Pomalý notebook, vyskakovací okna

Zpráva

tomas05 · #1 Příspěvek od **tomas05** » 21 čer 2010 16:49

Ahoj, sestra si mi stěžovala, že jí dost vyskakují na internetu reklamy. A rychlost taky není závratná. Prosím o kontrolu logu. Díky

Logfile of random's system information tool 1.07 (written by random/random)
Run by uzivatel at 2010-06-21 17:44:47
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 35 GB (37%) free of 94 GB
Total RAM: 3032 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:00, on 21.6.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18470)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Hotkey Utility\tray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
D:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\IEPro\MiniDM.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Users\uzivatel\Desktop\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: CashBackAssistant - {00F5B5BA-E3C2-4b70-BF51-42A557914FAD} - C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.0.0.610\HPIEAddOn.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\2.2.0.2880\NPIEAddOn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe 20100602
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "D:\programy\ICQ6\ICQ.exe" silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\programy\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\programy\ICQ6.5\ICQ.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe

--
End of file - 7854 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - C:\Program Files\IEPro\iepro.dll [2008-12-08 752744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD}]
CashBackAssistant - C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll [2008-12-22 835584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
Media Access Startup - C:\Program Files\Media Access Startup\1.0.0.610\HPIEAddOn.dll [2009-03-18 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}]
NP Helper Class - C:\Program Files\Internet Saving Optimizer\2.2.0.2880\NPIEAddOn.dll [2009-02-17 176128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-07-11 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-07-11 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-07-11 145944]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-06-13 6183456]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-17 102400]
"FIC HotKey"=C:\Program Files\Hotkey Utility\tray.exe [2008-07-23 520192]
"FSCRecovery"=c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe [2008-06-18 268096]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"PCSuiteTrayApplication"=D:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2007-06-18 271360]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"fsc-reg"=C:\fsc-reg\fscreg.exe [2008-08-01 380688]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-09-02 25623336]
"ICQ"=D:\programy\ICQ6\ICQ.exe silent []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10d.exe [2009-10-28 257440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-07-07 208896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7741937d-cbff-11dd-9872-001060d1865e}]
shell\AutoRun\command - G:\PStart.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}]
shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbef4264-f92f-11de-a060-00140b4b8c7a}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}]
shell\AutoRun\command - F:\installer.exe
shell\verb\command - F:\installer.exe

======List of files/folders created in the last 1 months======

2010-06-18 11:58:41 ----D---- C:\rsit
2010-06-18 11:58:41 ----D---- C:\Program Files\trend micro
2010-06-09 11:29:34 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-09 11:27:38 ----A---- C:\Windows\system32\atmlib.dll
2010-06-09 11:27:38 ----A---- C:\Windows\system32\atmfd.dll
2010-06-09 11:11:36 ----A---- C:\Windows\system32\mshtml.dll
2010-06-09 11:11:35 ----A---- C:\Windows\system32\wininet.dll
2010-06-09 11:11:35 ----A---- C:\Windows\system32\occache.dll
2010-06-09 11:11:34 ----A---- C:\Windows\system32\urlmon.dll
2010-06-09 11:11:32 ----A---- C:\Windows\system32\ieframe.dll
2010-06-09 11:11:31 ----A---- C:\Windows\system32\mshtmled.dll
2010-06-09 11:11:31 ----A---- C:\Windows\system32\iertutil.dll
2010-06-09 11:11:31 ----A---- C:\Windows\system32\ieapfltr.dll
2010-06-09 11:11:30 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-09 11:11:30 ----A---- C:\Windows\system32\iepeers.dll
2010-06-09 11:11:30 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-09 11:11:29 ----A---- C:\Windows\system32\mstime.dll
2010-06-09 11:11:29 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-09 11:11:29 ----A---- C:\Windows\system32\ieencode.dll
2010-06-09 11:11:29 ----A---- C:\Windows\system32\ieaksie.dll
2010-06-09 11:11:28 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-09 11:10:22 ----A---- C:\Windows\system32\quartz.dll
2010-06-03 01:15:19 ----D---- C:\Program Files\Microsoft Works
2010-06-03 01:14:55 ----D---- C:\Program Files\Common Files\DESIGNER
2010-06-03 01:14:32 ----D---- C:\Windows\PCHEALTH
2010-06-03 01:14:32 ----D---- C:\Program Files\Microsoft.NET
2010-06-03 01:11:22 ----RHD---- C:\MSOCache
2010-05-30 19:51:04 ----D---- C:\ProgramData\WinZip
2010-05-30 19:49:07 ----D---- C:\ProgramData\Sun
2010-05-30 19:49:06 ----D---- C:\Program Files\Common Files\Java
2010-05-30 19:46:38 ----A---- C:\Windows\system32\javaws.exe
2010-05-30 19:46:38 ----A---- C:\Windows\system32\javaw.exe
2010-05-30 19:46:38 ----A---- C:\Windows\system32\deployJava1.dll
2010-05-30 19:46:37 ----A---- C:\Windows\system32\java.exe
2010-05-26 11:01:13 ----A---- C:\Windows\system32\tzres.dll
2010-05-23 17:49:32 ----A---- C:\Users\uzivatel\AppData\Roaming\vispa.ini

