Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

poprosim kontrolu - samo otvara browser

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

poprosim kontrolu - samo otvara browser

#1 Příspěvek od djmirente »

Prosim skontrlujte mi toto, pretoze asi predvcerom mi zacalo otvarat samo, stranky v browseroch + vyhadzuje chybnu hlasku od net framework, nemam rsit log, pretoze mi nechce ist aj tam vyhodi error, tak dava HJT log.

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:32, on 22. 3. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\CtHelper.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\CyberLink\Shared Files\brs.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Spyware Doctor\pctsGui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dj Mirente\Desktop\RSIT.exe
D:\Moje Dokumenty\Dj Mirente.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) -  - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O3 - Toolbar: RefresherBand Class - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\PROGRA~1\YREFRE~1\YREFRE~1.DLL
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Nokia FastStart] "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinsysMon] C:\Users\DJMIRE~1\AppData\Local\Temp\nsg7805.tmp\googletoolbar.exe
O4 - HKLM\..\Run: [TVFGLYJBGI.exe] C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [HighGrow] "C:\Program Files\HighGrow\HighGrow.exe"  /A
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dj Mirente\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe"  /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DevconDefaultDB] C:\Windows\system32\READREG /SILENT /FAIL=1 (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra 'Tools' menuitem: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm (file missing)
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O17 - HKLM\System\CCS\Services\Tcpip\..\{2673009A-FCB4-4609-AB0B-2E13D1CBC4D7}: NameServer = 195.146.128.60,195.146.132.59
O17 - HKLM\System\CS1\Services\Tcpip\..\{2673009A-FCB4-4609-AB0B-2E13D1CBC4D7}: NameServer = 195.146.128.60,195.146.132.59
O17 - HKLM\System\CS2\Services\Tcpip\..\{2673009A-FCB4-4609-AB0B-2E13D1CBC4D7}: NameServer = 195.146.128.60,195.146.132.59
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Dj Mirente\AppData\LocalLow\Microńoft\redir.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10417 bytes
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#2 Příspěvek od motji »

Hezké odpoledne :)

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users , ,
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
-klikněte na tlačítko Run scan.
-proběhne sken a objeví se dva logy, obsah obou vložte zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#3 Příspěvek od djmirente »

Pekný večer :)
Tu su tie logy
Přílohy
Desktop.rar
oba logy
(23.21 KiB) Staženo 67 x
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#4 Příspěvek od motji »

Prosím mohl by jste logy vložit do topicu, klidně je erozdělte do více příspěvků, je to pro mě přehlednější, občas se k tomu musím vracet. :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#5 Příspěvek od djmirente »

Log (Extras)

Kód: Vybrat vše

OTL Extras logfile created on: 22. 3. 2010 20:08:41 - Run 1
OTL by OldTimer - Version 3.1.37.3     Folder = C:\Users\Dj Mirente\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 10,45 Gb Free Space | 13,91% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 69,24 Gb Free Space | 35,45% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 73,61 Gb Free Space | 37,69% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DJMIRENTE-PC
Current User Name: Dj Mirente
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Prehliadať v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UACDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"{2FA28330-2028-4033-BD10-425C87EB4D54}" = Nokia Software Updater
"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42B74521-4706-412A-9A27-AED12B83E886}" = Nokia Ovi Application Installer
"{4761EB82-E8BD-45A4-B19B-586FA9D1D7E6}" = Camtasia Studio 6
"{4AE48A64-6C6A-4E5A-95FA-55F5131DECF9}" = Nokia Ovi One Touch Access
"{5636E517-8100-4E2A-B69E-2B16AFFA2360}" = Sony Sound Forge 8.0d
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{625386A4-B6B6-4911-A6E8-23189C3F2D15}" = Microsoft .NET Compact Framework 2.0 SP1
"{6442DEDF-AC2F-4CBA-85DE-42E459C5006C}" = Nokia Ovi Content Copier
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{88EB38EF-4D2C-436D-ABD3-56B232674062}" = ICQ7
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0015-041B-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovak) 2007
