05:22:53 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2011.09.03 13:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Adobe
[2012.01.22 20:37:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Ashampoo
[2011.09.20 17:51:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Atari
[2011.07.04 15:22:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Avira
[2011.07.02 21:26:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\CheckPoint
[2012.08.11 15:38:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\COMODO
[2012.05.01 22:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite
[2011.10.13 19:26:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\DivX
[2011.10.01 13:11:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Google
[2012.08.11 15:25:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Hamachi
[2011.07.01 17:17:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Identities
[2011.07.02 19:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Leadertech
[2011.07.01 17:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Macromedia
[2011.11.10 18:41:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Microgaming
[2011.12.11 18:37:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\TonyX\Data aplikací\Microsoft
[2012.03.16 18:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\mIRC
[2011.07.03 19:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla
[2011.07.08 16:29:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\OpenOffice.org
[2011.07.02 21:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\PriceGong
[2012.07.12 11:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Skype
[2012.04.30 13:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Softland
[2011.07.07 20:17:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Sports Interactive
[2012.04.30 13:05:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\StatSoft
[2012.07.26 21:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\TeamViewer
[2012.05.01 22:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\uTorrent
[2012.06.27 00:28:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Winamp
[2011.07.02 18:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\WinRAR
[2012.07.21 20:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\X-Chat 2
[2012.01.23 15:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\TonyX\Data aplikací\Z-Software

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2012.08.11 23:07:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.08.11 23:45:02 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.11 23:45:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.11 17:51:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003Core.job
[2012.08.11 23:51:02 | 000,001,010 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003UA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2011.07.01 19:03:49 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.07.01 19:03:49 | 000,630,784 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.07.01 19:03:49 | 000,413,696 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2012.08.11 12:10:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 05:22:17 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\TonyX\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2011.07.02 21:12:16 | 000,136,176 | ---- | M] (Google Inc.)
"DAEMON Tools Lite" = "D:\DAEMON Tools Lite\DTLite.exe" -autorun -- [2012.02.13 10:06:56 | 003,481,408 | ---- | M] (DT Soft Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2012.08.10 23:25:31 | 000,913,888 | ---- | M] (Mozilla Corporation) MD5=3F677172F23FC17283D9BCE4B42E3F65 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2009.03.08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation) MD5=B60DDDD2D63CE41CB8C487FCFBB6419E -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2012.08.11 23:46:01 | 000,000,512 | ---- | M] () MD5=13F3F5BEB341707CC09EA1175AF8916D -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2010.06.18 11:28:14 | 000,002,623 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\Examples\Datasets\Cracker promotion.sta

< *keygen* /s >

< *loader* /s >
[2012.02.29 08:49:32 | 000,072,638 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.gif
[2012.02.29 08:49:32 | 000,003,032 | ---- | M] () -- \Documents and Settings\All Users\Data aplikací\Skype\Apps\login\images\loader.png
[2012.04.26 20:33:16 | 000,009,051 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite\MediaInfo\img\loader.gif
[2012.04.26 20:33:16 | 000,016,119 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.jpg
[2012.04.26 20:33:16 | 000,018,434 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite\MediaInfo\img\logo_loader_page.png
[2012.04.26 20:33:16 | 000,009,283 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\ImageInfoLoader.js
[2012.04.26 20:33:16 | 000,001,699 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\DAEMON Tools Lite\MediaInfo\js\app\MediaInfo\NewsLoader.js
[2012.01.11 12:47:26 | 000,010,144 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\conduitCommon\modules\3.9.0.3\ExternalLibraryLoader.jsm
[2012.07.16 23:06:52 | 000,010,145 | ---- | M] () -- \Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules\ExternalLibraryLoader.jsm
[2012.08.11 23:04:47 | 000,013,642 | ---- | M] () -- \Documents and Settings\TonyX\Local Settings\Temporary Internet Files\Content.IE5\9O502AJC\ajax-loader[1].gif
[2011.07.04 15:26:07 | 000,034,664 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloader.dll
[2011.07.04 15:26:07 | 000,343,400 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avnetworkloadergui.dll
[2011.07.04 15:26:07 | 000,214,184 | ---- | M] () -- \Program Files\Avira\AntiVir Desktop\avwebloader.exe
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VS7DEBUG\coloader.tlb
[2009.11.12 13:50:16 | 000,071,008 | ---- | M] () -- \Program Files\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2010.11.04 16:21:44 | 000,007,233 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\MULTIMED\images\ProgressLoader.png
[2010.11.04 16:21:58 | 000,007,233 | ---- | M] () -- \Program Files\StatSoft\STATISTICA 10\MULTIMED\swf\loaderlogo.png
[2004.08.17 15:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\dmloader.dll
[2004.08.03 22:59:38 | 000,230,400 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.exe
[2004.08.03 22:59:38 | 000,278,016 | ---- | M] () -- \WINDOWS\$NtServicePackUninstall$\osloader.ntd
[2002.12.12 00:14:32 | 000,033,280 | ---- | M] () -- \WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dmloader.dll
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\dmloader.dll
[2008.04.13 20:31:47 | 000,230,912 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.exe
[2008.04.13 20:31:48 | 000,278,528 | ---- | M] () -- \WINDOWS\ServicePackFiles\i386\osloader.ntd
[2008.04.14 05:21:39 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[2 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:78E0DF72
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D31BE97C
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:260575F1