======List of files/folders modified in the last 1 months======

2010-06-21 17:44:56 ----D---- C:\Windows\Temp
2010-06-21 17:41:38 ----D---- C:\Windows\Prefetch
2010-06-18 11:58:41 ----RD---- C:\Program Files
2010-06-18 11:55:01 ----SHD---- C:\System Volume Information
2010-06-18 11:52:32 ----SHD---- C:\Windows\Installer
2010-06-18 10:24:26 ----D---- C:\Windows\System32
2010-06-18 10:24:26 ----D---- C:\Windows\inf
2010-06-18 10:24:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-18 10:20:51 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2010-06-14 13:36:35 ----D---- C:\Windows\system32\catroot2
2010-06-10 09:11:38 ----D---- C:\Windows\winsxs
2010-06-10 09:04:58 ----D---- C:\Windows\Microsoft.NET
2010-06-10 09:04:32 ----RSD---- C:\Windows\assembly
2010-06-10 08:58:19 ----D---- C:\Windows\system32\catroot
2010-06-10 07:43:15 ----D---- C:\Windows\system32\wbem
2010-06-10 07:43:15 ----D---- C:\Program Files\Windows Mail
2010-06-10 07:43:15 ----D---- C:\Program Files\Internet Explorer
2010-06-10 06:49:59 ----D---- C:\ProgramData\Microsoft Help
2010-06-06 03:24:37 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-06 03:08:27 ----SD---- C:\ProgramData\Microsoft
2010-06-06 03:04:54 ----D---- C:\Program Files\Common Files\microsoft shared
2010-06-03 21:07:24 ----D---- C:\Program Files\7-Zip
2010-06-03 01:14:59 ----D---- C:\Program Files\Microsoft Office
2010-06-03 01:14:55 ----D---- C:\Program Files\Common Files
2010-06-03 01:14:40 ----RSD---- C:\Windows\Fonts
2010-06-03 01:14:32 ----D---- C:\Windows
2010-06-03 01:12:49 ----D---- C:\Windows\ShellNew
2010-06-03 00:59:56 ----D---- C:\Program Files\Common Files\System
2010-06-03 00:59:34 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-06-03 00:52:14 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2010-06-03 00:51:24 ----D---- C:\Program Files\MSBuild
2010-06-03 00:45:07 ----A---- C:\Windows\win.ini
2010-06-01 22:18:34 ----D---- C:\Windows\rescache
2010-05-30 19:51:04 ----HD---- C:\ProgramData
2010-05-30 19:46:34 ----D---- C:\Program Files\Java
2010-05-28 21:37:34 ----A---- C:\Windows\system32\mrt.exe
2010-05-27 18:18:37 ----D---- C:\Windows\system32\sk-SK
2010-05-27 18:18:37 ----D---- C:\Windows\system32\pl-PL
2010-05-27 18:18:37 ----D---- C:\Windows\system32\cs-CZ
2010-05-23 19:45:05 ----D---- C:\Users\uzivatel\AppData\Roaming\XnView

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-11-26 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 WINIO;WINIO; \??\C:\Windows\system32\WinIo.sys [2007-01-04 9336]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-11-26 51792]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-07-07 2378752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-06-13 2152344]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-07-08 3662848]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-06-23 62464]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-17 190512]
S3 a4p5acck;a4p5acck; C:\Windows\system32\drivers\a4p5acck.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-05-19 912384]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 Cam5607;BisonCam; C:\Windows\System32\Drivers\BisonC07.sys [2007-10-03 812328]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2008-05-27 173576]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-09-30 308248]
S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2008-04-03 76688]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-04-29 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-04-25 303104]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 21 čer 2010 17:05

Ahoj,

kdyz jsi zacal tykat, budu tez

Akorat navody jsou ve vykani, takze to musis nejak "prezit"

Myslis ze segra by opravu nezvladla, at ji nemusis delat prostrednika pro pokyny

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

C:\fsc-reg\fscreg.exe
Kliknete na Prochazet
Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
Kliknete na Otestovat soubor
Vysledek analyzy sem vlozte (jako odkaz)

Stahnete OTL (viz muj podpis) a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 5min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte

tomas05 · #3 Příspěvek od **tomas05** » 21 čer 2010 18:19

Omlouvám se za svou drzost s tykáním, snad to moc nevadí

Teď už to teda měnit nebudem. Sestra by to asi zvládla i sama se tady domluvit, to určitě ano, ale tak přeci jen by u toho musela strávit svůj drahocený čas a já teď stejně nemám co dělat. A taky se omlouvám za to že to trvá tak dlouho, ale ten scan s OTL rozhodně 5 minut netrval

A teď k věci:

Co se týče toolbarů, tak nějak je v odinstalovat programy nevidím. Který konkrétně myslíš? Jinak já už před časem jí něco odinstalovával, takže nejspíš i ty toolbary a pak tam zbylo něco třeba v registrech. Je to možný?

Odkaz na VirusTotal: http://www.virustotal.com/cs/analisis/c ... 1277136523

http://www.edisk.cz/stahni/92763/Extras ... .99KB.html

http://www.edisk.cz/stahni/00282/OTL.Txt_129.13KB.html

Musel sem to dát na edisk, omezený počet znaků mi to sem nedovolil dát přímo

#4 Příspěvek od **vyosek** » 21 čer 2010 18:26

Tykani mi nevadi, ba naopak, ale ze slusnosti na foru vykam, ale pokud nekdo zacne tykat, rad se prizpusobim

Za toolbary se velice omlouvam, prehlidl jsem do jineho topicu

Pokud nekam uploadujes, je lepsi http://leteckaposta.cz/, ale edisk mi tez nejak nevadi

Pokud je log dlouhy, rozdelujem jej do vice prispevku, tak jak to udelam ted ja a vlozim si je sem, at to mam prehlednejsi (vlozim si teda jen OTL.txt coz lze nazvat hlavnim logem, ten druhy je jen proste neco extra

#5 Příspěvek od **vyosek** » 21 čer 2010 18:27

OTL logfile created on: 21.6.2010 18:26:08 - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\uzivatel\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,21 Gb Total Space | 34,17 Gb Free Space | 37,06% Space Free | Partition Type: NTFS
Drive D: | 197,09 Gb Total Space | 133,07 Gb Free Space | 67,52% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: UZIVATEL-PC
Current User Name: uzivatel
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.21 01:09:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009.10.28 05:31:14 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe
PRC - [2008.12.08 12:35:12 | 000,715,912 | ---- | M] (IE7Pro.com) -- C:\Program Files\IEPro\MiniDM.exe
PRC - [2008.11.26 19:18:51 | 000,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2008.11.26 19:18:46 | 000,155,160 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2008.11.26 19:18:32 | 000,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2008.11.26 19:16:23 | 000,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2008.11.26 19:12:08 | 000,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.07.23 23:00:00 | 000,520,192 | ---- | M] () -- C:\Program Files\Hotkey Utility\tray.exe
PRC - [2008.06.13 13:52:52 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
PRC - [2008.01.21 04:24:49 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007.08.17 14:40:30 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.06.18 16:10:32 | 000,271,360 | ---- | M] (Nokia) -- D:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe
PRC - [2007.06.15 17:55:00 | 000,300,544 | ---- | M] (Nokia.) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.21 01:09:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
MOD - [2008.01.21 04:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008.01.21 04:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2008.11.26 19:18:46 | 000,155,160 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2008.11.26 19:18:32 | 000,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2008.11.26 19:16:23 | 000,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2008.11.26 19:12:08 | 000,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2008.06.20 03:14:31 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008.04.25 15:23:36 | 000,303,104 | ---- | M] (Fujitsu Siemens Computers) [Auto | Running] -- C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.06.15 17:55:00 | 000,300,544 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