"{90120000-0016-041B-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovak) 2007
"{90120000-0018-041B-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovak) 2007
"{90120000-0019-041B-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovak) 2007
"{90120000-001A-041B-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovak) 2007
"{90120000-001B-041B-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovak) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040E-0000-0000000FF1CE}" = Microsoft Office Proof (Hungarian) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-041B-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovak) 2007
"{90120000-0044-041B-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovak) 2007
"{90120000-006E-041B-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovak) 2007
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{9578C0CD-8108-4379-9026-4601F59859A0}" = Google Earth Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{AC76BA86-7AD7-1051-7B44-A93000000001}" = Adobe Reader 9.3 - Slovak
"{B5264B25-8908-49BB-A708-5A70DFBF8094}" = Nokia Ovi Suite
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1" = ConvertXtoDVD 2.1.5.173
"{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT
"{C5E82290-A04A-4389-AD32-B8E745516D92}" = Blaze Media Pro
"{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}" = FlatOut2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D3656CE3-0F62-447F-AEF3-9BF29B6197D9}" = Nokia Photos
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{DF421E99-61E6-4502-92A8-DB5EEB2CAB5A}" = Mega Manager
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{F14B8ECC-BDA0-4987-9201-D7B7DBE11051}" = Nero 7 Ultra Edition
"{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"{FB8148DD-C575-4B0A-9F6C-0CFC46937930}" = Opera 10.10
"{FF34EA62-92C1-41E6-BA64-B2B7ECB53737}" = Nokia Ovi System Utilities
"µTorrent CZ_is1" = µTorrent CZ 1.7.2 (build 3458)
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows Driver Package - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows Driver Package - Nokia Modem  (06/01/2009 7.01.0.4)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AudioCS" = Creative Audio Console
"Blaze Media Pro" = Blaze Media Pro
"Browser Defender_is1" = Browser Defender 2.0.6.11
"BSPlayerp" = BS.Player PRO
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Windows Driver Package - Nokia Modem  (05/22/2008 3.8)
"CamStudio" = CamStudio
"CamStudio Lossless Codec_is1" = CamStudio Lossless Codec v1.4
"CCleaner" = CCleaner (remove only)
"DUMeter3_is1" = DU Meter
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.0.0
"EAX Unified" = EAX Unified
"Fraps" = Fraps (remove only)
"Google Updater" = Google Updater
"Half-Life" = Half-Life
"Half-Life: Opposing Force" = Half-Life: Opposing Force
"Hamachi" = Hamachi 1.0.1.5
"HighGrow Freeware Version 4.20" = HighGrow Freeware Version 4.20
"HijackThis" = HijackThis 2.0.2
"ICQToolbar" = ICQ Toolbar
"ImTOO Video Converter Ultimate" = ImTOO Video Converter Ultimate
"InstallShield_{29F0D899-9614-4EB3-92A8-C9117FE9E405}" = Cobra 11 - Nitro
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein
"KC Softwares VideoInspector_is1" = KC Softwares VideoInspector
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.3.0
"Mafia Game" = Mafia Game
"MediaInfo" = MediaInfo 0.7.28
"MegauploadToolbar" = Megaupload Toolbar
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MyVideoConverter" = MyVideoConverter 1.27
"Nokia Ovi Application Installer" = Nokia Ovi Application Installer 6.85.3011
"Nokia Ovi Content Copier" = Nokia Ovi Content Copier 6.85.3011
"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3011
"Nokia Ovi System Utilities" = Nokia Ovi System Utilities 6.85.3016
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"OJOsoft Total Video Converter_is1" = OJOsoft Total Video Converter
"OpenAL" = OpenAL
"PageNest_is1" = PageNest
"PROPLUS" = Microsoft Office Professional Plus 2007
"R-cube v2.0_is1" = R-cube v2.0
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"SmartMovie Converter" = SmartMovie Converter
"SoftPepper Video Converter 2.0" = SoftPepper Video Converter 2.0
"SpeedFan" = SpeedFan (remove only)
"Spyware Doctor" = Spyware Doctor 7.0
"UltraISO_is1" = UltraISO Premium V8.62
"Update Service" = Update Service
"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions
"VLC media player" = VLC media player 1.0.2
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WinZip" = WinZip
"Wubi" = Ubuntu
"XnView_is1" = XnView 1.93.4
"YRefresher_is1" = Yrefresher 1.00
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"QIP Infium" = QIP Infium 2.0.9032 RC4
"uTorrent" = µTorrent
"Winamp Detect" = Winamp Application Detect
 