< End of report >

cokolad · #12 Příspěvek od **cokolad** » 11 srp 2012 23:12

OTL Extras logfile created on: 11.8.2012 23:43:29 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Documents and Settings\TonyX\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

511,48 Mb Total Physical Memory | 186,91 Mb Available Physical Memory | 36,54% Memory free
1,97 Gb Paging File | 1,24 Gb Available in Paging File | 63,17% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39,06 Gb Total Space | 21,58 Gb Free Space | 55,24% Space Free | Partition Type: NTFS
Drive D: | 426,69 Gb Total Space | 378,73 Gb Free Space | 88,76% Space Free | Partition Type: NTFS

Computer Name: COKOLAD | User Name: TonyX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring" = 1

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\NHL gpc\Winamp\winamp.exe" = D:\NHL gpc\Winamp\winamp.exe:*:Enabled:Winamp
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe" = C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon
"D:\hry\FM 2010\fm.exe" = D:\hry\FM 2010\fm.exe:*:Enabled:Football Manager 2010 -- (Sports Interactive)
"C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe" = C:\Documents and Settings\TonyX\Plocha\xchat\xchat.exe:*:Enabled:XChat IRC Client
"D:\hry\NHL 2009\nhl2009.exe" = D:\hry\NHL 2009\nhl2009.exe:*:Enabled:nhl2009 -- ()
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\WINDOWS\system32\LMabcoms.exe" = C:\WINDOWS\system32\LMabcoms.exe:*:Enabled:Lexmark Enhanced TCP/IP -- ()
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\COMODO\Unite\Unite.exe" = C:\Program Files\COMODO\Unite\Unite.exe:*:Enabled:COMODO Unite -- (COMODO)
"C:\Program Files\COMODO\Unite\EzVpnSvc.exe" = C:\Program Files\COMODO\Unite\EzVpnSvc.exe:*:Enabled:COMODO Unite -- (COMODO)
"C:\Program Files\COMODO\Unite\crdphAppShare.exe" = C:\Program Files\COMODO\Unite\crdphAppShare.exe:*:Enabled:COMODO Unite -- (COMODO)
"C:\Program Files\COMODO\Unite\crdphService.exe" = C:\Program Files\COMODO\Unite\crdphService.exe:*:Enabled:COMODO Unite -- (COMODO)
"C:\Program Files\COMODO\Unite\UniteCAM.exe" = C:\Program Files\COMODO\Unite\UniteCAM.exe:*:Enabled:COMODO Unite -- (COMODO)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2B120B1D-1908-4FB3-8C9D-72128A74E80A}" = ZoneAlarm Security
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1" = Kobra 11 Nitro
"{63E949F6-03BC-5C40-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM
"{6E66ECBD-FCA7-4AE1-A8C5-1CA78BEEB057}" = Multimedia Keyboard Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92C7D009-A464-4948-A980-7A3E28CB2F49}_is1" = Richard Burns Rally
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A386CC19-1E79-4D4C-A54B-C8747871E4AD}" = ZoneAlarm Firewall
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Czech
"{B82FA3D7-4EFB-4E9F-888F-D7DB1C513D48}" = STATISTICA CZ 10
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2FE0127-0F86-43C7-824E-AA78E6B5F4F3}" = Total Immersion Racing
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D6B8ED44-CA4A-4702-924D-34596E5450DB}" = Crusader Kings
"{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}" = NVIDIA PhysX
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2B5A2A7-2DF9-4361-8BD5-362714528B51}" = NHL® 09
"{F527D3F1-57DF-43B5-A570-ADED61CE8C06}" = COMODO Unite
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 11_is1" = Ashampoo Burning Studio 11 v.11.0.4
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.80
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Football Manager 2010" = Football Manager 2010
"German Truck Simulator" = German Truck Simulator 1.00
"Hamachi" = Hamachi 1.0.2.5
"ie8" = Windows Internet Explorer 8
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Lexmark_HostCD" = Lexmark Software Uninstall
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 14.0.1 (x86 cs)" = Mozilla Firefox 14.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mystery Case Files - Prime Suspects 1.00" = Mystery Case Files - Prime Suspects 1.00
"Mystery Case Files - Ravenhearst 1.00" = Mystery Case Files - Ravenhearst 1.00
"NVIDIA Drivers" = NVIDIA Drivers
"Quake 3 Arena Demo" = Quake 3 Arena Demo
"STATNOVAPDF_is1" = STATNOVAPDF (novaPDF 7.1 printer)
"TeamViewer 7" = TeamViewer 7
"The KMPlayer" = The KMPlayer (remove only)
"uTorrent" = µTorrent
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in