========== Driver Services (SafeList) ==========

DRV - [2010.02.28 15:14:29 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.11.26 19:17:36 | 000,111,184 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2008.11.26 19:17:25 | 000,020,560 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2008.11.26 19:17:15 | 000,051,792 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2008.11.26 19:16:38 | 000,050,864 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2008.11.26 19:16:29 | 000,023,152 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2008.07.08 00:00:00 | 003,662,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.07.07 11:15:24 | 002,378,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008.06.23 17:44:54 | 000,062,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2008.06.13 17:10:08 | 002,152,344 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2008.05.19 00:00:00 | 000,912,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008.05.02 13:59:40 | 000,122,368 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008.04.03 14:58:46 | 000,076,688 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2008.01.21 04:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 04:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 04:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 04:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 04:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 04:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 04:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 04:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 04:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 04:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 04:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 04:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 04:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 04:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 04:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 04:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 04:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 04:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 04:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 04:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 04:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007.10.03 12:44:14 | 000,812,328 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BisonC07.sys -- (Cam5607)
DRV - [2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007.08.17 15:12:28 | 000,190,512 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.02.22 12:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007.02.22 12:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007.02.22 12:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007.02.22 12:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2007.01.04 20:15:08 | 000,009,336 | ---- | M] (http://www.internals.com) [Kernel | System | Running] -- C:\Windows\System32\WinIo.sys -- (WINIO)
DRV - [2006.11.02 11:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 11:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 11:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 11:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 11:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 11:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 11:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 11:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 11:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 11:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 11:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 10:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 10:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 10:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 10:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 10:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 10:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 09:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\2.2.0.2880\FF [2009.04.11 01:52:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.0.0.610\FF [2009.04.11 01:52:43 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IE7Pro BHO) - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O2 - BHO: (CashBackAssistant) - {00F5B5BA-E3C2-4b70-BF51-42A557914FAD} - C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll ()
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Media Access Startup) - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.0.0.610\HPIEAddOn.dll ()
O2 - BHO: (NP Helper Class) - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\2.2.0.2880\NPIEAddOn.dll ()
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe ()
O4 - HKLM..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [PCSuiteTrayApplication] D:\programy\Nokia\Nokia PC Suite 6\LaunchApplication.exe (Nokia)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\.DEFAULT..\Run: [Nokia.PCSync] D:\programy\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-18..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\S-1-5-18..\Run: [Nokia.PCSync] D:\programy\Nokia\Nokia PC Suite 6\PcSync2.exe (Time Information Services Ltd.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe (Fujitsu Siemens)
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\Run: [ICQ] D:\programy\ICQ6\ICQ.exe File not found
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe (Adobe Systems, Inc.)
O7 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra Button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\IEPro.dll (IE7Pro.com)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\programy\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\programy\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7741937d-cbff-11dd-9872-001060d1865e}\Shell\AutoRun\command - "" = G:\PStart.exe -- File not found
O33 - MountPoints2\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}\Shell - "" = AutoRun
O33 - MountPoints2\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{bbef4264-f92f-11de-a060-00140b4b8c7a}\Shell - "" = AutoRun
O33 - MountPoints2\{bbef4264-f92f-11de-a060-00140b4b8c7a}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}\Shell\AutoRun\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}\Shell\verb\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008.01.21 04:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.divxa32 - C:\Windows\System32\divxa32.acm (Kristal StudioDFileDescription)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.vorbis - C:\Windows\System32\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()
Drivers32: VIDC.HFYU - C:\Windows\System32\huffyuv.dll (Disappearing Inc.)
Drivers32: vidc.i263 - C:\Windows\System32\I263_32.drv (Intel Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP62 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: VIDC.VP70 - C:\Windows\System32\vp7vfw.dll (On2.com)
Drivers32: VIDC.X264 - C:\Windows\System32\x264vfw.dll ()
Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 7 Days ==========

[2010.06.21 18:21:48 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2010.06.18 11:58:41 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.06.18 11:58:41 | 000,000,000 | ---D | C] -- C:\rsit

========== Files - Modified Within 7 Days ==========

[2010.06.21 18:28:24 | 002,359,296 | -HS- | M] () -- C:\Users\uzivatel\NTUSER.DAT
[2010.06.21 17:41:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.21 01:09:28 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\uzivatel\Desktop\OTL.exe
[2010.06.18 12:19:45 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.18 12:19:45 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.18 10:24:26 | 002,171,922 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.06.18 10:24:26 | 000,653,534 | ---- | M] () -- C:\Windows\System32\perfh015.dat
[2010.06.18 10:24:26 | 000,598,832 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.06.18 10:24:26 | 000,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.06.18 10:24:26 | 000,126,792 | ---- | M] () -- C:\Windows\System32\perfc015.dat
[2010.06.18 10:24:26 | 000,114,992 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.06.18 10:24:26 | 000,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.06.18 10:19:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.18 10:19:34 | 3180,236,800 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.18 10:18:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.06.18 10:18:53 | 000,524,288 | -HS- | M] () -- C:\Users\uzivatel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.06.18 10:18:53 | 000,065,536 | -HS- | M] () -- C:\Users\uzivatel\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.06.17 16:44:22 | 003,256,451 | -H-- | M] () -- C:\Users\uzivatel\AppData\Local\IconCache.db
[2010.06.16 08:18:22 | 000,013,515 | ---- | M] () -- C:\Users\uzivatel\Desktop\uce tahák1.xlsx