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 22. 3. 2010 0:53:37 | Computer Name = DjMirente-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error - 22. 3. 2010 1:24:36 | Computer Name = DjMirente-PC | Source = VSS | ID = 8193
Description = 
 
Error - 22. 3. 2010 3:08:44 | Computer Name = DjMirente-PC | Source = Application Hang | ID = 1002
Description = The program Photoshop.exe version 9.0.0.0 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 1454    Start
 Time: 01cac98e6fce71df    Termination Time: 83    Application Path: C:\Program Files\Adobe\Adobe
 Photoshop CS2\Photoshop.exe    Report Id: bdbfc840-3581-11df-a507-001bfc658dd9  
 
Error - 22. 3. 2010 3:18:16 | Computer Name = DjMirente-PC | Source = VSS | ID = 8193
Description = 
 
Error - 22. 3. 2010 3:24:37 | Computer Name = DjMirente-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error - 22. 3. 2010 3:24:37 | Computer Name = DjMirente-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
 language ID. The first DWORD in the Data section contains the Win32 error code.
 
Error - 22. 3. 2010 3:31:19 | Computer Name = DjMirente-PC | Source = VSS | ID = 8193
Description = 
 
Error - 22. 3. 2010 3:36:23 | Computer Name = DjMirente-PC | Source = VSS | ID = 8193
Description = 
 
Error - 22. 3. 2010 3:39:29 | Computer Name = DjMirente-PC | Source = VSS | ID = 8193
Description = 
 
Error - 22. 3. 2010 12:42:55 | Computer Name = DjMirente-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: iexplore.exe, verzia: 8.0.7600.16385, časová
 značka: 0x4a5bc69e  Názov chybového modulu: PCTBDCore.dll, verzia: 2.0.6.11, časová
 značka: 0x4af8a3c7  Kód výnimky: 0xc0000005  Odstup chyby: 0x000278e6  Identifikácia 
chybného procesu: 0x123c  Čas spustenia chybnej aplikácie: 0x01cac9d10ca3ddb0  Cesta
 chybnej aplikácie: C:\Program Files\Internet Explorer\iexplore.exe  Cesta chybného
 modulu: C:\Windows\PCTBDCore.dll  Identifikácia hlásenia: f69ad740-35d1-11df-a855-001bfc658dd9
 
[ System Events ]
Error - 22. 3. 2010 3:41:33 | Computer Name = DjMirente-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .
 
Error - 22. 3. 2010 3:42:11 | Computer Name = DjMirente-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
 zlyhali pri načítaní:   BTHidMgr  sptd
 
Error - 22. 3. 2010 3:42:17 | Computer Name = DjMirente-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 22. 3. 2010 8:10:30 | Computer Name = DjMirente-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .
 
Error - 22. 3. 2010 8:10:55 | Computer Name = DjMirente-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 13:09:38 on ?22. ?3. ?2010 was unexpected.
 
Error - 22. 3. 2010 8:10:45 | Computer Name = DjMirente-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description = 
 
Error - 22. 3. 2010 8:12:08 | Computer Name = DjMirente-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
 zlyhali pri načítaní:   BTHidMgr  sptd
 
Error - 22. 3. 2010 8:13:39 | Computer Name = DjMirente-PC | Source = sptd | ID = 262148
Description = Driver detected an internal error in its data structures for .
 