========== Last 20 Event Log Errors ==========

[ OSession Events ]
Error - 6.11.2011 10:41:00 | Computer Name = COKOLAD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3220
seconds with 2220 seconds of active time. This session ended with a crash.

Error - 6.11.2011 11:26:16 | Computer Name = COKOLAD | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2532
seconds with 1680 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21.7.2012 12:56:46 | Computer Name = COKOLAD | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 7.133.184.184 pro síťovou kartu s adresou 00FF1D56477A
byla serverem DHCP 7.0.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

Error - 25.7.2012 7:48:06 | Computer Name = COKOLAD | Source = Print | ID = 6161
Description = Tisk dokumentu The_Myth_Endless_Love.pdf (vlastník: TonyX) na tiskárně
Lexmark E120 se nezdařil. Datový typ: NT EMF 1.008 Velikost zařazeného souboru (bajty):
858604 Počet vytištěných bajtů: 220332 Celkový počet stran v dokumentu: 3 Počet vytištěných
stran: 0 Klientský počítač: \\COKOLAD Kód chyby Win32, vrácený tiskovým procesorem:
534 (0x216)

Error - 25.7.2012 12:04:11 | Computer Name = COKOLAD | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 7A7905BEAA80. Došlo k následující chybě: %%121. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 3.8.2012 13:24:28 | Computer Name = COKOLAD | Source = Service Control Manager | ID = 7022
Description = Služba Avira AntiVir Guard přestala během spouštění reagovat.

Error - 5.8.2012 6:11:05 | Computer Name = COKOLAD | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 7A7905BEAA80. Došlo k následující chybě: %%121. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 7.8.2012 12:57:30 | Computer Name = COKOLAD | Source = Dhcp | ID = 1001
Description = Počítači nebyla přiřazena síťová adresa (serverem DHCP) pro síťovou
kartu se síťovou adresou 7A7905BEAA80. Došlo k následující chybě: %%121. Počítač
se bude pokoušet získat síťovou adresu samostatně ze serveru DHCP.

Error - 11.8.2012 9:13:28 | Computer Name = COKOLAD | Source = Dhcp | ID = 1002
Description = Zapůjčení adresy IP 7.133.184.184 pro síťovou kartu s adresou 00FFEDDB5D24
byla serverem DHCP 7.0.0.1 odmítnuta. (Server DHCP odeslal zprávu DHCPNACK).