========== Files Created - No Company Name ==========

[2010.06.18 11:55:11 | 000,824,681 | ---- | C] () -- C:\Users\uzivatel\Desktop\RSIT.exe
[2010.06.15 21:10:00 | 000,013,515 | ---- | C] () -- C:\Users\uzivatel\Desktop\uce tahák1.xlsx
[2010.02.28 15:14:29 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.12.17 11:14:30 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008.12.17 11:14:29 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2008.12.17 11:14:28 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008.12.17 11:14:28 | 002,283,027 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2008.12.17 11:14:28 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008.12.17 11:14:28 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.12.17 11:14:27 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008.12.17 11:14:27 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008.09.09 02:00:10 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.09.09 01:59:55 | 000,015,190 | ---- | C] () -- C:\Windows\M3000Twn.ini
[2008.09.09 01:57:00 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1518.dll
[2008.04.25 15:23:38 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll
[2007.03.30 00:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2010.02.10 22:49:55 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\ICQ
[2009.08.22 23:26:01 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\MiniDm
[2009.07.18 15:20:14 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\PC Suite
[2010.02.28 15:20:09 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
[2008.12.28 21:40:04 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ICQ
[2009.02.04 21:15:00 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Inkscape
[2008.12.29 01:29:21 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\MiniDm
[2009.01.17 00:36:18 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nokia
[2009.04.16 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nokia Multimedia Player
[2008.12.17 11:25:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\OpenOffice.org
[2009.01.17 00:44:30 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PC Suite
[2009.01.29 12:05:40 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PeerNetworking
[2008.12.17 13:08:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Thinstall
[2010.05.23 19:45:05 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\XnView
[2008.12.17 11:33:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Zoner
[2010.06.18 10:18:55 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

#6 Příspěvek od **vyosek** » 21 čer 2010 18:27

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2008.01.21 04:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" = rundll32.exe oobefldr.dll,ShowWelcomeCenter -- [2008.01.21 04:23:39 | 002,153,472 | ---- | M] (Microsoft Corporation)
"fsc-reg" = C:\fsc-reg\fscreg.exe 20100602 -- [2008.08.01 15:28:36 | 000,380,688 | ---- | M] (Fujitsu Siemens)
"ehTray.exe" = C:\Windows\ehome\ehTray.exe -- [2008.01.21 04:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2009.09.02 15:27:36 | 025,623,336 | R--- | M] (Skype Technologies S.A.)
"ICQ" = "D:\programy\ICQ6\ICQ.exe" silent -- File not found
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2008.12.17 14:13:08 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Adobe
[2010.02.28 15:20:09 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
[2008.12.28 21:40:04 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\ICQ
[2008.12.16 16:49:14 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Identities
[2009.02.04 21:15:00 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Inkscape
[2008.12.17 14:55:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Macromedia
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Media Center Programs
[2009.06.08 08:44:46 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Media Player Classic
[2010.06.03 00:52:14 | 000,000,000 | --SD | M] -- C:\Users\uzivatel\AppData\Roaming\Microsoft
[2008.12.29 01:29:21 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\MiniDm
[2009.11.01 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Mozilla
[2008.12.17 13:09:50 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nero
[2009.01.17 00:36:18 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nokia
[2009.04.16 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Nokia Multimedia Player
[2008.12.17 11:25:54 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\OpenOffice.org
[2009.01.17 00:44:30 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PC Suite
[2009.01.29 12:05:40 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\PeerNetworking
[2008.12.17 11:14:26 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Real
[2010.06.18 10:20:51 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Skype
[2010.01.31 17:47:31 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\skypePM
[2008.12.17 13:08:15 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Thinstall
[2008.12.17 13:14:12 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\vlc
[2009.03.08 01:13:17 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\WinRAR
[2010.05.23 19:45:05 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\XnView
[2008.12.17 11:33:22 | 000,000,000 | ---D | M] -- C:\Users\uzivatel\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2009.10.24 09:41:36 | 001,961,720 | ---- | M] (Adobe Systems Incorporated) -- C:\Users\uzivatel\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe

< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.05.27 13:55:54 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_c617648e\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.06.03 05:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\drivers\atapi.sys
[2008.06.03 05:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008.06.03 05:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008.06.03 05:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008.06.03 05:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009.04.11 08:27:20 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=10761177A6EBE45843F443E99509F5E7 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6002.18005_none_e3df6655bee2ee3b\autochk.exe
[2008.01.21 04:24:45 | 000,642,560 | ---- | M] (Microsoft Corporation) MD5=2FC5BE79B51714B479809358E4908FC3 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe
[2008.05.08 04:45:15 | 000,640,512 | ---- | M] (Microsoft Corporation) MD5=869204EA6335A103632F61E2E7EB1328 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6000.20831_none_e077dddaddcf9c19\autochk.exe
[2008.05.08 04:48:15 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=FBD95FAF4A26FBE661A747BE44071696 -- C:\Windows\System32\autochk.exe
[2008.05.08 04:48:15 | 000,643,072 | ---- | M] (Microsoft Corporation) MD5=FBD95FAF4A26FBE661A747BE44071696 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.22175_none_e236dc12db130503\autochk.exe

< MD5 for: CDROM.SYS >
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\drivers\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_a29e71c6\cdrom.sys
[2008.01.21 04:23:02 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=1EC25CEA0DE6AC4718BF89F9E1778B57 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.0.6001.18000_none_5fa95be2a3c76a4a\cdrom.sys
[2009.04.11 06:39:17 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=6B4BFFB9BECD728097024276430DB314 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_cdrom.inf_31bf3856ad364e35_6.0.6002.18005_none_6194d4eea0e93596\cdrom.sys
[2006.11.02 10:51:44 | 000,067,072 | ---- | M] (Microsoft Corporation) MD5=8D1866E61AF096AE8B582454F5E4D303 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_e487f727\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\System32\cryptsvc.dll
[2008.01.21 04:24:35 | 000,128,000 | ---- | M] (Microsoft Corporation) MD5=6DE363F9F99334514C46AEC02D3E3678 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[2009.04.11 08:28:18 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=FB27772BEAF8E1D28CCD825C09DA939B -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: HAL.DLL >
[2008.07.04 12:44:03 | 000,177,208 | ---- | M] (Microsoft Corporation) MD5=78065E09AEC2BDDE5730CC1BB5AFAD95 -- C:\Windows\System32\hal.dll