Error - 22. 3. 2010 8:14:12 | Computer Name = DjMirente-PC | Source = Service Control Manager | ID = 7026
Description = Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému
 zlyhali pri načítaní:   BTHidMgr  sptd
 
Error - 22. 3. 2010 14:45:25 | Computer Name = DjMirente-PC | Source = Service Control Manager | ID = 7030
Description = Služba ThreatFire je označená ako interaktívna služba. Systém je však
 nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude
 pracovať správne.
 
 
< End of report >
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#6 Příspěvek od djmirente »

Log (OTL) prva cast

Kód: Vybrat vše

OTL logfile created on: 22. 3. 2010 20:08:41 - Run 1
OTL by OldTimer - Version 3.1.37.3     Folder = C:\Users\Dj Mirente\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 43,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 57,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,13 Gb Total Space | 10,45 Gb Free Space | 13,91% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 69,24 Gb Free Space | 35,45% Space Free | Partition Type: NTFS
Drive E: | 195,31 Gb Total Space | 73,61 Gb Free Space | 37,69% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: DJMIRENTE-PC
Current User Name: Dj Mirente
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/03/22 20:07:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Dj Mirente\Desktop\OTL.exe
PRC - [2010/02/05 19:32:57 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2010/01/06 19:09:15 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/20 19:01:18 | 000,832,296 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2009/11/18 12:47:14 | 001,243,088 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2009/11/12 10:03:32 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
PRC - [2009/11/11 10:57:36 | 001,451,520 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PRC - [2009/11/10 10:28:08 | 000,112,592 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
PRC - [2009/11/06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/10/30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2009/10/27 18:36:16 | 001,499,136 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PRC - [2009/10/27 09:15:44 | 000,132,608 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2009/10/27 09:15:02 | 000,120,832 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2009/10/08 12:17:40 | 005,662,720 | ---- | M] (QIP) -- C:\Program Files\QIP Infium\infium.exe
PRC - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files\DU Meter\DUMeterSvc.exe
PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/06/10 22:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
PRC - [2009/03/13 13:13:13 | 001,058,816 | ---- | M] (Hagel Technologies Ltd.) -- C:\Program Files\DU Meter\DUMeter.exe
PRC - [2009/03/04 12:45:36 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\Windows\System32\CtHelper.exe
PRC - [2009/02/28 19:40:38 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files\CyberLink\Shared Files\brs.exe
PRC - [2009/02/16 09:55:38 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/03/22 20:07:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Dj Mirente\Desktop\OTL.exe
MOD - [2009/11/12 10:03:32 | 000,451,856 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\TFEngine\TFWAH.dll
MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2009/11/12 10:03:32 | 000,070,928 | ---- | M] (PC Tools) [On_Demand | Running] -- C:\Program Files\Spyware Doctor\TFEngine\TFService.exe -- (ThreatFire)
SRV - [2009/11/10 10:28:08 | 000,112,592 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2009/11/09 14:37:58 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009/11/06 14:29:22 | 001,141,712 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009/10/30 11:18:16 | 000,359,624 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009/10/27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009/09/04 16:22:56 | 001,391,136 | ---- | M] (Hagel Technologies Ltd.) [Auto | Running] -- C:\Program Files\DU Meter\DUMeterSvc.exe -- (DUMeterSvc)
SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009/07/14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
SRV - [2009/07/14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009/06/10 22:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/06/10 22:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2009/06/10 22:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2009/06/10 22:14:05 | 000,128,848 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetMsmqActivator)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2010/01/06 20:23:37 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2010/01/02 21:03:19 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/01/02 21:03:19 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2009/12/14 12:41:56 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2009/11/13 11:58:58 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/12 10:03:32 | 000,059,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2009/11/12 10:03:32 | 000,051,984 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/11/12 10:03:32 | 000,033,552 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2009/11/09 11:20:12 | 000,207,792 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\PCTCore.sys -- (PCTCore)
DRV - [2009/10/30 11:11:00 | 000,233,136 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\System32\drivers\pctgntdi.sys -- (pctgntdi)
DRV - [2009/10/06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009/10/06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009/10/06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009/10/06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009/09/03 09:45:12 | 000,070,408 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pctplsg.sys -- (pctplsg)
DRV - [2009/07/14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009/07/14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009/07/14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009/07/14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009/07/14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009/07/14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009/07/14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009/07/14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009/07/14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009/07/14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009/07/14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009/07/14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009/07/14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009/07/14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009/07/14 02:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009/07/14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009/07/14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009/07/14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009/07/14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009/07/14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009/07/14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009/07/14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009/07/14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009/07/14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009/07/14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009/07/14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009/07/14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009/07/14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009/07/14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009/07/14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009/07/14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009/07/14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009/07/14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009/07/14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009/07/14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009/07/14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009/07/14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009/07/14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009/07/14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009/07/14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009/07/14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009/07/14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009/07/14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009/07/14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009/07/14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)
DRV - [2009/07/14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009/07/14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009/07/14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009/07/14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009/07/14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009/07/14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009/07/14 00:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)
DRV - [2009/07/14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009/07/14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009/07/13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009/07/13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009/07/13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009/07/13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009/07/13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009/07/13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/07/13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009/07/13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009/07/13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009/03/04 14:46:56 | 000,189,464 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2009/03/04 14:46:48 | 000,162,840 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2009/03/04 14:46:38 | 000,798,744 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2009/03/04 14:46:26 | 000,092,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV - [2009/03/04 14:46:00 | 000,157,208 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2009/03/04 14:45:46 | 000,014,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2009/03/04 14:45:34 | 000,127,512 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2009/03/04 14:45:06 | 000,018,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctgame.sys -- (ctgame)
DRV - [2009/03/04 14:44:54 | 000,347,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2009/03/04 14:44:38 | 000,528,408 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2009/03/04 14:44:26 | 000,511,000 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2009/03/04 14:42:56 | 000,100,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTERFXFX.SYS -- (CTERFXFX.SYS)
DRV - [2009/03/04 14:42:56 | 000,100,888 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTERFXFX.sys -- (CTERFXFX)
DRV - [2009/03/04 14:42:42 | 000,566,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTSBLFX.SYS -- (CTSBLFX.SYS)
DRV - [2009/03/04 14:42:42 | 000,566,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTSBLFX.sys -- (CTSBLFX)
DRV - [2009/03/04 14:42:30 | 000,555,032 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CTAUDFX.SYS -- (CTAUDFX.SYS)
DRV - [2009/03/04 14:42:30 | 000,555,032 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CTAUDFX.sys -- (CTAUDFX)
DRV - [2009/03/04 14:42:16 | 000,099,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\COMMONFX.SYS -- (COMMONFX.SYS)
DRV - [2009/03/04 14:42:16 | 000,099,352 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\COMMONFX.sys -- (COMMONFX)
DRV - [2009/02/28 19:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/11/09 17:40:18] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009/01/15 08:19:00 | 007,740,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/01/07 23:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus)
DRV - [2008/12/07 12:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/07/02 14:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs)
DRV - [2008/05/16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM)
DRV - [2008/05/16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5) Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS)
DRV - [2008/05/16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt) Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM)
DRV - [2008/05/16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus) Sony Ericsson Device 0016 driver (WDM)
DRV - [2008/01/09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2007/04/13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2006/09/24 14:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\Windows\system32\speedfan.sys -- (speedfan)
DRV - [2002/07/17 16:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://ahoolly.com"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.22
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.6.2
FF - prefs.js..extensions.enabledItems: {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.2
FF - prefs.js..extensions.enabledItems: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}:1.0
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009/12/15 17:51:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/03 20:52:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/29 18:56:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/09 18:24:14 | 000,000,000 | ---D | M]
 