< End of report >

#13 Příspěvek od **vyosek** » 12 srp 2012 08:37

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f5 ... ce8dcb3&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=f5 ... ce8dcb3&q={searchTerms}
IE - HKCU\..\SearchScopes\{D75969B3-0815-4D23-AC66-B1EEC96E5F5C}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1"
FF - prefs.js..keyword.URL: "http://startsear.ch/?aff=1&src=sp&cf=f592fbca-f2bd-11e0-bd74-00e04ce8dcb3&q="
[2012.07.19 11:33:45 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
[2011.07.11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\searchplugins\startsear.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[20 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
[1 C:\WINDOWS\system32\dllcache\*.tmp files -> C:\WINDOWS\system32\dllcache\*.tmp -> ]
[4 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> ]
[2012.08.11 23:07:02 | 000,000,914 | ---- | M] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2012.08.11 23:45:02 | 000,000,934 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2012.08.11 23:45:02 | 000,000,938 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2012.08.11 17:51:01 | 000,000,958 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003Core.job
[2012.08.11 23:51:02 | 000,001,010 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003UA.job
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:78E0DF72
@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D31BE97C
@Alternate Data Stream - 109 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:260575F1

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TonyX^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[EMPTYJAVA]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

cokolad · #14 Příspěvek od **cokolad** » 12 srp 2012 12:05

All processes killed
========== OTL ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
Service Changer stopped successfully!
Service Changer deleted successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D75969B3-0815-4D23-AC66-B1EEC96E5F5C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D75969B3-0815-4D23-AC66-B1EEC96E5F5C}\ not found.
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Prefs.js: "http://startsear.ch/?aff=1" removed from browser.startup.homepage
Prefs.js: "http://startsear.ch/?aff=1&src=sp&cf=f5 ... ce8dcb3&q=" removed from keyword.URL
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\searchplugin folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\Plugins folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\modules folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\META-INF folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\defaults folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} folder moved successfully.
C:\Documents and Settings\TonyX\Data aplikací\Mozilla\Firefox\Profiles\0cpvnl8c.default\searchplugins\startsear.xml moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
C:\WINDOWS\002395_.tmp deleted successfully.
C:\WINDOWS\005515_.tmp deleted successfully.
C:\WINDOWS\SET3.tmp deleted successfully.
C:\WINDOWS\SETA.tmp deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10E.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10F.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP14B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17.tmp\System.WorkflowServices.dll deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP17.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP19B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1EB.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP273.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29A.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2CE.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2F4.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP311.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP332.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP37C.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP38B.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP467.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP492.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4AF.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP594.tmp folder deleted successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP674.tmp folder deleted successfully.
C:\WINDOWS\system32\ConduitEngine.tmp deleted successfully.
C:\WINDOWS\system32\CONFIG.TMP deleted successfully.
C:\WINDOWS\system32\dllcache\d3d8.dll.tmp deleted successfully.
C:\WINDOWS\Temp\ZLT01ca3.TMP deleted successfully.
C:\WINDOWS\Temp\ZLT01d70.TMP deleted successfully.
File delete failed. C:\WINDOWS\Temp\ZLT02a1b.TMP scheduled to be deleted on reboot.
C:\WINDOWS\Temp\ZLT04637.TMP deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003Core.job moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-1606980848-682003330-1003UA.job moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:78E0DF72 deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:D31BE97C deleted successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:260575F1 deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^TonyX^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 2047112 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 1981672 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: TonyX
->Temp folder emptied: 7854178 bytes
->Temporary Internet Files folder emptied: 1577871 bytes
->FireFox cache emptied: 62406565 bytes
->Google Chrome cache emptied: 97426465 bytes
->Flash cache emptied: 629 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1056332 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 139897880 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 182767 bytes
RecycleBin emptied: 3697176 bytes

Total Files Cleaned = 303,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: TonyX
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: TonyX

Total Java Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.57.0 log created on 08122012_125848

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\Temp\ZLT02a1b.TMP not found!
C:\Documents and Settings\TonyX\Local Settings\Temp\~DF6F8E.tmp moved successfully.

PendingFileRenameOperations files...
File C:\WINDOWS\Temp\ZLT02a1b.TMP not found!
File C:\Documents and Settings\TonyX\Local Settings\Temp\~DF6F8E.tmp not found!

Registry entries deleted on Reboot...

#15 Příspěvek od **vyosek** » 12 srp 2012 12:08

Jak se chova PC, zmizel problem

VIRY.CZ

startpins.com

startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com

Re: startpins.com