< MD5 for: IASTOR.SYS >
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\drivers\iaStor.sys
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_7baf6192\iaStor.sys
[2007.09.30 00:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_41af7b1f\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2006.11.02 11:50:24 | 000,047,208 | ---- | M] (Microsoft Corporation) MD5=350FCA7E73CF65BCEF43FAE1E4E91293 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\drivers\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\isapnp.sys
[2008.01.21 04:23:01 | 000,049,720 | ---- | M] (Microsoft Corporation) MD5=6C70698A3E5C4376C6AB5C7C17FB0614 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.06.15 14:51:56 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=203D86EBD6D8E4C8501B222421E81506 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[2009.09.10 16:44:14 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=2D3AC5E7AC01E905F3ABD2D745FE3A9B -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[2009.06.15 14:48:49 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=3978F3540329E16C0AC3BCF677E5669F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[2009.02.13 09:26:04 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=59DE082968FDD257FFF0D209B9A5B460 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[2009.06.15 15:03:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=6F1F23D3599EAE17734451936B7F17C6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\System32\lsass.exe
[2009.06.15 14:57:59 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=A911ECAC81F94ADEAFBE8E3F7873EDB0 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[2009.02.13 06:58:37 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=AFF8A58280863629CA4FFA9E0B259F1E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[2009.06.15 14:59:08 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=BA9A67672E025078C77967731BCFC560 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[2009.06.15 15:10:12 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=C731B1FE449D4E9CEA358C9D55B69BE9 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[2009.09.09 13:09:38 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=CB7E838C140B4087B2DA323F2D4523C5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[2009.09.10 16:47:51 | 000,007,680 | ---- | M] (Microsoft Corporation) MD5=D09A5DA84B7C9CA9B02EBCD7FAE41C8D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[2008.01.21 04:24:15 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=DCF733788C7D088D814E5F80EB4B3E0F -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[2009.02.13 10:20:29 | 000,009,728 | ---- | M] (Microsoft Corporation) MD5=F4C62B07E5BF96F1FDCA9DB393ECED22 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe

< MD5 for: NDIS.SYS >
[2009.04.11 08:32:49 | 000,527,848 | ---- | M] (Microsoft Corporation) MD5=1357274D1883F68300AEADD15D7BBB42 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\System32\drivers\ndis.sys
[2008.01.21 04:23:50 | 000,529,464 | ---- | M] (Microsoft Corporation) MD5=9BDC71790FA08F0A0B5F10462B1BD0B1 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVRAID.SYS >
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\drivers\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvraid.sys
[2008.01.21 04:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) MD5=2EDF9E7751554B42CBB60116DE727101 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvraid.sys
[2006.11.02 11:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) MD5=E69E946F80C1C31C53003BFBF50CBB7C -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: SMSS.EXE >
[2008.07.16 03:27:33 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6156CBDEF6E324824ABAC3C7DD813F60 -- C:\Windows\System32\smss.exe
[2008.07.16 03:27:33 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6156CBDEF6E324824ABAC3C7DD813F60 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.22223_none_acb1a7b4325cc092\smss.exe
[2008.01.21 04:23:50 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=6701DDAF68BEDE6BBEEA9D514D73A35B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6001.18000_none_ac3aa7fd19319fba\smss.exe
[2008.07.16 03:28:34 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=847903981B1110BA81FE18283F21E9F5 -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6000.20878_none_aa9a5ae4355a3a09\smss.exe
[2009.04.11 08:28:04 | 000,064,000 | ---- | M] (Microsoft Corporation) MD5=98AF15A94CD6AC37248E72E5FE789B35 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-smss_31bf3856ad364e35_6.0.6002.18005_none_ae26210916536b06\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008.01.21 04:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: TCPIP.SYS >
[2008.04.26 10:08:16 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=01EC1E92595F839BEE70D439C46796E3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[2009.04.11 08:33:02 | 000,897,000 | ---- | M] (Microsoft Corporation) MD5=0E6B0885C3D5E4643ED2D043DE3433D8 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[2009.12.08 22:52:30 | 000,897,624 | ---- | M] (Microsoft Corporation) MD5=1ACBB7A47E78F4CC82D2EFFB72901528 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[2009.08.15 23:30:53 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=2512B4D1353370D6688B1AF1F5AFA1CF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[2009.08.14 19:01:55 | 000,900,168 | ---- | M] (Microsoft Corporation) MD5=2608E71AAD54564647D4BB984E1925AA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[2010.02.18 13:51:51 | 000,818,688 | ---- | M] (Microsoft Corporation) MD5=2C1F7005AA3B62721BFDB307BD5F5010 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\System32\drivers\tcpip.sys
[2010.02.18 16:49:38 | 000,898,952 | ---- | M] (Microsoft Corporation) MD5=2EAE4500984C2F8DACFB977060300A15 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[2009.08.14 16:24:47 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=300208927321066EA53761FDC98747C6 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[2009.12.08 22:15:00 | 000,907,832 | ---- | M] (Microsoft Corporation) MD5=46E6685F3E92AEC743773ADD4CD54F57 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[2010.02.18 16:07:16 | 000,904,576 | ---- | M] (Microsoft Corporation) MD5=48CBE6D53632D0067C2D6B20F90D84CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[2010.02.18 14:05:37 | 000,815,104 | ---- | M] (Microsoft Corporation) MD5=4A82FA8F0DF67AA354580C3FAAF8BDE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[2009.12.08 22:37:09 | 000,900,696 | ---- | M] (Microsoft Corporation) MD5=5653230D480A9C54D169E1B080B72CF5 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[2009.08.14 18:27:34 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=65877AA1B6A7CB797488E831698973E9 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[2008.04.26 10:26:49 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=82E266BEE5F0167E41C6ECFDD2A79C02 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[2009.12.08 19:58:13 | 000,813,568 | ---- | M] (Microsoft Corporation) MD5=8734BD051FFDCBF8425CF222141C3741 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[2009.08.14 19:07:56 | 000,897,608 | ---- | M] (Microsoft Corporation) MD5=8A7AD2A214233F684242F289ED83EBC3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[2010.02.18 19:36:50 | 000,902,024 | ---- | M] (Microsoft Corporation) MD5=93A5655CD9CD2F080EF1CB71A3666215 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[2009.12.08 19:45:32 | 000,816,640 | ---- | M] (Microsoft Corporation) MD5=CA3A5756672013A66BB9D547A5A62DCA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[2010.02.18 16:22:11 | 000,910,216 | ---- | M] (Microsoft Corporation) MD5=D9F5DD5BBC8348E8F8220CCBF14C022E -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[2009.12.08 22:01:08 | 000,904,776 | ---- | M] (Microsoft Corporation) MD5=DA467E7619AE5F4588E6262C13C8940A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[2008.01.21 04:25:03 | 000,891,448 | ---- | M] (Microsoft Corporation) MD5=FC6E2835D667774D409C7C7021EAF9C4 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[2009.08.14 18:33:50 | 000,905,784 | ---- | M] (Microsoft Corporation) MD5=FF71856BD4CD6D4367F9FD84BE79A874 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\15d05090e6f876555f2419af621dda9f\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\ws2_32.dll
[2008.01.21 04:24:48 | 000,179,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008.01.21 04:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2008.01.21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.02.28 15:14:29 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >
[2008.09.09 02:13:53 | 028,893,184 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.09.09 02:13:25 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.09.09 02:13:54 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2008.09.09 02:14:02 | 018,444,288 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2008.09.09 02:14:04 | 006,705,152 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008.01.21 04:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2008.01.21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
< End of report >