[2009/12/15 15:02:20 | 000,000,000 | ---D | M] -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Extensions
[2010/03/22 15:43:14 | 000,000,000 | ---D | M] -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions
[2010/02/03 21:13:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/02/07 15:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
[2010/02/07 15:26:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
[2010/02/07 15:26:41 | 000,000,000 | ---D | M] (FBFan) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
[2010/03/15 09:16:34 | 000,000,000 | ---D | M] (U Flv) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
[2010/02/22 16:04:53 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2009/12/24 12:15:02 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/03/19 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\Dj Mirente\AppData\Roaming\mozilla\Firefox\Profiles\aszpldio.default\extensions\staged-xpis
[2010/03/20 23:45:59 | 000,000,955 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\Mozilla\FireFox\Profiles\aszpldio.default\searchplugins\icqplugin.xml
[2009/12/22 17:05:44 | 000,002,061 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\Mozilla\FireFox\Profiles\aszpldio.default\searchplugins\qipsearch.xml
[2010/03/22 15:28:25 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/01/19 15:33:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2009/10/05 18:34:50 | 000,118,000 | ---- | M] () -- C:\Program Files\Mozilla Firefox\components\qippipe.dll
[2009/12/21 06:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009/11/03 03:17:57 | 000,001,583 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\atlas-sk.xml
[2009/11/03 03:17:57 | 000,001,380 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\azet-sk.xml
[2009/11/03 03:17:57 | 000,001,479 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\dunaj-sk.xml
[2009/11/03 03:17:57 | 000,001,473 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slovnik-sk.xml
[2009/11/03 03:17:57 | 000,001,104 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-sk.xml
[2009/11/03 03:17:57 | 000,000,830 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zoznam-sk.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD                                   )
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD                                   )
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O3 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD                                   )
O3 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O4 - HKLM..\Run: [BDRegion] C:\Program Files\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CTHelper] C:\Windows\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Nokia FastStart] C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe File not found
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RemoteControl9] C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVFGLYJBGI.exe] C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe ()
O4 - HKLM..\Run: [WinsysMon] C:\Users\DJMIRE~1\AppData\Local\Temp\nsg7805.tmp\googletoolbar.exe File not found
O4 - HKU\.DEFAULT..\Run: [DevconDefaultDB] C:\Windows\System32\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-18..\Run: [DevconDefaultDB] C:\Windows\System32\READREG.exe (Creative Technology Limited)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe (Hagel Technologies Ltd.)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [HighGrow] C:\Program Files\HighGrow\HighGrow.exe (Slick Software)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [Infium] C:\Program Files\QIP Infium\infium.exe (QIP)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000..\Run: [uTorrent] C:\Program Files\uTorrent\utorrent.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCpl = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoThumbnail = 0
O7 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinKeys = 0
O7 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Dj Mirente\AppData\LocalLow\Microńoft\redir.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/10/31 20:50:12 | 000,000,103 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/10/30 09:22:37 | 000,000,121 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | M]
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/03/22 20:07:43 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Users\Dj Mirente\Desktop\OTL.exe
[2010/03/22 19:45:25 | 000,059,664 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2010/03/22 19:45:25 | 000,051,984 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2010/03/22 19:45:25 | 000,033,552 | --S- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2010/03/22 14:05:08 | 000,000,000 | ---D | C] -- C:\rsit
[2010/03/22 13:54:56 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Desktop\Spyware.Doctor.with.AntiVirus.v.2010.7.0.0.543
[2010/03/22 13:23:33 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Local\Threat Expert
[2010/03/22 13:14:59 | 000,233,136 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctgntdi.sys
[2010/03/22 13:14:58 | 000,098,600 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctwfpfilter.sys
[2010/03/22 13:14:57 | 000,207,792 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTCore.sys
[2010/03/22 13:14:57 | 000,087,784 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\PCTAppEvent.sys
[2010/03/22 13:14:53 | 000,070,408 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\pctplsg.sys
[2010/03/22 13:14:49 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Roaming\PC Tools
[2010/03/22 13:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010/03/22 13:03:07 | 001,640,400 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2010/03/22 13:03:07 | 000,149,456 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2010/03/22 13:03:06 | 000,165,840 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2010/03/22 12:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2010/03/22 12:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2010/03/22 11:05:36 | 000,000,000 | R--D | C] -- C:\Users\Dj Mirente\Desktop\Gamez
[2010/03/22 08:36:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010/03/22 08:31:39 | 000,000,000 | ---D | C] -- C:\inetpub
[2010/03/22 08:31:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\BestPractices
[2010/03/20 20:08:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/20 16:06:16 | 000,205,155 | -HS- | C] (Microsoft) -- C:\Users\Dj Mirente\AppData\Roaming\cowboy.exe
[2010/03/20 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Local\Sony
[2010/03/20 09:50:53 | 000,000,000 | R--D | C] -- C:\Users\Dj Mirente\Desktop\djmirente_war-board.net
[2010/03/20 09:37:35 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Roaming\GrabPro
[2010/03/20 09:37:35 | 000,000,000 | ---D | C] -- C:\downloads
[2010/03/20 09:37:33 | 000,000,000 | ---D | C] -- C:\Program Files\Orbitdownloader
[2010/03/20 09:37:33 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Roaming\Orbit
[2010/03/17 08:38:10 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\ImTOO Software Studio
[2010/03/17 08:38:09 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Application Data
[2010/03/16 22:07:15 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Roaming\Thinstall
[2010/03/16 16:25:10 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\OJOsoft Corporation
[2010/03/16 16:24:52 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010/03/16 16:24:52 | 000,351,744 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010/03/16 16:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Common Share
[2010/03/16 16:24:51 | 000,000,000 | ---D | C] -- C:\Program Files\OJOsoft
[2010/03/11 10:09:32 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010/03/11 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Games
[2010/03/07 16:35:09 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\NFS SHIFT
[2010/03/07 15:53:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010/03/07 15:53:27 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010/03/07 15:53:27 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010/03/07 15:53:26 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/03/07 15:53:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/03/07 15:53:26 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010/03/07 15:53:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/03/07 15:53:26 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010/03/07 15:53:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010/03/07 15:53:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/03/07 15:53:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/03/07 15:53:26 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010/03/07 15:53:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010/03/07 15:53:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010/03/07 15:53:26 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010/03/07 15:53:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010/03/07 15:53:26 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010/03/07 15:53:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/03/07 15:53:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010/03/07 15:53:26 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010/03/04 08:48:12 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\VirtualDJ
[2010/03/04 08:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010/03/03 08:58:19 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\WebStripper
[2010/03/03 08:58:19 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\AppData\Roaming\WebStripper
[2010/03/03 08:58:17 | 000,000,000 | ---D | C] -- C:\Program Files\Solent
[2010/03/03 08:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\r-cube
[2010/03/01 08:27:33 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\My Downloads
[2010/02/23 12:57:58 | 000,000,000 | ---D | C] -- C:\Users\Dj Mirente\Documents\Camtasia Studio
[2010/02/23 12:57:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2010/02/23 12:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2010/02/23 12:57:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2010/02/23 12:57:16 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010/02/23 12:47:44 | 000,000,000 | ---D | C] -- C:\Fraps
[2010/02/22 17:32:18 | 000,000,000 | ---D | C] -- C:\Program Files\YRefresher
[2010/02/21 10:39:07 | 000,000,000 | ---D | C] -- C:\Program Files\NirSoft
[2010/01/02 20:53:42 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe9222.dll
[2009/12/03 09:20:40 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Dj Mirente\AppData\Roaming\pcouffin.sys
[2009/03/04 12:46:18 | 000,010,752 | ---- | C] ( ) -- C:\Windows\System32\a3d.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#7 Příspěvek od djmirente »