#7 Příspěvek od **vyosek** » 21 čer 2010 18:45

Spustte znovu OTL

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

:otl
IE - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\..\URLSearchHook: - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\..\Toolbar\WebBrowser: (no name) - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - No CLSID value found.
O4 - HKU\S-1-5-21-2678621169-3159176939-3084969137-1000..\Run: [ICQ] D:\programy\ICQ6\ICQ.exe File not found
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab  (Reg Error: Key error.)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s

:reg
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7741937d-cbff-11dd-9872-001060d1865e}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbef4264-f92f-11de-a060-00140b4b8c7a}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}]

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]

Nasledne kliknete na Opravit
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Z OTL vsak neni videt nic co by vyskakovaci okna mohlo zpusobovat, udelej tedy sken a mazani pomoci SAS dle riffova navodu zde http://www.viry.cz/forum/viewtopic.php?t=51359 - pokud by se ti podarilo udelat i log, rad jej uvidim

tomas05 · #8 Příspěvek od **tomas05** » 21 čer 2010 19:04

Tak tady je log po restartu, na ten SAS se teprve vrhnu:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}\ not found.
Registry value HKEY_USERS\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP253D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3D8E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4E5F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPACA6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7741937d-cbff-11dd-9872-001060d1865e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7741937d-cbff-11dd-9872-001060d1865e}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{77cfbee9-246b-11df-b0ce-00140b4b8c7a}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bbef4264-f92f-11de-a060-00140b4b8c7a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bbef4264-f92f-11de-a060-00140b4b8c7a}\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c959bd2d-e9b4-11de-b02e-00140b4b8c7a}\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 18691272 bytes
->Temporary Internet Files folder emptied: 197563934 bytes
->Java cache emptied: 25802292 bytes
->Flash cache emptied: 10039 bytes

User: Public

User: uzivatel
->Temp folder emptied: 258564392 bytes
->Temporary Internet Files folder emptied: 545419666 bytes
->Java cache emptied: 25803473 bytes
->Flash cache emptied: 2060074 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 64926195 bytes
RecycleBin emptied: 399534246 bytes

Total Files Cleaned = 1 467,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Public

User: uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.6.1 log created on 06212010_194829

Files\Folders moved on Reboot...
C:\Users\uzivatel\AppData\Local\Temp\Low\zd5\CFC.db3 moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\uzivatel\AppData\Roaming\Low\Internet Saving Optimizer\2.2.0.2880\NP_20100621-175643.658.log moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VX5REYHO\afr[2].htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VX5REYHO\indexCAJEXSPM.htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VX5REYHO\viewtopic[1].htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UE55THBZ\afr[1].htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S2UUIULJ\indexCAS0Q3ZF.htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QQJQSK3M\afr[1].htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QQJQSK3M\indexCAJ9YDM9.htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QQJQSK3M\indexCAJX6052.htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QQJQSK3M\index[3].htm moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\A0AB7674-8D67-4F4D-B5E1-96FAEADFB79D.dat moved successfully.
C:\Users\uzivatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#9 Příspěvek od **vyosek** » 21 čer 2010 19:08

OK, pockam na log z SAS a hlavne na info co pacient

tomas05 · #10 Příspěvek od **tomas05** » 21 čer 2010 20:40

Omlouvám se za pomalost, ale trvalo to více než hodinu. Našlo mi to toto:

http://yfrog.com/85sasvj
A takhle se mi to pak objevilo na monitoru po tom scanu. Můžu zaškrtnout i tu třetí položku? Ty ostatní se mi automaticky zaškrtly, nevím proč tahle ne, tak se radši ptám

Potom vím jak dál pokračovat, ale zatím chci jen vědět, jestli to můžu zaškrtnout

#11 Příspěvek od **vyosek** » 21 čer 2010 20:43

V pohode nic se nedeje, jsou tu skeny i na 4 ci 12 hodin

JJ zaskrtni i tu tu posledni...pak mi sem hod log

tomas05 · #12 Příspěvek od **tomas05** » 21 čer 2010 21:00

Tak tady je konečně log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 06/21/2010 at 09:26 PM

Application Version : 4.39.1002

Core Rules Database Version : 5097
Trace Rules Database Version: 2909

Scan type : Complete Scan
Total Scan Time : 00:56:32

Memory items scanned : 643
Memory threats detected : 2
Registry items scanned : 9165
Registry threats detected : 108
File items scanned : 29059
File threats detected : 206

Adware.Generic
C:\PROGRAM FILES\MEDIA ACCESS STARTUP\1.0.0.610\HPIEADDON.DLL
C:\PROGRAM FILES\MEDIA ACCESS STARTUP\1.0.0.610\HPIEADDON.DLL
C:\PROGRAM FILES\INTERNET SAVING OPTIMIZER\2.2.0.2880\NPIEADDON.DLL
C:\PROGRAM FILES\INTERNET SAVING OPTIMIZER\2.2.0.2880\NPIEADDON.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25B8D58C-B0CB-46b0-BA64-05B3804E4E86}
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\InprocServer32
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\InprocServer32#ThreadingModel
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\ProgID
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\Programmable
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\TypeLib
HKCR\CLSID\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}\VersionIndependentProgID
HKCR\ExplorerBar.FunExplorer.1
HKCR\ExplorerBar.FunExplorer.1\CLSID
HKCR\ExplorerBar.FunExplorer
HKCR\ExplorerBar.FunExplorer\CLSID
HKCR\ExplorerBar.FunExplorer\CurVer
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}\1.0
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}\1.0\0
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}\1.0\0\win32
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}\1.0\FLAGS
HKCR\TypeLib\{AC5AB953-ED25-4f9c-87F0-B086B0178FFA}\1.0\HELPDIR
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35B8D58C-B0CB-46b0-BA64-05B3804E4E86}
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\InprocServer32
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\InprocServer32#ThreadingModel
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\ProgID
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\Programmable
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\TypeLib
HKCR\CLSID\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}\VersionIndependentProgID
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}\1.0
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}\1.0\0
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}\1.0\0\win32
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}\1.0\FLAGS
HKCR\TypeLib\{C28A0312-C403-417b-A425-A915BC0519CD}\1.0\HELPDIR
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{35B8D58C-B0CB-46B0-BA64-05B3804E4E86}
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}\ProxyStubClsid
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}\ProxyStubClsid32
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}\TypeLib
HKCR\Interface\{6160F76A-1992-4B17-A32D-0C706D159105}\TypeLib#Version
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}\ProxyStubClsid
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}\ProxyStubClsid32
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}\TypeLib
HKCR\Interface\{877F3EAB-4462-44DF-8475-6064EAFD7FBF}\TypeLib#Version

Adware.DoubleD
HKLM\Software\Classes\CLSID\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD}
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\Implemented Categories
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\InprocServer32
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\InprocServer32#ThreadingModel
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\ProgID
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\Programmable
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\TypeLib
HKCR\CLSID\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}\VersionIndependentProgID
HKCR\ExplorerBar.CashBackAssistant.1
HKCR\ExplorerBar.CashBackAssistant.1\CLSID
HKCR\ExplorerBar.CashBackAssistant
HKCR\ExplorerBar.CashBackAssistant\CLSID
HKCR\ExplorerBar.CashBackAssistant\CurVer
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}\1.0
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}\1.0\0
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}\1.0\0\win32
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}\1.0\FLAGS
HKCR\TypeLib\{D1AAD553-DC21-471f-88E0-F58BE109038D}\1.0\HELPDIR
C:\PROGRAM FILES\NICE PROSPER\CASHBACKASSISTANT\CASHBACKASSISTANTIE.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD}
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00F5B5BA-E3C2-4B70-BF51-42A557914FAD}
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\DoubleD
HKLM\Software\DoubleD
HKLM\Software\DoubleD\DoubleD
C:\Program Files\DoubleD
HKCR\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1}
HKCR\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1}\ProxyStubClsid
HKCR\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1}\ProxyStubClsid32
HKCR\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1}\TypeLib
HKCR\Interface\{6998957E-00F9-4DAC-BBB1-C0CA721376C1}\TypeLib#Version

Adware.SystemSearchDispatch
HKLM\Software\Classes\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\InprocServer32
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\InprocServer32#ThreadingModel
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\ProgID
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\Programmable
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\TypeLib
HKCR\CLSID\{CDBFB47B-58A8-4111-BF95-06178DCE326D}\VersionIndependentProgID
HKCR\ExplorerBar.FunRedirector.1
HKCR\ExplorerBar.FunRedirector.1\CLSID
HKCR\ExplorerBar.FunRedirector
HKCR\ExplorerBar.FunRedirector\CLSID
HKCR\ExplorerBar.FunRedirector\CurVer
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}\1.0
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}\1.0\0
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}\1.0\0\win32
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}\1.0\FLAGS
HKCR\TypeLib\{883DFC00-8A21-411d-956C-73A4E4B7D16F}\1.0\HELPDIR
C:\PROGRAM FILES\SYSTEM SEARCH DISPATCHER\1.2.0.750\SSD.DLL
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDBFB47B-58A8-4111-BF95-06178DCE326D}
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\eacore.mx
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLDynamic.mx
C:\Program Files\System Search Dispatcher\1.2.0.750\Data\URLStatic.mx
C:\Program Files\System Search Dispatcher\1.2.0.750\Data
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.dat
C:\Program Files\System Search Dispatcher\1.2.0.750\unins000.exe
C:\Program Files\System Search Dispatcher\1.2.0.750
C:\Program Files\System Search Dispatcher
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}\ProxyStubClsid
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}\ProxyStubClsid32
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}\TypeLib
HKCR\Interface\{480098C6-F6AD-4C61-9B5C-2BAE228A34D1}\TypeLib#Version

Adware.DesktopSmileyToolbar
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}
HKCR\CLSID\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}