Log (OTL) druha cast

Kód: Vybrat vše

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/03/22 20:20:03 | 004,718,592 | -HS- | M] () -- C:\Users\Dj Mirente\NTUSER.DAT
[2010/03/22 20:08:01 | 000,001,042 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3915007230-3236664037-1421229897-1000UA.job
[2010/03/22 20:07:44 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\Dj Mirente\Desktop\OTL.exe
[2010/03/22 18:43:15 | 000,003,035 | ---- | M] () -- C:\Windows\WDICT32.INI
[2010/03/22 14:52:55 | 000,912,898 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/22 14:52:55 | 000,684,686 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/22 14:52:55 | 000,130,862 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/22 14:52:55 | 000,078,238 | ---- | M] () -- C:\Windows\System32\perfh01B.dat
[2010/03/22 14:52:55 | 000,026,942 | ---- | M] () -- C:\Windows\System32\perfc01B.dat
[2010/03/22 14:05:00 | 000,781,909 | ---- | M] () -- C:\Users\Dj Mirente\Desktop\RSIT.exe
[2010/03/22 13:39:10 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/03/22 13:21:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/22 13:21:16 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/22 13:14:55 | 000,001,926 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/03/22 13:14:03 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/22 13:13:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/22 13:13:47 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/22 13:13:08 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2010/03/22 13:13:08 | 000,031,056 | ---- | M] () -- C:\Windows\System32\BMXState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2010/03/22 13:13:08 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXCtrlState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2010/03/22 13:13:08 | 000,030,528 | ---- | M] () -- C:\Windows\System32\BMXBkpCtrlState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2010/03/22 13:13:08 | 000,011,564 | ---- | M] () -- C:\Windows\System32\DVCState-{00000001-00000000-00000007-00001102-00000004-10071102}.rfx
[2010/03/22 13:12:56 | 000,944,312 | -H-- | M] () -- C:\Users\Dj Mirente\AppData\Local\IconCache.db
[2010/03/22 13:12:54 | 004,931,577 | ---- | M] () -- C:\Windows\{00000001-00000000-00000007-00001102-00000004-10071102}.CDF
[2010/03/22 13:12:54 | 004,931,577 | ---- | M] () -- C:\Windows\{00000001-00000000-00000007-00001102-00000004-10071102}.BAK
[2010/03/22 13:08:00 | 000,000,990 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3915007230-3236664037-1421229897-1000Core.job
[2010/03/22 11:44:00 | 156,001,699 | ---- | M] () -- C:\Users\Dj Mirente\Desktop\Sen Dog - Diary Of A Mad Dog - 2008 up by djmirente.rar
[2010/03/22 11:05:27 | 000,000,961 | ---- | M] () -- C:\Users\Dj Mirente\Desktop\Blaze Media Pro.lnk
[2010/03/20 17:02:52 | 000,574,350 | ---- | M] () -- C:\Users\Dj Mirente\Abstract-city_wallpapers_8769_1920x1200.jpg
[2010/03/20 17:02:12 | 000,321,014 | ---- | M] () -- C:\Users\Dj Mirente\ws_Black_and_White_City_1280x1024.jpg
[2010/03/20 16:58:55 | 000,286,137 | ---- | M] () -- C:\Users\Dj Mirente\yaching-wallpapers.jpg
[2010/03/20 16:11:12 | 000,045,056 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe
[2010/03/20 16:11:12 | 000,020,480 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\scheduler.exe
[2010/03/20 16:11:11 | 000,024,576 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\FileDownloader.exe
[2010/03/20 16:06:53 | 000,007,558 | -HS- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\install.exe
[2010/03/20 16:06:52 | 000,745,472 | -HS- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\pacman.exe
[2010/03/20 16:06:31 | 000,000,369 | -HS- | M] () -- C:\Users\Dj Mirente\AppData\Roaming\svch0st.exe
[2010/03/20 16:06:20 | 000,205,155 | -HS- | M] (Microsoft) -- C:\Users\Dj Mirente\AppData\Roaming\cowboy.exe
[2010/03/19 20:28:23 | 000,000,969 | ---- | M] () -- C:\Users\Dj Mirente\Desktop\SpeedFan.lnk
[2010/03/19 20:28:23 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2010/03/15 22:09:20 | 002,514,408 | ---- | M] () -- C:\Users\Dj Mirente\Kiko beat.mp3
[2010/03/13 11:09:22 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/03/09 12:12:50 | 000,000,050 | ---- | M] () -- C:\Windows\MegaManager.INI
[2010/03/09 08:14:00 | 000,223,560 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/09 08:13:28 | 000,645,104 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/03/08 19:07:05 | 000,000,334 | ---- | M] () -- C:\Users\Dj Mirente\options.ini
[2010/03/07 11:54:09 | 000,442,368 | ---- | M] () -- C:\Users\Dj Mirente\ipscan.exe
[2010/03/06 17:41:30 | 000,032,184 | ---- | M] () -- C:\Users\Dj Mirente\18751_1121057526035_1814973070_245276_5530630_n.jpg
[2010/03/05 12:37:36 | 000,281,028 | ---- | M] () -- C:\Users\Dj Mirente\4-2.JPG
[2010/03/05 12:29:33 | 000,281,150 | ---- | M] () -- C:\Users\Dj Mirente\1.JPG
[2010/03/04 23:11:05 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settingsbkup.sfm
[2010/03/04 23:11:05 | 000,001,080 | ---- | M] () -- C:\Windows\System32\settings.sfm
[2010/02/23 13:11:35 | 000,003,584 | ---- | M] () -- C:\Users\Dj Mirente\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/03/22 14:05:00 | 000,781,909 | ---- | C] () -- C:\Users\Dj Mirente\Desktop\RSIT.exe
[2010/03/22 13:14:59 | 000,007,387 | ---- | C] () -- C:\Windows\System32\drivers\pctgntdi.cat
[2010/03/22 13:14:57 | 000,007,412 | ---- | C] () -- C:\Windows\System32\drivers\PCTAppEvent.cat
[2010/03/22 13:14:57 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctcore.cat
[2010/03/22 13:14:55 | 000,001,926 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2010/03/22 13:14:53 | 000,007,383 | ---- | C] () -- C:\Windows\System32\drivers\pctplsg.cat
[2010/03/22 13:03:07 | 001,640,400 | ---- | C] () -- C:\Windows\PCTBDCore.dll0300.old
[2010/03/22 13:03:07 | 001,152,444 | ---- | C] () -- C:\Windows\UDB.zip
[2010/03/22 13:03:07 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll0300.old
[2010/03/22 13:03:07 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2010/03/22 13:03:07 | 000,149,456 | ---- | C] () -- C:\Windows\SGDetectionTool.dll0300.old
[2010/03/22 13:03:07 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2010/03/22 13:03:07 | 000,000,880 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2010/03/22 13:03:07 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2010/03/22 11:42:31 | 156,001,699 | ---- | C] () -- C:\Users\Dj Mirente\Desktop\Sen Dog - Diary Of A Mad Dog - 2008 up by djmirente.rar
[2010/03/22 11:05:27 | 000,000,961 | ---- | C] () -- C:\Users\Dj Mirente\Desktop\Blaze Media Pro.lnk
[2010/03/22 08:31:49 | 000,078,238 | ---- | C] () -- C:\Windows\System32\perfh01B.dat
[2010/03/22 08:31:49 | 000,026,942 | ---- | C] () -- C:\Windows\System32\perfc01B.dat
[2010/03/20 22:54:07 | 004,931,577 | ---- | C] () -- C:\Windows\{00000001-00000000-00000007-00001102-00000004-10071102}.BAK
[2010/03/20 17:02:52 | 000,574,350 | ---- | C] () -- C:\Users\Dj Mirente\Abstract-city_wallpapers_8769_1920x1200.jpg
[2010/03/20 17:02:11 | 000,321,014 | ---- | C] () -- C:\Users\Dj Mirente\ws_Black_and_White_City_1280x1024.jpg
[2010/03/20 16:58:55 | 000,286,137 | ---- | C] () -- C:\Users\Dj Mirente\yaching-wallpapers.jpg
[2010/03/20 16:11:12 | 000,045,056 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe
[2010/03/20 16:11:11 | 000,024,576 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\FileDownloader.exe
[2010/03/20 16:11:11 | 000,020,480 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\scheduler.exe
[2010/03/20 16:06:53 | 000,007,558 | -HS- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\install.exe
[2010/03/20 16:06:32 | 000,745,472 | -HS- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\pacman.exe
[2010/03/20 16:06:31 | 000,000,369 | -HS- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\svch0st.exe
[2010/03/19 20:28:23 | 000,000,969 | ---- | C] () -- C:\Users\Dj Mirente\Desktop\SpeedFan.lnk
[2010/03/19 20:24:40 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2010/03/15 22:08:49 | 002,514,408 | ---- | C] () -- C:\Users\Dj Mirente\Kiko beat.mp3
[2010/03/08 19:07:05 | 000,000,334 | ---- | C] () -- C:\Users\Dj Mirente\options.ini
[2010/03/07 11:54:06 | 000,442,368 | ---- | C] () -- C:\Users\Dj Mirente\ipscan.exe
[2010/03/06 17:41:30 | 000,032,184 | ---- | C] () -- C:\Users\Dj Mirente\18751_1121057526035_1814973070_245276_5530630_n.jpg
[2010/03/05 12:17:16 | 000,281,028 | ---- | C] () -- C:\Users\Dj Mirente\4-2.JPG
[2010/03/05 12:15:27 | 000,281,150 | ---- | C] () -- C:\Users\Dj Mirente\1.JPG
[2010/02/16 22:48:04 | 000,003,035 | ---- | C] () -- C:\Windows\WDICT32.INI
[2010/02/16 22:47:55 | 000,003,730 | ---- | C] () -- C:\Windows\Translator 2005.INI
[2010/02/04 13:24:30 | 000,004,096 | ---- | C] () -- C:\Windows\System32\detoured.dll
[2010/01/18 21:05:40 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2010/01/12 09:55:01 | 000,000,098 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Local\fusioncache.dat
[2010/01/09 12:20:14 | 000,000,304 | ---- | C] () -- C:\Windows\sierra.ini
[2010/01/07 14:50:05 | 000,003,584 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/09 11:29:21 | 000,087,608 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\inst.exe
[2009/12/03 09:21:18 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009/12/03 09:21:04 | 000,000,034 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\pcouffin.log
[2009/12/03 09:20:40 | 000,081,920 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\ezpinst.exe
[2009/12/03 09:20:40 | 000,007,887 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\pcouffin.cat
[2009/12/03 09:20:40 | 000,001,144 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\pcouffin.inf
[2009/11/30 12:02:30 | 000,000,008 | ---- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\NMM-MetaData.db
[2009/11/10 13:26:35 | 000,003,931 | ---- | C] () -- C:\Windows\Slovnik 2005.INI
[2009/11/09 17:51:30 | 000,163,840 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/11/09 17:51:28 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2009/11/09 17:51:28 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/11/09 17:51:28 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/11/09 17:51:27 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/11/09 17:51:27 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2009/11/09 14:37:26 | 000,146,432 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2009/11/09 14:37:26 | 000,072,704 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/03/04 13:15:26 | 000,049,697 | ---- | C] () -- C:\Windows\System32\instwdm.ini
[2009/03/04 13:15:24 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2009/03/04 12:47:28 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CTBurst.dll
[2008/12/07 12:44:54 | 000,030,088 | ---- | C] () -- C:\Windows\System32\drivers\btnetBus.sys
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2008/06/06 18:13:06 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2007/08/13 20:45:02 | 000,077,824 | ---- | C] () -- C:\Windows\System32\ctmmactl.dll
[2006/10/02 17:25:18 | 000,000,307 | ---- | C] () -- C:\Windows\System32\kill.ini
[2004/10/05 23:37:20 | 000,258,048 | ---- | C] () -- C:\Windows\System32\Manipulate.dll
[2004/08/28 15:00:59 | 000,135,168 | ---- | C] () -- C:\Windows\System32\MPEGCreator.dll
[2004/08/11 12:41:08 | 000,270,336 | ---- | C] () -- C:\Windows\System32\WMVCreator.dll
[2004/08/11 12:03:13 | 000,147,456 | ---- | C] () -- C:\Windows\System32\AVICreator.dll
[2004/05/20 16:50:14 | 001,537,536 | ---- | C] () -- C:\Windows\System32\erdmpg-hi.dll
[2004/02/01 20:21:56 | 000,097,280 | ---- | C] () -- C:\Windows\System32\Uncommon.dll
[2003/11/16 19:32:30 | 001,253,376 | ---- | C] () -- C:\Windows\System32\mptiff.dll
[2003/09/23 13:14:42 | 001,099,264 | ---- | C] () -- C:\Windows\System32\cygxml2-2.dll
[2003/08/10 15:59:20 | 000,980,992 | ---- | C] () -- C:\Windows\System32\cygiconv-2.dll
[2003/08/09 01:28:16 | 000,061,440 | ---- | C] () -- C:\Windows\System32\cygz.dll
[2003/08/07 20:01:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2003/07/31 04:29:08 | 000,061,440 | ---- | C] () -- C:\Windows\System32\comLyricGetter.dll
[2002/11/24 13:40:36 | 000,046,080 | ---- | C] () -- C:\Windows\System32\ac3encode.dll
[2002/08/29 17:33:56 | 000,319,488 | R--- | C] () -- C:\Users\Dj Mirente\AppData\Roaming\MafiaSetup.exe
[1996/04/03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\eventlog.dll /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\scecli.dll /s /md5 >[/color]
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
[color=#A23BEC]< %SYSTEMDRIVE%\netlogon.dll /s /md5 >[/color]
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
[color=#A23BEC]< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >[/color]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
[color=#A23BEC]< %SYSTEMDRIVE%\sceclt.dll /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\logevent.dll /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\iaStor.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\nvstor.sys /s /md5 >[/color]
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
[color=#A23BEC]< %SYSTEMDRIVE%\atapi.sys /s /md5 >[/color]
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
[color=#A23BEC]< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\viasraid.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\AGP440.sys /s /md5 >[/color]
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
[color=#A23BEC]< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\nvatabus.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\viamraid.sys /s /md5 >[/color]
 