Adware.Tracking Cookie
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@ad2.billboard[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@ad.yieldmanager[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@statse.webtrendslive[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@atdmt[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@atwola[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@doubleclick[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@statcounter[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\uzivatel@toplist[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\guest@atwola[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@www.lupomedia[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@doubleclick[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@cgm.adbureau[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@www.pornhub[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ad2.billboard[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@stats.pocitacova-skola[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@statse.webtrendslive[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ad1.proklik[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@counter.cnw[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@media.sparta[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@server.cpmstar[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@pornuj[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@tradedoubler[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@elektromedia[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@livesex[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@www.sexklik[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@pornhub[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@toplist[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@etargetnet[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@toplist[2].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@ad-elektro[1].txt
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Cookies\Low\guest@atdmt[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@traffic[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@openads1.bpa[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@imrworldwide[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@content.yieldmanager[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sexus[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sexum[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sex-porno-zadarmo[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@content.yieldmanager[3].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.serial-online[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.calzedonia[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@doubleclick[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad.yieldmanager[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.googleadservices[3].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.livesport[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@mywebsearch[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.seminarky[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.googleadservices[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@msnaccountservices.112.2o7[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@soundtrack[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@revsci[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshopik[3].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshopik[4].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshopik[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshopik[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@statcounter[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@partyaccount[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad2.billboard[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@smileycentral[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@pornuj[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@cms.trafficmp[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@audit.median[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@etargetnet[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad.iluze[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@autoscout24.112.2o7[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@pornhub[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@dawexxx.webnode[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad.ck[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexyhracky[3].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@adfarm1.adition[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sexshop[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@statse.webtrendslive[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexyhracky[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@viacom.adbureau[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@adx.fotoaparat[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@media6degrees[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@livesex[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@aff.primaryads[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@toplist[3].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@toplist[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@invitemedia[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@account.live[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@hardsextube[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@atdmt[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@pornacek[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@azjmp[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.etracker[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@megaporn[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sexshopik[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@popularscreensavers[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@burstnet[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sexshop1[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@adbrite[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@wareznet[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@mediaplex[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@bs.serving-sys[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad.play[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@serial-online[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.pornhub[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.superstudent[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@janbecher.multimedia[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@himedia.individuad[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www2.sexshop1[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshop[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads2.rrm[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@counter.cnw[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@adtech[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@serving.adsrevenue.clicksor[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@fuckpartner[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@apmebf[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexklik[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@dztadserver.dx-work[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@sex-porno-zadarmo[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad1.proklik[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.usenext[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@tribalfusion[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@tripod[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad.zanox[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.sa[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.pornovideos[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@media.sparta[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ad2.doublepimp[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@serving-sys[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@porno-zdarma[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.bstats[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@fastclick[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@snowboard-zezula[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@lfstmedia[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@pornovideos[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@winzip.122.2o7[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@specificclick[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@indextools[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.glispa[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@server.cpmstar[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.czech-sex[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.riverbelle[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@hypersexshop[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@www.sexshop1[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@serialkeys.svetu[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@instantscreensaver[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@elkjop.112.2o7[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@financefinder[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@trafficmp[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@banner.mmspektrum[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@tradedoubler[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@adultfriendfinder[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@counter.umstudio[1].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@partypoker[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@2o7[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@ads.monster[2].txt
C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Cookies\Low\uzivatel@secure.partyaccount[2].txt

Adware.MediaAccessStartup
C:\Program Files\Media Access Startup\1.0.0.610\Data\config.md
C:\Program Files\Media Access Startup\1.0.0.610\Data
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome\content\HPAddOn.js
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome\content\HPAddOn.xul
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome\content
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome\HPAddOn.jar
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome
C:\Program Files\Media Access Startup\1.0.0.610\FF\chrome.manifest
C:\Program Files\Media Access Startup\1.0.0.610\FF\components\HPFFAddOn.dll
C:\Program Files\Media Access Startup\1.0.0.610\FF\components\HPFFAddOn.xpt
C:\Program Files\Media Access Startup\1.0.0.610\FF\components\HPFFHelperComponent.js
C:\Program Files\Media Access Startup\1.0.0.610\FF\components
C:\Program Files\Media Access Startup\1.0.0.610\FF\install.rdf
C:\Program Files\Media Access Startup\1.0.0.610\FF
C:\Program Files\Media Access Startup\1.0.0.610\HPCommon.dll
C:\Program Files\Media Access Startup\1.0.0.610\hppx.exe
C:\Program Files\Media Access Startup\1.0.0.610\unins000.dat
C:\Program Files\Media Access Startup\1.0.0.610\unins000.exe
C:\Program Files\Media Access Startup\1.0.0.610
C:\Program Files\Media Access Startup
HKU\S-1-5-21-2678621169-3159176939-3084969137-1000\Software\Media Access Startup

Adware.JuicyAccess
C:\Program Files\DoubleD\JuicyAccess Toolbar\3.10.0.11120
C:\Program Files\DoubleD\JuicyAccess Toolbar

Adware.DoubleD/ISO
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\adwpx.exe
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\Data\config.md
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\Data
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome\content\NPAddOn.js
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome\content\NPAddOn.xul
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome\content
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome\NPAddOn.jar
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\chrome.manifest
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\components\NPFFAddOn.dll
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\components\NPFFAddOn.xpt
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\components\NPFFHelperComponent.js
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\components
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF\install.rdf
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\FF
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\NPCommon.dll
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\unins000.dat
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880\unins000.exe
C:\Program Files\INTERNET SAVING OPTIMIZER\2.2.0.2880
C:\Program Files\INTERNET SAVING OPTIMIZER

#13 Příspěvek od **vyosek** » 21 čer 2010 21:15

No hezka sbirka

Co na to nas pacient, jak se chova

tomas05 · #14 Příspěvek od **tomas05** » 21 čer 2010 21:18

Jestli tím myslíš jestli už okna nevyskakují, tak zatím sem nic neviděl. Vrátím notebook a ona uvidí, jestli se to zlepšilo. Jinak máš ještě nějaké nápady?

#15 Příspěvek od **vyosek** » 21 čer 2010 21:21

Dle meho by mel byt problem pryc, ale uvidime co rekne segra

At se pak uz klidne ozve i ona - ceka nas jen uklid a kontrola

VIRY.CZ

Pomalý notebook, vyskakovací okna

Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna

Re: Pomalý notebook, vyskakovací okna