[color=#A23BEC]< %SYSTEMDRIVE%\nvata.sys /s /md5 >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#8 Příspěvek od motji »

:arrow: Dejte soubor otestovat na http://www.virustotal.com


C:\Windows\System32\sechost.dll
C:\ProgramData\hpe9222.dll
C:\Users\Dj Mirente\AppData\Roaming\scheduler.exe
C:\Users\Dj Mirente\AppData\Roaming\FileDownloader.exe
C:\Users\Dj Mirente\AppData\Roaming\install.exe
C:\Users\Dj Mirente\AppData\Roaming\pacman.exe
C:\Users\Dj Mirente\AppData\Roaming\svch0st.exe
C:\Users\Dj Mirente\AppData\Roaming\cowboy.exe
C:\Windows\System32\initdebug.nfo
C:\Windows\System32\settingsbkup.sfm
C:\Windows\System32\settings.sfm

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky


:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\URLSearchHook: {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://ahoolly.com"
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files\RelevantKnowledge
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll File not found
O2 - BHO: (GdfrDUEn Class) - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll (TODO: <Company name>)
O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Dj Mirente\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru)
O3 - HKU\S-1-5-21-3915007230-3236664037-1421229897-1000\..\Toolbar\WebBrowser: (RefresherBand Class) - {B24BA06E-FB7B-4757-95C2-DC01125F750E} - C:\Program Files\YRefresher\YRefresher.dll ()
O4 - HKLM..\Run: [TVFGLYJBGI.exe] C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe ()
O4 - HKLM..\Run: [WinsysMon] C:\Users\DJMIRE~1\AppData\Local\Temp\nsg7805.tmp\googletoolbar.exe File not found
O9 - Extra Button: GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O9 - Extra 'Tools' menuitem : GetStyles - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Get Styles\ct.htm File not found
O13 - gopher Prefix: missing
O18 - Protocol\Filter\text/html {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Users\Dj Mirente\AppData\LocalLow\Microńoft\redir.dll ()
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A8ADE5D8

:files
C:\Program Files\RelevantKnowledge
C:\Program Files\Get Styles
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Users\Dj Mirente\AppData\Roaming\TVFGLYJBGI.exe

:COMMANDS
[Reboot]
-klikněte na tlačítko Run fix.
-Následně se pc restartuje.
- Log vložte zde :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#9 Příspěvek od djmirente »

to OTL spravim, ale tomu suboru na Virus total nechapem :oops: co stym mam presnejsie robit, prosim?

/OTL som spravil, lenže, stále mi len tak z ničoho nič otvorí v browsri nejake sproste stranky
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#10 Příspěvek od motji »

V kterém prohlížeči?

:arrow: Otevřete si stránku www.virustotal.com
-kliknete na procházet
-vyběhne na Vás okénko, dole v tom okénku je Název souboru - tam zkopírujete celý název souboru, co jste označila, např. C:\Windows\System32\sechost.dll a dáte odeslat.
-soubor se bude nahrávat, počkáte, až se nahrají výsledky všech antivirů, např 0/40
-až budou výsledky, kliknete nahoru do prohlížeče a zkopírujete adresu ke stránce
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#11 Příspěvek od djmirente »

no toto sa posnazim spravit :lol:
//V opere mi otvorilo nejaku stranku cudnu
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#12 Příspěvek od motji »

:arrow: Stáhněte a uložte na plochu GooredFix

-po staženi spusťte a postupujte podle pokynů
-po ukončení se Vám objeví log, jeho obsah zkopírujte sem (pokud se nezadaři, najdete log na ploše)


:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#13 Příspěvek od djmirente »

Toto je k tomu virustotal, toto som skopiroval z prehliadaca

Kód: Vybrat vše

http://www.virustotal.com/cs/reanalisis.html?eb4d2d127312eb09e2acca3276779e80f90faf77322684babf72b8ec6e1f906c-1269292527
dufam ze je to to, co ste chceli :)



toto je gooredFix

Kód: Vybrat vše

GooredFix by jpshortstuff (08.01.10.1)
Log created at 22:17 on 22/03/2010 (Dj Mirente)
Firefox version 3.5.7 (sk)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07} [14:33 19/01/2010]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [14:02 15/12/2009]
{B13721C7-F507-4982-B2E5-502A71474FED} [17:23 26/02/2010]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [12:38 25/12/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"bkmrksync@nokia.com"="C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\" [16:51 15/12/2009]
"{3112ca9c-de6d-4884-a869-9855de68056c}"="C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}" [19:52 03/02/2010]

-=E.O.F=-
//hned hodim log z MBAM
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: poprosim kontrolu - samo otvara browser

#14 Příspěvek od motji »

Fajn, ale chtěla bych všechny ty soubory, co jsem Vám vypsala :)
A nedávejte to prosím do code, díky :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
djmirente
Návštěvník
Návštěvník
Příspěvky: 127
Registrován: 27 dub 2009 13:38

Re: poprosim kontrolu - samo otvara browser

#15 Příspěvek od djmirente »

Tu je to skontrolovane, MBAM bude este asi dlho trvat, ten sem dam az zajtra
http://www.virustotal.com/cs/reanalisis ... 1269292527

http://www.virustotal.com/cs/reanalisis ... 1269293474

http://www.virustotal.com/cs/reanalisis ... 1269293508

http://www.virustotal.com/cs/reanalisis ... 1269293543

http://www.virustotal.com/cs/reanalisis ... 1269293565

http://www.virustotal.com/cs/reanalisis ... 1269293604

http://www.virustotal.com/cs/reanalisis ... 1269293625

http://www.virustotal.com/cs/reanalisis ... 1269293654

http://www.virustotal.com/cs/reanalisis ... 1269293672

http://www.virustotal.com/cs/analisis/1 ... 1269293687

http://www.virustotal.com/cs/analisis/1 ... 1269293722
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“